Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://accs-homelog.github.io/

Overview

General Information

Sample URL:	http://accs-homelog.github.io/
Analysis ID:	1520248
Infos:

Detection

HTMLPhisher

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish64

Phishing site detected (based on logo match)

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Form action URLs do not match main URL

HTML body contains low number of good links

HTML title does not match URL

Suspicious form URL found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 8 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2028,i,9282736922343624635,9867241186984207605,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6352 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://accs-homelog.github.io/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://accs-homelog.github.io/	Avira URL Cloud: detection malicious, Label: phishing
Source: http://accs-homelog.github.io/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://accs-homelog.github.io/css/cross/hidden_2.css	Avira URL Cloud: Label: phishing
Source: https://accs-homelog.github.io/img/favicon.ico	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://accs-homelog.github.io/

LLM: Score: 9 Reasons: The URL 'accs-homelog.github.io' does not match the legitimate domain 'facebook.com'., The URL uses 'github.io', which is a domain commonly used for hosting personal or project pages, not for official brand pages., The URL contains 'accs-homelog', which is unrelated to Facebook and is suspicious., Facebook is a well-known brand and would not use a GitHub Pages domain for login purposes., The presence of input fields for email address or phone number and password on a non-official domain is a common phishing tactic. DOM: 0.0.pages.csv

Yara detected HtmlPhish64

Source: Yara match

File source: 0.0.pages.csv, type: HTML

Phishing site detected (based on logo match)

Source: https://accs-homelog.github.io/

Matcher: Template: facebook matched

Source: https://accs-homelog.github.io/

HTTP Parser: Form action: https://ujangtele98721.000webhostapp.com/input.php github 000webhostapp

Source: https://accs-homelog.github.io/

HTTP Parser: Number of links: 1

Source: https://accs-homelog.github.io/

HTTP Parser: Title: Community Standard does not match URL

Source: https://accs-homelog.github.io/

HTTP Parser: Form action: https://ujangtele98721.000webhostapp.com/input.php

Source: https://accs-homelog.github.io/

HTTP Parser: <input type="password" .../> found

Source: https://accs-homelog.github.io/

HTTP Parser: No <meta name="author".. found

Source: https://accs-homelog.github.io/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.4:65230 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: accs-homelog.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/cross/hidden.css HTTP/1.1Host: accs-homelog.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://accs-homelog.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/cross/hidden_2.css HTTP/1.1Host: accs-homelog.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://accs-homelog.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rsrc.php/v3/yW/r/AFgIDquDCzO.png HTTP/1.1Host: static.xx.fbcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accs-homelog.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: accs-homelog.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accs-homelog.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /img/favicon.ico HTTP/1.1Host: accs-homelog.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: accs-homelog.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: accs-homelog.github.io
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: static.xx.fbcdn.net

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundVary: Accept-Encodingx-fatal-request: static.xx.fbcdn.netEdge-Control: cache-maxage=10mPragma: no-cacheCache-Control: private, no-cache, no-store, must-revalidateExpires: Sat, 01 Jan 2000 00:00:00 GMTtiming-allow-origin: *reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}content-security-policy: default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src data: blob: 'self' https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';document-policy: force-load-at-top

Source: sets.json.0.dr	String found in binary or memory: https://07c225f3.online
Source: sets.json.0.dr	String found in binary or memory: https://24.hu
Source: sets.json.0.dr	String found in binary or memory: https://aajtak.in
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: sets.json.0.dr	String found in binary or memory: https://ambitionbox.com
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://businesstoday.in
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: sets.json.0.dr	String found in binary or memory: https://chatbot.com
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://citybibleforum.org
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://closeronline.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://cognitive-ai.ru
Source: sets.json.0.dr	String found in binary or memory: https://cognitiveai.ru
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://content-loader.com
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: sets.json.0.dr	String found in binary or memory: https://css-load.com
Source: sets.json.0.dr	String found in binary or memory: https://deccoria.pl
Source: sets.json.0.dr	String found in binary or memory: https://deere.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://drimer.io
Source: sets.json.0.dr	String found in binary or memory: https://drimer.travel
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://geforcenow.com
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://gnttv.com
Source: sets.json.0.dr	String found in binary or memory: https://graziadaily.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hazipatika.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://heatworld.com
Source: sets.json.0.dr	String found in binary or memory: https://helpdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://html-load.cc
Source: sets.json.0.dr	String found in binary or memory: https://html-load.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: sets.json.0.dr	String found in binary or memory: https://img-load.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatoday.in
Source: sets.json.0.dr	String found in binary or memory: https://indiatodayne.in
Source: sets.json.0.dr	String found in binary or memory: https://infoedgeindia.com
Source: sets.json.0.dr	String found in binary or memory: https://interia.pl
Source: sets.json.0.dr	String found in binary or memory: https://intoday.in
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: sets.json.0.dr	String found in binary or memory: https://johndeere.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: sets.json.0.dr	String found in binary or memory: https://knowledgebase.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livechat.com
Source: sets.json.0.dr	String found in binary or memory: https://livechatinc.com
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: sets.json.0.dr	String found in binary or memory: https://meo.pt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://motherandbaby.com
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://naukri.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://nlc.hu
Source: sets.json.0.dr	String found in binary or memory: https://nosalty.hu
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://nvidia.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: sets.json.0.dr	String found in binary or memory: https://p106.net
Source: sets.json.0.dr	String found in binary or memory: https://p24.hu
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://pomponik.pl
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://sackrace.ai
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: sets.json.0.dr	String found in binary or memory: https://sapo.io
Source: sets.json.0.dr	String found in binary or memory: https://sapo.pt
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: sets.json.0.dr	String found in binary or memory: https://smaker.pl
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://smpn106jkt.sch.id
Source: sets.json.0.dr	String found in binary or memory: https://socket-to-me.vip
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startlap.hu
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: chromecache_115.2.dr	String found in binary or memory: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/AFgIDquDCzO.png");
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: sets.json.0.dr	String found in binary or memory: https://takeabreak.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: sets.json.0.dr	String found in binary or memory: https://terazgotuje.pl
Source: sets.json.0.dr	String found in binary or memory: https://text.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://the42.ie
Source: sets.json.0.dr	String found in binary or memory: https://thejournal.ie
Source: sets.json.0.dr	String found in binary or memory: https://thirdspace.org.au
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.app
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.com
Source: sets.json.0.dr	String found in binary or memory: https://top.pl
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: chromecache_115.2.dr	String found in binary or memory: https://ujangtele98721.000webhostapp.com/input.php
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://yours.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn

Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 65234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\sets.json			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\manifest.json			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\LICENSE			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\_metadata\			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\_metadata\verified_contents.json			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\manifest.fingerprint			Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_8_902027977

Jump to behavior

Source: classification engine

Classification label: mal76.phis.win@23/16@10/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2028,i,9282736922343624635,9867241186984207605,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://accs-homelog.github.io/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2028,i,9282736922343624635,9867241186984207605,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 File Deletion	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://accs-homelog.github.io/	100%	Avira URL Cloud	phishing
http://accs-homelog.github.io/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://wieistmeineip.de	0%	URL Reputation	safe
https://mercadoshops.com.co	0%	URL Reputation	safe
https://gliadomain.com	0%	URL Reputation	safe
https://poalim.xyz	0%	URL Reputation	safe
https://mercadolivre.com	0%	URL Reputation	safe
https://reshim.org	0%	URL Reputation	safe
https://nourishingpursuits.com	0%	URL Reputation	safe
https://medonet.pl	0%	URL Reputation	safe
https://unotv.com	0%	URL Reputation	safe
https://mercadoshops.com.br	0%	URL Reputation	safe
https://zdrowietvn.pl	0%	URL Reputation	safe
https://johndeere.com	0%	URL Reputation	safe
https://songstats.com	0%	URL Reputation	safe
https://baomoi.com	0%	URL Reputation	safe
https://supereva.it	0%	URL Reputation	safe
https://elfinancierocr.com	0%	URL Reputation	safe
https://bolasport.com	0%	URL Reputation	safe
https://rws1nvtvt.com	0%	URL Reputation	safe
https://desimartini.com	0%	URL Reputation	safe
https://hearty.app	0%	URL Reputation	safe
https://hearty.gift	0%	URL Reputation	safe
https://mercadoshops.com	0%	URL Reputation	safe
https://heartymail.com	0%	URL Reputation	safe
https://p106.net	0%	URL Reputation	safe
https://radio2.be	0%	URL Reputation	safe
https://finn.no	0%	URL Reputation	safe
https://hc1.com	0%	URL Reputation	safe
https://kompas.tv	0%	URL Reputation	safe
https://mystudentdashboard.com	0%	URL Reputation	safe
https://songshare.com	0%	URL Reputation	safe
https://smaker.pl	0%	URL Reputation	safe
https://mercadopago.com.mx	0%	URL Reputation	safe
https://p24.hu	0%	URL Reputation	safe
https://talkdeskqaid.com	0%	URL Reputation	safe
https://mercadopago.com.pe	0%	URL Reputation	safe
https://cardsayings.net	0%	URL Reputation	safe
https://text.com	0%	URL Reputation	safe
https://mightytext.net	0%	URL Reputation	safe
https://pudelek.pl	0%	URL Reputation	safe
https://hazipatika.com	0%	URL Reputation	safe
https://joyreactor.com	0%	URL Reputation	safe
https://cookreactor.com	0%	URL Reputation	safe
https://wildixin.com	0%	URL Reputation	safe
https://eworkbookcloud.com	0%	URL Reputation	safe
https://cognitiveai.ru	0%	URL Reputation	safe
https://nacion.com	0%	URL Reputation	safe
https://chennien.com	0%	URL Reputation	safe
https://drimer.travel	0%	URL Reputation	safe
https://deccoria.pl	0%	URL Reputation	safe
https://mercadopago.cl	0%	URL Reputation	safe
https://talkdeskstgid.com	0%	URL Reputation	safe
https://bonvivir.com	0%	URL Reputation	safe
https://carcostadvisor.be	0%	URL Reputation	safe
https://salemovetravel.com	0%	URL Reputation	safe
https://sapo.io	0%	URL Reputation	safe
https://wpext.pl	0%	URL Reputation	safe
https://welt.de	0%	URL Reputation	safe
https://poalim.site	0%	URL Reputation	safe
https://drimer.io	0%	URL Reputation	safe
https://infoedgeindia.com	0%	URL Reputation	safe
https://blackrockadvisorelite.it	0%	URL Reputation	safe
https://cognitive-ai.ru	0%	URL Reputation	safe
https://cafemedia.com	0%	URL Reputation	safe
https://graziadaily.co.uk	0%	URL Reputation	safe
https://thirdspace.org.au	0%	URL Reputation	safe
https://mercadoshops.com.ar	0%	URL Reputation	safe
https://smpn106jkt.sch.id	0%	URL Reputation	safe
https://elpais.uy	0%	URL Reputation	safe
https://landyrev.com	0%	URL Reputation	safe
https://the42.ie	0%	URL Reputation	safe
https://commentcamarche.com	0%	URL Reputation	safe
https://tucarro.com.ve	0%	URL Reputation	safe
https://rws3nvtvt.com	0%	URL Reputation	safe
https://eleconomista.net	0%	URL Reputation	safe
https://helpdesk.com	0%	URL Reputation	safe
https://nlc.hu	0%	Avira URL Cloud	safe
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/AFgIDquDCzO.png	0%	Avira URL Cloud	safe
https://mercadolivre.com.br	0%	URL Reputation	safe
https://clmbtech.com	0%	URL Reputation	safe
https://standardsandpraiserepurpose.com	0%	URL Reputation	safe
https://joyreactor.cc	0%	Avira URL Cloud	safe
https://salemovefinancial.com	0%	URL Reputation	safe
https://24.hu	0%	Avira URL Cloud	safe
https://mercadopago.com.br	0%	URL Reputation	safe
https://commentcamarche.net	0%	URL Reputation	safe
https://etfacademy.it	0%	URL Reputation	safe
https://mighty-app.appspot.com	0%	URL Reputation	safe
https://hj.rs	0%	URL Reputation	safe
https://hearty.me	0%	URL Reputation	safe
https://mercadolibre.com.gt	0%	URL Reputation	safe
https://accs-homelog.github.io/css/cross/hidden_2.css	100%	Avira URL Cloud	phishing
https://timesinternet.in	0%	URL Reputation	safe
https://indiatodayne.in	0%	URL Reputation	safe
https://idbs-staging.com	0%	URL Reputation	safe
https://blackrock.com	0%	URL Reputation	safe
https://idbs-eworkbook.com	0%	URL Reputation	safe
https://interia.pl	0%	Avira URL Cloud	safe
https://naukri.com	0%	Avira URL Cloud	safe
https://07c225f3.online	0%	Avira URL Cloud	safe
https://accs-homelog.github.io/img/favicon.ico	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false		unknown
scontent.xx.fbcdn.net	157.240.252.13	true	false		unknown
www.google.com	142.250.186.68	true	false		unknown
accs-homelog.github.io	185.199.111.153	true	true		unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false		unknown
static.xx.fbcdn.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/AFgIDquDCzO.png	false	Avira URL Cloud: safe	unknown
https://accs-homelog.github.io/css/cross/hidden_2.css	true	Avira URL Cloud: phishing	unknown
https://accs-homelog.github.io/img/favicon.ico	true	Avira URL Cloud: phishing	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://wieistmeineip.de	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadoshops.com.co	sets.json.0.dr	false	URL Reputation: safe	unknown
https://gliadomain.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://poalim.xyz	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadolivre.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://reshim.org	sets.json.0.dr	false	URL Reputation: safe	unknown
https://nourishingpursuits.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://medonet.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://unotv.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadoshops.com.br	sets.json.0.dr	false	URL Reputation: safe	unknown
https://joyreactor.cc	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://zdrowietvn.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://johndeere.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://songstats.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://baomoi.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://supereva.it	sets.json.0.dr	false	URL Reputation: safe	unknown
https://elfinancierocr.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://bolasport.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://rws1nvtvt.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://desimartini.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hearty.app	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hearty.gift	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadoshops.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://heartymail.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://nlc.hu	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://p106.net	sets.json.0.dr	false	URL Reputation: safe	unknown
https://radio2.be	sets.json.0.dr	false	URL Reputation: safe	unknown
https://finn.no	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hc1.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://kompas.tv	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mystudentdashboard.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://songshare.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://smaker.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadopago.com.mx	sets.json.0.dr	false	URL Reputation: safe	unknown
https://p24.hu	sets.json.0.dr	false	URL Reputation: safe	unknown
https://talkdeskqaid.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://24.hu	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://mercadopago.com.pe	sets.json.0.dr	false	URL Reputation: safe	unknown
https://cardsayings.net	sets.json.0.dr	false	URL Reputation: safe	unknown
https://text.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mightytext.net	sets.json.0.dr	false	URL Reputation: safe	unknown
https://pudelek.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hazipatika.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://joyreactor.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://cookreactor.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://wildixin.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://eworkbookcloud.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://cognitiveai.ru	sets.json.0.dr	false	URL Reputation: safe	unknown
https://nacion.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://chennien.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://drimer.travel	sets.json.0.dr	false	URL Reputation: safe	unknown
https://deccoria.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadopago.cl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://talkdeskstgid.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://naukri.com	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://interia.pl	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://bonvivir.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://carcostadvisor.be	sets.json.0.dr	false	URL Reputation: safe	unknown
https://salemovetravel.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://sapo.io	sets.json.0.dr	false	URL Reputation: safe	unknown
https://wpext.pl	sets.json.0.dr	false	URL Reputation: safe	unknown
https://welt.de	sets.json.0.dr	false	URL Reputation: safe	unknown
https://poalim.site	sets.json.0.dr	false	URL Reputation: safe	unknown
https://drimer.io	sets.json.0.dr	false	URL Reputation: safe	unknown
https://infoedgeindia.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://blackrockadvisorelite.it	sets.json.0.dr	false	URL Reputation: safe	unknown
https://cognitive-ai.ru	sets.json.0.dr	false	URL Reputation: safe	unknown
https://cafemedia.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://graziadaily.co.uk	sets.json.0.dr	false	URL Reputation: safe	unknown
https://thirdspace.org.au	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadoshops.com.ar	sets.json.0.dr	false	URL Reputation: safe	unknown
https://smpn106jkt.sch.id	sets.json.0.dr	false	URL Reputation: safe	unknown
https://elpais.uy	sets.json.0.dr	false	URL Reputation: safe	unknown
https://landyrev.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://the42.ie	sets.json.0.dr	false	URL Reputation: safe	unknown
https://commentcamarche.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://tucarro.com.ve	sets.json.0.dr	false	URL Reputation: safe	unknown
https://rws3nvtvt.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://eleconomista.net	sets.json.0.dr	false	URL Reputation: safe	unknown
https://helpdesk.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadolivre.com.br	sets.json.0.dr	false	URL Reputation: safe	unknown
https://clmbtech.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://standardsandpraiserepurpose.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://07c225f3.online	sets.json.0.dr	false	Avira URL Cloud: safe	unknown
https://salemovefinancial.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadopago.com.br	sets.json.0.dr	false	URL Reputation: safe	unknown
https://commentcamarche.net	sets.json.0.dr	false	URL Reputation: safe	unknown
https://etfacademy.it	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mighty-app.appspot.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hj.rs	sets.json.0.dr	false	URL Reputation: safe	unknown
https://hearty.me	sets.json.0.dr	false	URL Reputation: safe	unknown
https://mercadolibre.com.gt	sets.json.0.dr	false	URL Reputation: safe	unknown
https://timesinternet.in	sets.json.0.dr	false	URL Reputation: safe	unknown
https://indiatodayne.in	sets.json.0.dr	false	URL Reputation: safe	unknown
https://idbs-staging.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://blackrock.com	sets.json.0.dr	false	URL Reputation: safe	unknown
https://idbs-eworkbook.com	sets.json.0.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States		15169	GOOGLEUS	false
185.199.109.153	unknown	Netherlands		54113	FASTLYUS	false
185.199.111.153	accs-homelog.github.io	Netherlands		54113	FASTLYUS	true
239.255.255.250	unknown	Reserved		unknown	unknown	false
157.240.252.13	scontent.xx.fbcdn.net	United States		32934	FACEBOOKUS	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1520248
Start date and time:	2024-09-27 07:14:24 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://accs-homelog.github.io/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal76.phis.win@23/16@10/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.186.142, 173.194.76.84, 34.104.35.123, 142.250.185.234, 142.250.186.42, 172.217.18.10, 142.250.185.202, 172.217.16.202, 142.250.185.138, 142.250.185.106, 142.250.185.170, 142.250.185.74, 142.250.186.74, 142.250.74.202, 142.250.186.106, 216.58.206.74, 172.217.23.106, 216.58.212.170, 142.250.186.138, 52.165.165.26, 199.232.210.172, 13.85.23.206, 192.229.221.95, 40.69.42.241, 142.250.186.99
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, ocsp.edge.digicert.com, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://accs-homelog.github.io/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\LICENSE

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1558
Entropy (8bit):	5.11458514637545
Encrypted:	false
SSDEEP:	48:OBOCrYJ4rYJVwUCLHDy43HV713XEyMmZ3teTHn:LCrYJ4rYJVwUCHZ3Z13XtdUTH
MD5:	EE002CB9E51BB8DFA89640A406A1090A
SHA1:	49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2
SHA-256:	3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B
SHA-512:	D1FDCC436B8CA8C68D4DC7077F84F803A535BF2CE31D9EB5D0C466B62D6567B2C59974995060403ED757E92245DB07E70C6BDDBF1C3519FED300CC5B9BF9177C
Malicious:	false
Reputation:	low
Preview:	// Copyright 2015 The Chromium Authors. All rights reserved..//.// Redistribution and use in source and binary forms, with or without.// modification, are permitted provided that the following conditions are.// met:.//.// * Redistributions of source code must retain the above copyright.// notice, this list of conditions and the following disclaimer..// * Redistributions in binary form must reproduce the above.// copyright notice, this list of conditions and the following disclaimer.// in the documentation and/or other materials provided with the.// distribution..// * Neither the name of Google Inc. nor the names of its.// contributors may be used to endorse or promote products derived from.// this software without specific prior written permission..//.// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS.// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT.// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR.// A PARTICULAR

C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\_metadata\verified_contents.json

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1864
Entropy (8bit):	6.021127689065198
Encrypted:	false
SSDEEP:	48:p/hUI1atAdI567akUmYWEFw/3+ovGJ4F3jkZUbvzk98g5m7:RnYQI47avYUwvVGJ41jkZIzxgA7
MD5:	68E6B5733E04AB7BF19699A84D8ABBC2
SHA1:	1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0
SHA-256:	F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709
SHA-512:	9DC5D824A55C969820D5D1FBB0CA7773361F044AE0C255E7C48D994E16CE169FCEAC3DE180A3A544EBEF32337EA535683115584D592370E5FE7D85C68B86C891
Malicious:	false
Reputation:	low
Preview:	[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiJMSUNFTlNFIiwicm9vdF9oYXNoIjoiUGIwc2tBVUxaUzFqWldTQnctV0hIRkltRlhVcExiZDlUcVkwR2ZHSHBWcyJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiIyNXB3SWdtQWU2QTVoeDVVTG9OV0laODBLbzJjbktOTHpacUdjbjlLT2c4In0seyJwYXRoIjoic2V0cy5qc29uIiwicm9vdF9oYXNoIjoiOWVza0FuRlBsM3VCQzkwUmFWakxNaVI3NXZIQi0wQUVmMmg0RzU3ZXNpcyJ9XSwiZm9ybWF0IjoidHJlZWhhc2giLCJoYXNoX2Jsb2NrX3NpemUiOjQwOTZ9XSwiaXRlbV9pZCI6ImdvbnBlbWRna2pjZWNkZ2JuYWFiaXBwcGJtZ2ZnZ2JlIiwiaXRlbV92ZXJzaW9uIjoiMjAyNC44LjEwLjAiLCJwcm90b2NvbF92ZXJzaW9uIjoxfQ","signatures":[{"header":{"kid":"publisher"},"protected":"eyJhbGciOiJSUzI1NiJ9","signature":"dU2MmRUQSugaJAJvEN4uaQHx-KXdOkjj0yK8_aH4Afr3kN7DPOZRt6yLTS3UchBE5M-dgPPPBuKADj4KEK4B22SO6WQquL5J27AUPqQBGgr44-iFGVJdOLLlfirFlJmcYv6DUFRYiPsQFGMr1JFqInj19jgkOxzR6qqcNuTCB0wGEMeTU80r-igCjeQG6TIzPro7yKd_-UxsxO6OGAySmlIJIoU54X0p0ATNoZyAfkhb8kb0oN8unOU

C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\manifest.fingerprint

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	66
Entropy (8bit):	3.9159446964030753
Encrypted:	false
SSDEEP:	3:Sq5TQRaELVHecsUDBAeHD5k:Sq5gJ+csHej5k
MD5:	CFB54589424206D0AE6437B5673F498D
SHA1:	D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609
SHA-256:	285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C
SHA-512:	70FDCA4A1E6B7A5FFED3414E2DB74FECA7E0FD17482B8CB30393DFEE20AB9AD2B0B00FF0C590DD0E8D744D0EAD876CE8844519AF66618ED14666BCA56DF2DA21
Malicious:	false
Reputation:	low
Preview:	1.dbf288588465463a914bdfc5e86d465fb3592b2f1261dc0e40fcc5c1adc8e7e4

C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\manifest.json

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	85
Entropy (8bit):	4.4533115571544695
Encrypted:	false
SSDEEP:	3:rR6TAulhFphifFCmMARWHJqS1tean:F6VlM8aRWpqS1ln
MD5:	C3419069A1C30140B77045ABA38F12CF
SHA1:	11920F0C1E55CADC7D2893D1EEBB268B3459762A
SHA-256:	DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F
SHA-512:	C5E95A4E9F5919CB14F4127539C4353A55C5F68062BF6F95E1843B6690CEBED3C93170BADB2412B7FB9F109A620385B0AE74783227D6813F26FF8C29074758A1
Malicious:	false
Reputation:	low
Preview:	{. "manifest_version": 2,. "name": "First Party Sets",. "version": "2024.8.10.0".}

C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping8_1476712562\sets.json

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	9748
Entropy (8bit):	4.629326694042306
Encrypted:	false
SSDEEP:	96:Mon4mvC4qX19s1blbw/BNKLcxbdmf56MFJtRTGXvcxN43uP+8qJq:v5C4ql7BkIVmtRTGXvcxBsq
MD5:	EEA4913A6625BEB838B3E4E79999B627
SHA1:	1B4966850F1B117041407413B70BFA925FD83703
SHA-256:	20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C
SHA-512:	31B1429A5FACD6787F6BB45216A4AB1C724C79438C18EBFA8C19CED83149C17783FD492A03197110A75AAF38486A9F58828CA30B58D41E0FE89DFE8BDFC8A004
Malicious:	false
Reputation:	low
Preview:	{"primary":"https://bild.de","associatedSites":["https://welt.de","https://autobild.de","https://computerbild.de","https://wieistmeineip.de"],"serviceSites":["https://www.asadcdn.com"]}.{"primary":"https://blackrock.com","associatedSites":["https://blackrockadvisorelite.it","https://cachematrix.com","https://efront.com","https://etfacademy.it","https://ishares.com"]}.{"primary":"https://cafemedia.com","associatedSites":["https://cardsayings.net","https://nourishingpursuits.com"]}.{"primary":"https://caracoltv.com","associatedSites":["https://noticiascaracol.com","https://bluradio.com","https://shock.co","https://bumbox.com","https://hjck.com"]}.{"primary":"https://carcostadvisor.com","ccTLDs":{"https://carcostadvisor.com":["https://carcostadvisor.be","https://carcostadvisor.fr"]}}.{"primary":"https://citybibleforum.org","associatedSites":["https://thirdspace.org.au"]}.{"primary":"https://cognitiveai.ru","associatedSites":["https://cognitive-ai.ru"]}.{"primary":"https://drimer.io","asso

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11259)
Category:	downloaded
Size (bytes):	12478
Entropy (8bit):	5.214344826279296
Encrypted:	false
SSDEEP:	384:aX7UtcW0mvWQWLiW0mvWQWkm/g0yWqKq8Rr8UUrH9I3qqhO:a7ycW0mvWQWWW0mvWQWkmYoqxA3qqhO
MD5:	03965AB9D90C48DDB7EA74C84EE32422
SHA1:	7879531FE445D83F96C360427BA13E39FD3B9E6B
SHA-256:	BFE5CD76647E20B420DA958C1A6D56EAA9D452584A76981CE897AEA8A0D163B4
SHA-512:	A1225BC339AC05BD61AD5ADB05EB46B8A2C89C65AE6A81A064A63794B1B3B857BE4157B5669DFF3A75BA06C26C32C497225CB4F3BA3BC669EED6CC15623914C9
Malicious:	false
Reputation:	low
URL:	https://accs-homelog.github.io/css/cross/hidden.css
Preview:	.x1lkfr7t{font-size:14px}..Gar1i5{border-top: 1px solid #dddfe2;padding: 10px 0px 10px 0px;}..rot0o{margin-top: 6px;font-size: 14px;font-weight: 400;color: #000000;font-family: Segoe UI Historic, Segoe UI, Helvetica, Arial, sans-serif;line-height: 1.1765;}..KolM4x{width: 100%;display: flex;box-sizing: border-box;padding-top: 6px;}..inPUt1{width: 100%;color: rgba(0,0,0,.85);font-size: 14px;border-radius: 6px;border-color: rgba(0,0,0,.15);border-width: 1px;padding: 11px;border-style: solid;}..inPUt1err{width: 100%;color: rgba(0,0,0,.85);font-size: 14px;border-radius: 6px;border-color: rgb(255 0 0);border-width: 1px;padding: 11px;border-style: solid;}..KolM4xBir{width: 100%;display: flex;box-sizing: border-box;margin-bottom: 37px;}..inPUt2{color: rgba(0,0,0,.85);font-size: 14px;border-radius: 6px;border-color: rgba(0,0,0,.15);border-width: 1px;padding: 10px;border-style: solid;}..spCBir{margin-right: 5px;}..BirT3X{margin-top: 5px;margin-left: 3px;margin-bottom: 1px;font-size: 14px;color:

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.2359263506290326
Encrypted:	false
SSDEEP:	3:QQinP90NY:+P1
MD5:	7CD44B2C77526F4FA4CC7FC0BB388924
SHA1:	46A26A23C8384B55BDC9012212BD4F82C341FB12
SHA-256:	803331C1A11F7BD2503BB16AA5F3EE4A448D7D47D003B371F485B3042222C283
SHA-512:	92F2005F088F928320C07487F26A293AB96107A94A2E0611262B9E30200C8FB9FE612D541737CE587C95C53BA89E43F3476CFED333301AB4E8BBDB03084D94DB
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlfLqTQtbQSKRIFDXhvEhkSBQ3Fk8Qk?alt=proto
Preview:	ChIKBw14bxIZGgAKBw3Fk8QkGgA=

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38068), with CRLF line terminators
Category:	downloaded
Size (bytes):	573319
Entropy (8bit):	5.283389625089064
Encrypted:	false
SSDEEP:	3072:+XwLX/myWHo/Rbd/o5eqGFQDqSQuStayCpp0uz1QN+1KIo6U9U2VLTNzJnUz:Yw2oZx/oMQuSQuStaDp0uz0TNz+
MD5:	DFD1DBC0CE36FE3DBBBC28BBE82D7FDF
SHA1:	96DFAF86FB27BC36C1B604051FB422B3E67B507D
SHA-256:	84AC2481A5E38D5A974CE16F8D55DC322D38F6E021E4A45A9580091FB0AA6BD3
SHA-512:	C01D4A299FDE02F8CB59F5BE11EBCDBAF935B416A03387FEE0E2CB6A1E22FEC78CD7F3D9AE7F7D7AE723E93F977803365870E21762763D11F5861951CF5FC9DE
Malicious:	false
Reputation:	low
URL:	https://accs-homelog.github.io/css/cross/hidden_2.css
Preview:	form{margin:0;padding:0}label{color:#606770;cursor:default;font-weight:600;vertical-align:middle}label input{font-weight:normal}textarea,.inputtext,.inputpassword{-webkit-appearance:none;border:1px solid #ccd0d5;border-radius:0;margin:0;padding:3px}textarea{max-width:100%}select{border:1px solid #ccd0d5;padding:2px}input,select,textarea{background-color:#fff;color:#1c1e21}.inputtext,.inputpassword{padding-bottom:4px}.inputtext:invalid,.inputpassword:invalid{box-shadow:none}.inputradio{margin:0 5px 0 0;padding:0;vertical-align:middle}.inputcheckbox{border:0;vertical-align:middle}.inputbutton,.inputsubmit{background-color:#4267b2;border-color:#DADDE1 #0e1f5b #0e1f5b #d9dfea;border-style:solid;border-width:1px;color:#fff;padding:2px 15px 3px 15px;text-align:center}.inputaux{background:#ebedf0;border-color:#EBEDF0 #666 #666 #e7e7e7;color:#000}.inputsearch{background:#FFFFFF url(/rsrc.php/v3/yL/r/unHwF9CkMyM.png) no-repeat left 4px;padding-left:17px}..html{touch-action:manipulation}body{bac

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	5430
Entropy (8bit):	2.6465732373896285
Encrypted:	false
SSDEEP:	24:Es5ed8vZa+/kffJTyN5J5iXSvjDxatgFFjiZq1MJUikeVgl2fwFfBaTzh4mpCbak:2fq3OqXAzh4jaJV9HxG8Q
MD5:	3E764F0F737767B30A692FAB1DE3CE49
SHA1:	58FA0755A8EE455819769EE0E77C23829BF488DD
SHA-256:	88AE5454A7C32C630703440849D35C58F570D8EECC23C071DBE68D63CE6A40D7
SHA-512:	2831536A2CA9A2562B7BE1053DF21C2ED51807C9D332878CF349DC0B718D09EEB587423B488C415672C89E42D98D9A9218FACE1FCF8E773492535CB5BD67E278
Malicious:	false
Reputation:	low
Preview:	............ .h...&... .... .........(....... ..... ..........................................h. .f...............f...g...d.@.........................`...e...f...f...............f...f...f...e...p...............`...f...f...f...f...............f...f...f...f...f...p...........e...f...f...f...f...............f...f...f...f...f...e.......d.@.f...f...f...f...f...............f...f...f...f...f...f...h. .e...f...f...f....U..........................y'..f...f...f...g...f...f...f...f...............................U..f...f...f...f...f...f...f...f..................................f...f...f...f...f...f...f...f...f...f...............f...f...f...f...f...f...f...f...f...f...f...f...f...............p...f...f...f...f...f...f...f...f...f...f...f...f...................d...U..f...f...f...e...h. .f...f...f...f...f....d......................f...f...f...h.@.....f...f...f...f...f...f....t.................f...f...f...........p...f...f...f...f...f...f...f...f...f...f...f...f...`...............p...f...f...f...f

Chrome Cache Entry: 115

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (55670), with CRLF line terminators
Category:	downloaded
Size (bytes):	335895
Entropy (8bit):	5.394192816417213
Encrypted:	false
SSDEEP:	6144:zX+SeSPCuCs3pseSEdHEtSBYRIcHyJekXDNKKXQBdIs8hLUUDx3nrn:zX+S5PCuXpsD7tBwYg
MD5:	46BA6650CDC9DAA8B07544698CCB088E
SHA1:	857D5C9B934E769DCF53BFF80C44A80BF03B8423
SHA-256:	2DFDAE88FF97619B5F8DB2EEB62C32C50BDC0146E56F7E587E6E6C12F1030BFA
SHA-512:	645385BF4A93DC8003AE8BF372AC8C771E8FEE3DEA8C15A1AEB1FAE09759574AAA556E448FC427080E8B35A576370DAB0AAB4DB1641AE54F3DF7CB9AA55C9A3B
Malicious:	false
Reputation:	low
URL:	https://accs-homelog.github.io/
Preview:	<html class="__fb-light-mode" lang="en"><head><title>Community Standard</title>.. <link rel="icon" type="image/png" href="img/favicon.ico">.. <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=2,shrink-to-fit=no">.. <meta name="color-scheme" content="light">.. <meta name="theme-color" content="#FFFFFF">.. <link type="text/css" rel="stylesheet" href="css/cross/hidden.css">.. <link type="text/css" rel="stylesheet" href="css/cross/hidden_2.css">.. <style nonce=""></style>.. <style nonce="">.twbca1pg{border-bottom:solid 1px var(--fds-spectrum-teal-dark-1)}.twhas466{border-right:solid 2px}.ut7o74af{border-top:2px solid transparent}.uz2wizr7{border-bottom:2px dashed var(--divider)}.v7lbagvl{border-right:3px dashed var(--media-inner-border)}.w5o66jgc{border-bottom:5px solid transparent}.w7og4mts{border-right:2px solid var(--media-inner-border)}.xxtls0x7{border-left:solid transparent}.a1yigdvo{border-botto

Chrome Cache Entry: 116

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	5430
Entropy (8bit):	2.6465732373896285
Encrypted:	false
SSDEEP:	24:Es5ed8vZa+/kffJTyN5J5iXSvjDxatgFFjiZq1MJUikeVgl2fwFfBaTzh4mpCbak:2fq3OqXAzh4jaJV9HxG8Q
MD5:	3E764F0F737767B30A692FAB1DE3CE49
SHA1:	58FA0755A8EE455819769EE0E77C23829BF488DD
SHA-256:	88AE5454A7C32C630703440849D35C58F570D8EECC23C071DBE68D63CE6A40D7
SHA-512:	2831536A2CA9A2562B7BE1053DF21C2ED51807C9D332878CF349DC0B718D09EEB587423B488C415672C89E42D98D9A9218FACE1FCF8E773492535CB5BD67E278
Malicious:	false
Reputation:	low
URL:	https://accs-homelog.github.io/img/favicon.ico
Preview:	............ .h...&... .... .........(....... ..... ..........................................h. .f...............f...g...d.@.........................`...e...f...f...............f...f...f...e...p...............`...f...f...f...f...............f...f...f...f...f...p...........e...f...f...f...f...............f...f...f...f...f...e.......d.@.f...f...f...f...f...............f...f...f...f...f...f...h. .e...f...f...f....U..........................y'..f...f...f...g...f...f...f...f...............................U..f...f...f...f...f...f...f...f..................................f...f...f...f...f...f...f...f...f...f...............f...f...f...f...f...f...f...f...f...f...f...f...f...............p...f...f...f...f...f...f...f...f...f...f...f...f...................d...U..f...f...f...e...h. .f...f...f...f...f....d......................f...f...f...h.@.....f...f...f...f...f...f....t.................f...f...f...........p...f...f...f...f...f...f...f...f...f...f...f...f...`...............p...f...f...f...f

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 07:15:19.633688927 CEST	49675	443	192.168.2.4	173.222.162.32
Sep 27, 2024 07:15:23.394769907 CEST	49735	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:23.395049095 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:23.399717093 CEST	80	49735	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:23.399919987 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:23.400021076 CEST	49735	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:23.400204897 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:23.400206089 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:23.405081034 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:24.794507980 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:24.794559956 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:24.794601917 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:24.794694901 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:24.794751883 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:24.794903040 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:24.794945955 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:25.238086939 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.238131046 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.238192081 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.238455057 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.238471031 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.703377962 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.740447044 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.740473032 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.744457960 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.744549990 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.746254921 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.746412039 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.746417046 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.746464014 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.749264956 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:25.749301910 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:25.749352932 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:25.750998974 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:25.751024961 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:25.790468931 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.790486097 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.834875107 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876012087 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876208067 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876305103 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876374006 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876386881 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876447916 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876455069 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876534939 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876590014 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876597881 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876704931 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876791954 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876810074 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876818895 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.876899958 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.876909018 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.883367062 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.883441925 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.883451939 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.934353113 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.963788033 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.963828087 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.963839054 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.963849068 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.963876963 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.963896990 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.963933945 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.963953972 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.963987112 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.963995934 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:25.964000940 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:25.964042902 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.049470901 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.049501896 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.049544096 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.049576998 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.049583912 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.049632072 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.049638033 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.049654007 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.049702883 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.050678015 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.050735950 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.050746918 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.050767899 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.050786018 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.050889969 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.052308083 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.052366972 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.052375078 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.052405119 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.052423954 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.052447081 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.054307938 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.054368019 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.054375887 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.054389000 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.054425001 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.054440022 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.136461020 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.136537075 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.136538029 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.136574984 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.136594057 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.136692047 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.137656927 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.137728930 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.137733936 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.137757063 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.137825012 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.137873888 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.139513969 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.139571905 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.139588118 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.139602900 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.139626980 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.139646053 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.141333103 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.141397953 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.141398907 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.141422033 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.141452074 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.141483068 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.142415047 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.142471075 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.142481089 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.142492056 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.142520905 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.142535925 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.144033909 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.144089937 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.144090891 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.144126892 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.144134998 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.144167900 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.184588909 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.184676886 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.184689045 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.184736967 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.184746981 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.184883118 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.223351002 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.223449945 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.223484039 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.223551989 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.223840952 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.223906040 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.223920107 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.223936081 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.223964930 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.223983049 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.224106073 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.224164009 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.224167109 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.224206924 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.224245071 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.224266052 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.224908113 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.224972010 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.224997997 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.225004911 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.225042105 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.225049973 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.228404045 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228477955 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228518009 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.228524923 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228564978 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.228811979 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228872061 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228877068 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.228909969 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.228920937 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.229099035 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.229527950 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.229594946 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.229610920 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.229619026 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.229645014 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.229665041 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.271572113 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.271641970 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.271652937 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.271784067 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.271929979 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.303536892 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.310492992 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.310539961 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.310692072 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.311242104 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.311253071 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.312885046 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.312891960 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.313000917 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.313740015 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.313750029 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.329775095 CEST	49739	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.329792976 CEST	443	49739	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.405828953 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:26.406409979 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:26.406436920 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:26.408071041 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:26.408170938 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:26.410881042 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:26.410983086 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:26.462543964 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:26.462572098 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:26.507092953 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:26.777926922 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.778949022 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.778971910 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.779920101 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.780421972 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.780495882 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.780899048 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.794830084 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.795177937 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.795190096 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.795689106 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.796483994 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.796559095 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.796627045 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.827392101 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.843389988 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897394896 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897628069 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897680044 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.897695065 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897790909 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897835970 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.897840977 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.897973061 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.898016930 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.898020983 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.898516893 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.898561001 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.898566008 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.898680925 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.898732901 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.898737907 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.908895969 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.908950090 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.949577093 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.949598074 CEST	443	49741	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.949608088 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.949636936 CEST	49741	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.950026035 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950305939 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950344086 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.950347900 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950362921 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950398922 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.950452089 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950952053 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.950992107 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.951031923 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.951039076 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.951044083 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.951076031 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.951080084 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.951112032 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.955141068 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.966624022 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:26.966721058 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:26.966730118 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.009363890 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.042737007 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.042821884 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.042860031 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.042897940 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.042907953 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.042921066 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.042948008 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.043263912 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043312073 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.043315887 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043358088 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043401957 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.043406010 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043900013 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043947935 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.043951988 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.043999910 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044038057 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044045925 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.044049978 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044083118 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.044086933 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044898987 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044944048 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.044946909 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.044955015 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045018911 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045058966 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045062065 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.045070887 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045093060 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.045846939 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045900106 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045905113 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.045911074 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.045948029 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.092905045 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:27.092935085 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:27.093221903 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:27.098603964 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:27.098622084 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:27.135466099 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.135479927 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.135524988 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.135539055 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.135552883 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.135576963 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.135593891 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.136753082 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.136768103 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.136868000 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.136868000 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.136873960 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.136912107 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.138431072 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.138444901 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.138499022 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.138504028 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.138539076 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.192713976 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.192737103 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.192784071 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.192801952 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.192828894 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.192848921 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.227962971 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.227979898 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.228019953 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.228032112 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.228048086 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.228065968 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.228852034 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.228866100 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.228909016 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.228913069 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.228944063 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.229743958 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.229758024 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.229794025 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.229796886 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.229820967 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.229837894 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.230168104 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.230185032 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.230226994 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.230232000 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.230475903 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.231093884 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.231107950 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.231178045 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.231182098 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.231215954 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.232131958 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.232146978 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.232184887 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.232189894 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.232234001 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.285195112 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.285214901 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.285264969 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.285280943 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.285341024 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.320343018 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320372105 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320415974 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.320426941 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320460081 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.320610046 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320631027 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320664883 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.320669889 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.320693970 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.320708036 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321206093 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321228027 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321257114 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321263075 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321285009 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321301937 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321751118 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321772099 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321803093 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321806908 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.321831942 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.321846962 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.324839115 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.324863911 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.324906111 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.324911118 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.324958086 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.325321913 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.325341940 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.325377941 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.325383902 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.325404882 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.325419903 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.325751066 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.325771093 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.325814009 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.325818062 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.326003075 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413193941 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413218021 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413264990 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413278103 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413305044 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413324118 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413528919 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413547039 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413605928 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413609982 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413933039 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413958073 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.413984060 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.413989067 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.414010048 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.414040089 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415044069 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415064096 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415117025 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415122032 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415153980 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415169001 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415280104 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415332079 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415337086 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415369034 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415410995 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415842056 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415863991 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415894032 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415898085 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.415925980 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.415940046 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.416234970 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416254044 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416296005 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.416300058 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416629076 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416651964 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416723967 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.416728973 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.416764021 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510452986 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510483027 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510519028 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510531902 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510555029 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510572910 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510771990 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510792017 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510819912 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510823011 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.510850906 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.510863066 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511049032 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511069059 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511094093 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511096954 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511123896 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511137962 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511358976 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511379004 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511428118 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511432886 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511446953 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511466980 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511889935 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511909962 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511943102 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511946917 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.511970997 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.511987925 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.512675047 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512696028 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512732983 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.512736082 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512757063 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512758017 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.512772083 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.512774944 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512799978 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.512851000 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.512981892 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.513000011 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.513010025 CEST	443	49742	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:27.513017893 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.513051987 CEST	49742	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:27.746803999 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:27.746898890 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:27.827533007 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:27.827565908 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:27.828596115 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:27.844723940 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:27.844820023 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:27.844902039 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:27.845648050 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:27.845683098 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:27.870356083 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.481564999 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:28.522732973 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.553421974 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.553478956 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:28.555214882 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:28.555324078 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.578480005 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.578598022 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:28.579125881 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.579158068 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:28.591636896 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.632870913 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:28.639416933 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.776192904 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.776401043 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.776424885 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.776444912 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.776813984 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.776896000 CEST	443	49743	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.776971102 CEST	49743	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.888113976 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.888164043 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:28.888236046 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.888705015 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:28.888725042 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.022406101 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:29.022535086 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:29.022602081 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:29.022600889 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:29.022670984 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:29.026201010 CEST	49745	443	192.168.2.4	157.240.252.13
Sep 27, 2024 07:15:29.026247978 CEST	443	49745	157.240.252.13	192.168.2.4
Sep 27, 2024 07:15:29.038213015 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.038288116 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.038364887 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.038791895 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.038825035 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.513572931 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.516184092 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.516252995 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.516616106 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.517076969 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.517148018 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.517270088 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.559449911 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.559570074 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.559639931 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.560786009 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.560797930 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.561244011 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.562323093 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.607403994 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.639997005 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640049934 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640075922 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640101910 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640110016 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.640172005 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640199900 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.640207052 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.640264034 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.640930891 CEST	49749	443	192.168.2.4	185.199.109.153
Sep 27, 2024 07:15:29.640979052 CEST	443	49749	185.199.109.153	192.168.2.4
Sep 27, 2024 07:15:29.838188887 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.838361025 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.838891029 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.845107079 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.845132113 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.845141888 CEST	49748	443	192.168.2.4	184.28.90.27
Sep 27, 2024 07:15:29.845148087 CEST	443	49748	184.28.90.27	192.168.2.4
Sep 27, 2024 07:15:29.986609936 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:29.986660957 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:29.986789942 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:29.987248898 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:29.987266064 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:30.809925079 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:30.866444111 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:30.945405006 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:30.945420027 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:30.949400902 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:30.949455976 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:30.949482918 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:30.963978052 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:30.964128017 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:30.964163065 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.022682905 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:31.022708893 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.059250116 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.059318066 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:31.059341908 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.059504986 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.059555054 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:31.059561968 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.059773922 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:31.060502052 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:31.067610979 CEST	49750	443	192.168.2.4	185.199.111.153
Sep 27, 2024 07:15:31.067646027 CEST	443	49750	185.199.111.153	192.168.2.4
Sep 27, 2024 07:15:36.307054043 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:36.307133913 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:15:36.307279110 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:36.446717978 CEST	49723	80	192.168.2.4	93.184.221.240
Sep 27, 2024 07:15:36.452138901 CEST	80	49723	93.184.221.240	192.168.2.4
Sep 27, 2024 07:15:36.452194929 CEST	49723	80	192.168.2.4	93.184.221.240
Sep 27, 2024 07:15:37.911026955 CEST	49740	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:15:37.911062956 CEST	443	49740	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:08.413897991 CEST	49735	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:16:08.418795109 CEST	80	49735	185.199.111.153	192.168.2.4
Sep 27, 2024 07:16:09.796730995 CEST	49736	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:16:09.803071976 CEST	80	49736	185.199.111.153	192.168.2.4
Sep 27, 2024 07:16:23.697829008 CEST	49735	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:16:23.703082085 CEST	80	49735	185.199.111.153	192.168.2.4
Sep 27, 2024 07:16:23.703164101 CEST	49735	80	192.168.2.4	185.199.111.153
Sep 27, 2024 07:16:24.343802929 CEST	65230	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:16:24.348607063 CEST	53	65230	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:24.348670959 CEST	65230	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:16:24.348757982 CEST	65230	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:16:24.353503942 CEST	53	65230	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:24.814327955 CEST	53	65230	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:24.815110922 CEST	65230	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:16:24.820244074 CEST	53	65230	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:24.820303917 CEST	65230	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:16:25.367635012 CEST	49724	80	192.168.2.4	93.184.221.240
Sep 27, 2024 07:16:25.372862101 CEST	80	49724	93.184.221.240	192.168.2.4
Sep 27, 2024 07:16:25.373058081 CEST	49724	80	192.168.2.4	93.184.221.240
Sep 27, 2024 07:16:25.791487932 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:25.791528940 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:25.795705080 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:25.795821905 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:25.795828104 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:26.425673962 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:26.426089048 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:26.426104069 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:26.426423073 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:26.429402113 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:26.429470062 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:26.476459980 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:36.334914923 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:36.334981918 CEST	443	65234	142.250.186.68	192.168.2.4
Sep 27, 2024 07:16:36.335243940 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:37.692533016 CEST	65234	443	192.168.2.4	142.250.186.68
Sep 27, 2024 07:16:37.692562103 CEST	443	65234	142.250.186.68	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 07:15:21.196516037 CEST	53	53536	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:21.279375076 CEST	53	60876	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:22.351336956 CEST	53	51643	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:23.385147095 CEST	56454	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:23.385314941 CEST	64196	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:23.393898010 CEST	53	56454	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:23.394092083 CEST	53	64196	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:24.801220894 CEST	62342	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:24.801713943 CEST	62709	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:25.237070084 CEST	53	62342	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:25.237615108 CEST	53	62709	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:25.741435051 CEST	57493	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:25.741991997 CEST	49775	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:25.748121977 CEST	53	57493	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:25.748589039 CEST	53	49775	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:27.796039104 CEST	49785	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:27.796679020 CEST	57104	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:27.802675009 CEST	53	49785	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:27.803630114 CEST	53	57104	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:28.601273060 CEST	53	61062	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:29.958920956 CEST	58162	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:29.959182024 CEST	61373	53	192.168.2.4	1.1.1.1
Sep 27, 2024 07:15:29.967483997 CEST	53	61373	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:29.967593908 CEST	53	58162	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:36.951925993 CEST	138	138	192.168.2.4	192.168.2.255
Sep 27, 2024 07:15:39.274702072 CEST	53	52416	1.1.1.1	192.168.2.4
Sep 27, 2024 07:15:58.229306936 CEST	53	51049	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:20.888978004 CEST	53	49608	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:21.064922094 CEST	53	61415	1.1.1.1	192.168.2.4
Sep 27, 2024 07:16:24.343419075 CEST	53	49657	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 27, 2024 07:15:23.385147095 CEST	192.168.2.4	1.1.1.1	0x1d6b	Standard query (0)	accs-homelog.github.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:23.385314941 CEST	192.168.2.4	1.1.1.1	0xea62	Standard query (0)	accs-homelog.github.io	65	IN (0x0001)	false
Sep 27, 2024 07:15:24.801220894 CEST	192.168.2.4	1.1.1.1	0x3611	Standard query (0)	accs-homelog.github.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:24.801713943 CEST	192.168.2.4	1.1.1.1	0x6982	Standard query (0)	accs-homelog.github.io	65	IN (0x0001)	false
Sep 27, 2024 07:15:25.741435051 CEST	192.168.2.4	1.1.1.1	0xc686	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.741991997 CEST	192.168.2.4	1.1.1.1	0x483e	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 27, 2024 07:15:27.796039104 CEST	192.168.2.4	1.1.1.1	0xc854	Standard query (0)	static.xx.fbcdn.net	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:27.796679020 CEST	192.168.2.4	1.1.1.1	0x7455	Standard query (0)	static.xx.fbcdn.net	65	IN (0x0001)	false
Sep 27, 2024 07:15:29.958920956 CEST	192.168.2.4	1.1.1.1	0x9e98	Standard query (0)	accs-homelog.github.io	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:29.959182024 CEST	192.168.2.4	1.1.1.1	0x3141	Standard query (0)	accs-homelog.github.io	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 27, 2024 07:15:23.393898010 CEST	1.1.1.1	192.168.2.4	0x1d6b	No error (0)	accs-homelog.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:23.393898010 CEST	1.1.1.1	192.168.2.4	0x1d6b	No error (0)	accs-homelog.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:23.393898010 CEST	1.1.1.1	192.168.2.4	0x1d6b	No error (0)	accs-homelog.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:23.393898010 CEST	1.1.1.1	192.168.2.4	0x1d6b	No error (0)	accs-homelog.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.237070084 CEST	1.1.1.1	192.168.2.4	0x3611	No error (0)	accs-homelog.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.237070084 CEST	1.1.1.1	192.168.2.4	0x3611	No error (0)	accs-homelog.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.237070084 CEST	1.1.1.1	192.168.2.4	0x3611	No error (0)	accs-homelog.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.237070084 CEST	1.1.1.1	192.168.2.4	0x3611	No error (0)	accs-homelog.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.748121977 CEST	1.1.1.1	192.168.2.4	0xc686	No error (0)	www.google.com		142.250.186.68	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:25.748589039 CEST	1.1.1.1	192.168.2.4	0x483e	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 27, 2024 07:15:27.802675009 CEST	1.1.1.1	192.168.2.4	0xc854	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 07:15:27.802675009 CEST	1.1.1.1	192.168.2.4	0xc854	No error (0)	scontent.xx.fbcdn.net		157.240.252.13	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:27.803630114 CEST	1.1.1.1	192.168.2.4	0x7455	No error (0)	static.xx.fbcdn.net	scontent.xx.fbcdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 07:15:27.803630114 CEST	1.1.1.1	192.168.2.4	0x7455	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 27, 2024 07:15:27.803630114 CEST	1.1.1.1	192.168.2.4	0x7455	No error (0)	scontent.xx.fbcdn.net			65	IN (0x0001)	false
Sep 27, 2024 07:15:29.967593908 CEST	1.1.1.1	192.168.2.4	0x9e98	No error (0)	accs-homelog.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:29.967593908 CEST	1.1.1.1	192.168.2.4	0x9e98	No error (0)	accs-homelog.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:29.967593908 CEST	1.1.1.1	192.168.2.4	0x9e98	No error (0)	accs-homelog.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:29.967593908 CEST	1.1.1.1	192.168.2.4	0x9e98	No error (0)	accs-homelog.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:33.413959980 CEST	1.1.1.1	192.168.2.4	0x708b	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:33.413959980 CEST	1.1.1.1	192.168.2.4	0x708b	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:34.789680004 CEST	1.1.1.1	192.168.2.4	0x740b	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 07:15:34.789680004 CEST	1.1.1.1	192.168.2.4	0x740b	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:15:54.391503096 CEST	1.1.1.1	192.168.2.4	0xd481	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 07:15:54.391503096 CEST	1.1.1.1	192.168.2.4	0xd481	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 07:16:13.327989101 CEST	1.1.1.1	192.168.2.4	0x2303	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 07:16:13.327989101 CEST	1.1.1.1	192.168.2.4	0x2303	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

accs-homelog.github.io

https:

static.xx.fbcdn.net

fs.microsoft.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49736	185.199.111.153	80	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 27, 2024 07:15:23.400206089 CEST	437	OUT	GET / HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Sep 27, 2024 07:15:24.794507980 CEST	706	IN	HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://accs-homelog.github.io/ X-GitHub-Request-Id: E868:21837C:1C355D:201217:66F63F67 Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:23 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890087-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414124.802270,VS0,VE9 Vary: Accept-Encoding X-Fastly-Request-ID: c2dcfcd4322add9c0f436bc3912b9b02f13a4d13 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Sep 27, 2024 07:15:24.794559956 CEST	706	IN	HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://accs-homelog.github.io/ X-GitHub-Request-Id: E868:21837C:1C355D:201217:66F63F67 Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:23 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890087-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414124.802270,VS0,VE9 Vary: Accept-Encoding X-Fastly-Request-ID: c2dcfcd4322add9c0f436bc3912b9b02f13a4d13 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Sep 27, 2024 07:15:24.794694901 CEST	706	IN	HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://accs-homelog.github.io/ X-GitHub-Request-Id: E868:21837C:1C355D:201217:66F63F67 Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:23 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890087-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414124.802270,VS0,VE9 Vary: Accept-Encoding X-Fastly-Request-ID: c2dcfcd4322add9c0f436bc3912b9b02f13a4d13 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Sep 27, 2024 07:15:24.794903040 CEST	706	IN	HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://accs-homelog.github.io/ X-GitHub-Request-Id: E868:21837C:1C355D:201217:66F63F67 Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:23 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890087-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414124.802270,VS0,VE9 Vary: Accept-Encoding X-Fastly-Request-ID: c2dcfcd4322add9c0f436bc3912b9b02f13a4d13 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Sep 27, 2024 07:16:09.796730995 CEST	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49735	185.199.111.153	80	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Sep 27, 2024 07:16:08.413897991 CEST	6	OUT	Data Raw: 00 Data Ascii:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49739	185.199.109.153	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:25 UTC	665	OUT	GET / HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:25 UTC	736	IN	HTTP/1.1 200 OK Connection: close Content-Length: 335895 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sat, 23 Dec 2023 09:47:41 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6586acbd-52017" expires: Fri, 27 Sep 2024 05:25:25 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 90DB:2C7B00:459E40:4C98EC:66F63F6D Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:25 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740071-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414126.796310,VS0,VE34 Vary: Accept-Encoding X-Fastly-Request-ID: e2e8d581cd66e4c64df043ebde13d179e18333a1
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 5f 5f 66 62 2d 6c 69 67 68 74 2d 6d 6f 64 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 43 6f 6d 6d 75 6e 69 74 79 20 53 74 61 6e 64 61 72 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 32 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 Data Ascii: <html class="__fb-light-mode" lang="en"><head><title>Community Standard</title> <link rel="icon" type="image/png" href="img/favicon.ico"> <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=2,shrink-to-fit=no"
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 66 64 73 2d 73 70 65 63 74 72 75 6d 2d 74 65 61 6c 2d 64 61 72 6b 2d 31 29 7d 2e 61 66 64 31 69 64 70 71 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 73 65 2d 67 72 61 70 65 29 7d 2e 61 66 64 7a 79 6c 35 61 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 7d 2e 61 66 77 6d 6c 32 75 69 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 7d 2e 61 66 78 73 70 39 6f 34 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 31 70 78 7d 2e 61 67 65 68 61 6e 32 64 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 30 7d 2e 61 67 Data Ascii: rder-bottom-color:var(--fds-spectrum-teal-dark-1)}.afd1idpq{border-top-color:var(--base-grape)}.afdzyl5a{border-right-color:var(--shadow-1)}.afwml2ui{border-bottom-color:var(--shadow-1)}.afxsp9o4{border-bottom-width:1px}.agehan2d{border-bottom-width:0}.ag
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 2e 6e 37 70 34 35 73 63 31 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 62 61 73 65 2d 63 68 65 72 72 79 29 7d 2e 6e 38 65 6a 33 6f 33 6c 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 77 69 64 74 68 3a 30 7d 2e 6e 61 6c 6d 36 33 6e 78 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 77 61 73 68 29 7d 2e 6e 63 77 6e 6a 76 64 70 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 65 63 6f 6e 64 61 72 79 2d 62 75 74 74 6f 6e 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7d 2e 6e 67 34 6f 65 73 39 77 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 29 7d 2e 6e 69 78 7a 69 36 79 71 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 32 2e 37 35 70 78 Data Ascii: .n7p45sc1{border-top-color:var(--base-cherry)}.n8ej3o3l{border-right-width:0}.nalm63nx{border-bottom-color:var(--wash)}.ncwnjvdp{border-top-color:var(--secondary-button-background)}.ng4oes9w{border-top-color:var(--accent)}.nixzi6yq{border-top-width:2.75px
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 29 7d 2e 6f 6c 33 6f 39 69 7a 64 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 68 69 67 68 6c 69 67 68 74 2d 62 67 29 7d 2e 6f 6d 36 34 32 69 31 77 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 33 30 70 78 7d 2e 6f 6d 66 6a 36 75 35 78 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 7d 2e 6f 6d 75 36 72 6f 62 63 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 3a 74 68 69 6e 7d 2e 6f 6e 61 30 75 76 71 30 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 31 61 31 61 31 61 7d 2e 6f 6f 6e 6d 32 73 72 6d 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 3a 23 66 64 62 33 32 61 7d 2e 6f 6f 71 38 34 35 78 73 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 Data Ascii: )}.ol3o9izd{border-left-color:var(--highlight-bg)}.om642i1w{border-top-width:30px}.omfj6u5x{border-right-style:none}.omu6robc{border-left-width:thin}.ona0uvq0{border-top-color:#1a1a1a}.oonm2srm{border-right-color:#fdb32a}.ooq845xs{border-bottom-color:var(
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 72 37 70 35 73 35 32 7a 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 3a 32 2e 37 35 70 78 7d 2e 72 39 6b 68 67 77 66 72 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 32 2e 35 70 78 7d 2e 72 62 79 71 37 72 67 35 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 77 61 73 68 29 7d 2e 72 65 39 32 67 78 69 35 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 34 31 70 78 7d 2e 72 68 34 70 7a 63 6a 7a 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 76 61 72 28 2d 2d 61 6c 77 61 79 73 2d 77 68 69 74 65 29 2c 2e 33 29 7d 2e 72 68 35 37 31 6f 61 34 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 72 69 6d 61 72 79 2d 74 Data Ascii: :transparent}.r7p5s52z{border-left-width:2.75px}.r9khgwfr{border-top-width:2.5px}.rbyq7rg5{border-left-color:var(--wash)}.re92gxi5{border-top-width:41px}.rh4pzcjz{border-left-color:rgba(var(--always-white),.3)}.rh571oa4{border-bottom-color:var(--primary-t
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 6f 79 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 66 64 73 2d 67 72 65 65 6e 2d 35 35 29 7d 2e 74 34 6c 36 39 72 32 32 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 77 65 62 2d 77 61 73 68 29 7d 2e 74 35 31 73 34 71 73 32 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 6d 65 64 69 61 2d 69 6e 6e 65 72 2d 62 6f 72 64 65 72 29 7d 2e 74 35 39 6f 77 39 64 37 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 2d 70 72 65 73 73 65 64 29 7d 2e 74 35 66 6e 36 71 30 74 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 68 69 67 68 6c 69 67 68 74 2d 62 67 29 7d 2e 74 39 36 79 61 6d 71 34 Data Ascii: oy{border-left-color:var(--fds-green-55)}.t4l69r22{border-right-color:var(--web-wash)}.t51s4qs2{border-top-color:var(--media-inner-border)}.t59ow9d7{border-top-color:var(--primary-button-pressed)}.t5fn6q0t{border-bottom-color:var(--highlight-bg)}.t96yamq4
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 69 77 65 61 74 68 65 72 2c 4f 70 74 69 6d 69 73 74 69 63 20 44 69 73 70 6c 61 79 20 4c 69 67 68 74 2c 73 79 73 74 65 6d 2d 75 69 2c 73 61 6e 73 2d 73 65 72 69 66 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 31 63 63 65 65 36 66 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 34 70 78 7d 2e 61 31 72 6a 65 76 6e 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 66 64 73 2d 62 6c 61 63 6b 2d 61 6c 70 68 61 2d 38 30 29 7d 2e 61 31 77 66 70 39 6b 66 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 38 70 78 7d 2e 61 31 78 75 31 61 61 6f 7b 6d 61 78 2d 77 69 64 74 68 3a 63 61 6c 63 28 31 30 30 25 20 2d 20 76 61 72 28 2d 2d 6d 77 70 2d 6d 65 73 73 61 67 65 2d 6c 69 73 74 2d 61 63 74 69 6f 6e 73 2d 77 69 64 74 68 2c 36 32 70 78 29 20 2d 20 35 70 78 29 7d 2e Data Ascii: iweather,Optimistic Display Light,system-ui,sans-serif!important}.a1ccee6f{min-height:184px}.a1rjevna{background-color:var(--fds-black-alpha-80)}.a1wfp9kf{margin-left:88px}.a1xu1aao{max-width:calc(100% - var(--mwp-message-list-actions-width,62px) - 5px)}.
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 65 66 74 3a 6c 65 66 74 7d 0d 0a 20 20 20 20 20 20 20 20 2e 61 35 79 30 71 66 31 63 7b 2d 77 65 62 6b 69 74 2d 66 69 6c 74 65 72 3a 73 61 74 75 72 61 74 65 28 30 29 7d 0d 0a 20 20 20 20 20 20 20 20 2e 61 35 7a 6a 67 69 79 6b 7b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 6c 69 6e 65 61 72 7d 0d 0a 20 20 20 20 20 20 20 20 2e 6f 30 74 32 65 73 30 30 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 72 65 6d 7d 0d 0a 20 20 20 20 20 20 20 20 2e 6f 30 78 74 33 6e 38 62 7b 6d 61 78 2d 77 69 64 74 68 3a 34 38 30 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 2e 6f 31 33 37 6d 6c 6b 77 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 36 33 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 2e 61 36 34 7a 67 38 71 66 7b 6d 61 78 2d 77 69 64 74 68 3a 33 39 37 70 78 7d 2e Data Ascii: eft:left} .a5y0qf1c{-webkit-filter:saturate(0)} .a5zjgiyk{animation-timing-function:linear} .o0t2es00{font-size:1.3rem} .o0xt3n8b{max-width:480px} .o137mlkw{min-height:63px} .a64zg8qf{max-width:397px}.
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 64 74 68 3a 36 30 30 30 70 78 7d 2e 61 39 63 37 79 34 35 73 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 38 7d 2e 61 39 64 62 73 67 6c 65 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 37 34 38 70 78 7d 2e 61 39 6e 30 34 38 68 78 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 34 34 70 78 7d 2e 61 39 6e 64 6a 70 70 63 7b 77 69 64 74 68 3a 33 35 30 70 78 7d 2e 61 39 72 34 6c 73 31 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 38 30 64 65 67 2c 74 72 61 6e 73 70 61 72 65 6e 74 2c 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 20 31 32 2e 35 25 2c 76 61 72 28 2d 2d 61 6c 77 61 79 73 2d 64 61 72 6b 2d 6f 76 65 72 6c 61 79 29 29 7d 2e 61 39 74 78 64 79 67 67 7b 6d 61 72 67 69 6e 2d 72 69 67 Data Ascii: dth:6000px}.a9c7y45s{border-top-left-radius:8}.a9dbsgle{min-height:748px}.a9n048hx{padding-left:44px}.a9ndjppc{width:350px}.a9r4ls1a{background-image:linear-gradient(180deg,transparent,var(--shadow-1) 12.5%,var(--always-dark-overlay))}.a9txdygg{margin-rig
2024-09-27 05:15:25 UTC	1378	IN	Data Raw: 63 61 6c 63 28 31 30 30 76 77 20 2d 20 33 34 70 78 29 7d 2e 61 6b 76 34 31 64 78 38 7b 2d 2d 54 36 38 37 37 39 38 32 31 3a 30 20 32 70 78 20 34 70 78 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 2c 30 20 31 32 70 78 20 32 38 70 78 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 32 29 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 76 61 72 28 2d 2d 54 36 38 37 37 39 38 32 31 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 32 70 78 20 34 70 78 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 2c 30 20 31 32 70 78 20 32 38 70 78 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 32 29 7d 2e 61 6b 77 7a 36 69 39 6a 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 30 73 7d 2e 61 6b 7a 38 63 71 79 75 7b 6f 70 61 63 69 74 79 3a 2e 33 7d 2e 61 6b 7a 6e Data Ascii: calc(100vw - 34px)}.akv41dx8{--T68779821:0 2px 4px var(--shadow-1),0 12px 28px var(--shadow-2);-webkit-box-shadow:var(--T68779821);box-shadow:0 2px 4px var(--shadow-1),0 12px 28px var(--shadow-2)}.akwz6i9j{transition-duration:0s}.akz8cqyu{opacity:.3}.akzn

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49741	185.199.109.153	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:26 UTC	563	OUT	GET /css/cross/hidden.css HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://accs-homelog.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:26 UTC	732	IN	HTTP/1.1 200 OK Connection: close Content-Length: 12478 Server: GitHub.com Content-Type: text/css; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sat, 23 Dec 2023 09:47:41 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6586acbd-30be" expires: Fri, 27 Sep 2024 05:25:26 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 92DE:D9A24:3DFA98:44F594:66F63F6E Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:26 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740071-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414127.835308,VS0,VE16 Vary: Accept-Encoding X-Fastly-Request-ID: d3364dcf07e085788538e0f016bf9c3707582ab1
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2e 78 31 6c 6b 66 72 37 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 0a 2e 47 61 72 31 69 35 7b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 66 65 32 3b 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 70 78 20 31 30 70 78 20 30 70 78 3b 7d 0a 2e 72 6f 74 30 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 36 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 53 65 67 6f 65 20 55 49 20 48 69 73 74 6f 72 69 63 2c 20 53 65 67 6f 65 20 55 49 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 31 37 36 35 3b Data Ascii: .x1lkfr7t{font-size:14px}.Gar1i5{border-top: 1px solid #dddfe2;padding: 10px 0px 10px 0px;}.rot0o{margin-top: 6px;font-size: 14px;font-weight: 400;color: #000000;font-family: Segoe UI Historic, Segoe UI, Helvetica, Arial, sans-serif;line-height: 1.1765;
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 32 39 34 31 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 6d 65 64 69 75 6d 2d 6d 61 78 2d 77 69 64 74 68 3a 37 30 30 70 78 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 6d 65 64 69 75 6d 2d 77 69 64 74 68 3a 31 30 30 25 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 73 6d 61 6c 6c 2d 6d 61 78 2d 77 69 64 74 68 3a 35 34 38 70 78 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 73 6d 61 6c 6c 2d 77 69 64 74 68 3a 31 30 30 25 3b 2d 2d 64 61 74 61 76 69 7a 2d 70 72 69 6d 61 72 79 2d 32 3a 72 67 62 28 31 33 34 2c 32 31 38 2c 32 35 35 29 3b 2d 2d 64 61 74 61 76 69 7a 2d 70 72 69 6d 61 72 79 2d 33 3a 72 67 62 28 39 35 2c 31 37 30 2c 32 35 35 29 3b 2d 2d 64 61 74 61 76 69 7a 2d 73 65 63 6f 6e 64 61 72 79 2d 31 3a 72 67 62 28 31 31 38 2c 36 32 2c 32 33 30 29 3b 2d 2d 64 Data Ascii: 2941;--dialog-size-medium-max-width:700px;--dialog-size-medium-width:100%;--dialog-size-small-max-width:548px;--dialog-size-small-width:100%;--dataviz-primary-2:rgb(134,218,255);--dataviz-primary-3:rgb(95,170,255);--dataviz-secondary-1:rgb(118,62,230);--d
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 65 72 3a 30 2e 37 35 3b 2d 2d 74 65 78 74 2d 69 6e 70 75 74 2d 6c 61 62 65 6c 2d 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 2d 2d 74 65 78 74 2d 69 6e 70 75 74 2d 6c 61 62 65 6c 2d 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 39 34 31 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 6d 65 64 69 75 6d 2d 6d 61 78 2d 77 69 64 74 68 3a 37 30 30 70 78 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 6d 65 64 69 75 6d 2d 77 69 64 74 68 3a 31 30 30 25 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 73 6d 61 6c 6c 2d 6d 61 78 2d 77 69 64 74 68 3a 35 34 38 70 78 3b 2d 2d 64 69 61 6c 6f 67 2d 73 69 7a 65 2d 73 6d 61 6c 6c 2d 77 69 64 74 68 3a 31 30 30 25 3b 2d 2d 64 61 74 61 76 69 7a 2d 70 72 69 6d 61 72 79 2d 32 3a 72 67 62 28 31 33 34 2c 32 31 38 2c 32 35 35 29 3b 2d Data Ascii: er:0.75;--text-input-label-font-weight:400;--text-input-label-line-height:1.2941;--dialog-size-medium-max-width:700px;--dialog-size-medium-width:100%;--dialog-size-small-max-width:548px;--dialog-size-small-width:100%;--dataviz-primary-2:rgb(134,218,255);-
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 35 35 2c 20 32 35 35 2c 20 30 2e 34 29 3b 2d 2d 66 64 73 2d 77 68 69 74 65 2d 61 6c 70 68 61 2d 35 30 3a 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 35 29 3b 2d 2d 66 64 73 2d 77 68 69 74 65 2d 61 6c 70 68 61 2d 36 30 3a 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 36 29 3b 2d 2d 66 64 73 2d 77 68 69 74 65 2d 61 6c 70 68 61 2d 38 30 3a 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 38 29 3b 2d 2d 66 64 73 2d 79 65 6c 6c 6f 77 2d 32 30 3a 23 46 46 42 41 30 30 3b 2d 2d 61 63 63 65 6e 74 3a 23 30 38 36 36 46 46 3b 2d 2d 61 6c 77 61 79 73 2d 77 68 69 74 65 3a 23 46 46 46 46 46 46 3b 2d 2d 61 6c 77 61 79 73 2d 62 6c 61 63 6b 3a 62 6c 61 63 6b 3b 2d 2d 61 6c 77 61 79 73 2d 64 61 72 6b 2d 67 72 61 64 Data Ascii: 55, 255, 0.4);--fds-white-alpha-50:rgba(255, 255, 255, 0.5);--fds-white-alpha-60:rgba(255, 255, 255, 0.6);--fds-white-alpha-80:rgba(255, 255, 255, 0.8);--fds-yellow-20:#FFBA00;--accent:#0866FF;--always-white:#FFFFFF;--always-black:black;--always-dark-grad
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 73 28 39 36 25 29 20 63 6f 6e 74 72 61 73 74 28 31 30 31 25 29 3b 2d 2d 66 69 6c 74 65 72 2d 61 6c 77 61 79 73 2d 77 68 69 74 65 3a 69 6e 76 65 72 74 28 31 30 30 25 29 3b 2d 2d 66 69 6c 74 65 72 2d 64 69 73 61 62 6c 65 64 2d 69 63 6f 6e 3a 69 6e 76 65 72 74 28 38 30 25 29 20 73 65 70 69 61 28 36 25 29 20 73 61 74 75 72 61 74 65 28 32 30 30 25 29 20 73 61 74 75 72 61 74 65 28 31 32 30 25 29 20 68 75 65 2d 72 6f 74 61 74 65 28 31 37 33 64 65 67 29 20 62 72 69 67 68 74 6e 65 73 73 28 39 38 25 29 20 63 6f 6e 74 72 61 73 74 28 38 39 25 29 3b 2d 2d 66 69 6c 74 65 72 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2d 69 63 6f 6e 3a 69 6e 76 65 72 74 28 35 39 25 29 20 73 65 70 69 61 28 31 31 25 29 20 73 61 74 75 72 61 74 65 28 32 30 30 25 29 20 73 61 74 75 72 61 74 65 28 31 Data Ascii: s(96%) contrast(101%);--filter-always-white:invert(100%);--filter-disabled-icon:invert(80%) sepia(6%) saturate(200%) saturate(120%) hue-rotate(173deg) brightness(98%) contrast(89%);--filter-placeholder-icon:invert(59%) sepia(11%) saturate(200%) saturate(1
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 25 29 20 63 6f 6e 74 72 61 73 74 28 39 36 25 29 3b 2d 2d 66 6f 63 75 73 2d 72 69 6e 67 2d 62 6c 75 65 3a 23 30 38 36 36 46 46 3b 2d 2d 67 6c 69 6d 6d 65 72 2d 73 70 69 6e 6e 65 72 2d 69 63 6f 6e 3a 23 36 35 36 37 36 42 3b 2d 2d 68 65 72 6f 2d 62 61 6e 6e 65 72 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 46 46 46 3b 2d 2d 68 6f 73 74 65 64 2d 76 69 65 77 2d 73 65 6c 65 63 74 65 64 2d 73 74 61 74 65 3a 23 45 42 46 35 46 46 3b 2d 2d 68 69 67 68 6c 69 67 68 74 2d 62 67 3a 23 45 37 46 33 46 46 3b 2d 2d 68 6f 76 65 72 2d 6f 76 65 72 6c 61 79 3a 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 30 35 29 3b 2d 2d 6c 69 73 74 2d 63 65 6c 6c 2d 63 68 65 76 72 6f 6e 3a 23 36 35 36 37 36 42 3b 2d 2d 6d 65 64 69 61 2d 68 6f 76 65 72 3a 72 67 62 61 28 36 38 2c 20 37 Data Ascii: %) contrast(96%);--focus-ring-blue:#0866FF;--glimmer-spinner-icon:#65676B;--hero-banner-background:#FFFFFF;--hosted-view-selected-state:#EBF5FF;--highlight-bg:#E7F3FF;--hover-overlay:rgba(0, 0, 0, 0.05);--list-cell-chevron:#65676B;--media-hover:rgba(68, 7
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 38 36 36 46 46 3b 2d 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 2d 69 63 6f 6e 3a 23 46 46 46 46 46 46 3b 2d 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 2d 70 72 65 73 73 65 64 3a 23 37 37 41 37 46 46 3b 2d 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 2d 74 65 78 74 3a 23 46 46 46 46 46 46 3b 2d 2d 70 72 69 6d 61 72 79 2d 64 65 65 6d 70 68 61 73 69 7a 65 64 2d 62 75 74 74 6f 6e 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 42 46 35 46 46 3b 2d 2d 70 72 69 6d 61 72 79 2d 64 65 65 6d 70 68 61 73 69 7a 65 64 2d 62 75 74 74 6f 6e 2d 70 72 65 73 73 65 64 3a 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 30 35 29 3b 2d 2d 70 72 69 6d 61 72 79 2d 64 65 65 6d 70 68 61 73 69 7a 65 64 2d 62 75 74 74 6f 6e 2d 70 72 65 73 73 Data Ascii: -background:#0866FF;--primary-button-icon:#FFFFFF;--primary-button-pressed:#77A7FF;--primary-button-text:#FFFFFF;--primary-deemphasized-button-background:#EBF5FF;--primary-deemphasized-button-pressed:rgba(0, 0, 0, 0.05);--primary-deemphasized-button-press
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 20 30 2c 20 30 2e 31 29 3b 2d 2d 73 68 61 64 6f 77 2d 32 3a 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 73 68 61 64 6f 77 2d 35 3a 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 35 29 3b 2d 2d 73 68 61 64 6f 77 2d 38 3a 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 38 29 3b 2d 2d 73 68 61 64 6f 77 2d 69 6e 73 65 74 3a 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 35 29 3b 2d 2d 73 68 61 64 6f 77 2d 65 6c 65 76 61 74 65 64 3a 30 20 38 70 78 20 32 30 70 78 20 30 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 2c 20 30 20 32 70 78 20 34 70 78 20 30 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 29 3b 2d 2d 73 68 61 64 6f 77 2d 70 65 72 73 69 73 74 65 6e 74 3a 30 70 78 20 30 70 78 20 31 32 70 78 20 72 Data Ascii: 0, 0.1);--shadow-2:rgba(0, 0, 0, 0.2);--shadow-5:rgba(0, 0, 0, 0.5);--shadow-8:rgba(0, 0, 0, 0.8);--shadow-inset:rgba(255, 255, 255, 0.5);--shadow-elevated:0 8px 20px 0 rgba(0, 0, 0, 0.2), 0 2px 4px 0 rgba(0, 0, 0, 0.1);--shadow-persistent:0px 0px 12px r
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 68 65 69 67 68 74 2d 6c 61 72 67 65 3a 34 30 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 68 65 69 67 68 74 2d 6d 65 64 69 75 6d 3a 33 36 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 70 61 64 64 69 6e 67 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 6c 61 72 67 65 3a 31 36 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 70 61 64 64 69 6e 67 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2d 6d 65 64 69 75 6d 3a 31 36 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 69 63 6f 6e 2d 70 61 64 64 69 6e 67 2d 6c 61 72 67 65 3a 31 36 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 69 63 6f 6e 2d 70 61 64 64 69 6e 67 2d 6d 65 64 69 75 6d 3a 31 36 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 69 6e 6e 65 72 2d 69 63 6f 6e 2d 73 70 61 63 69 6e 67 2d 6c 61 72 67 65 3a 33 70 78 3b 2d 2d 62 75 74 74 6f 6e 2d 69 6e 6e 65 Data Ascii: px;--button-height-large:40px;--button-height-medium:36px;--button-padding-horizontal-large:16px;--button-padding-horizontal-medium:16px;--button-icon-padding-large:16px;--button-icon-padding-medium:16px;--button-inner-icon-spacing-large:3px;--button-inne
2024-09-27 05:15:26 UTC	76	IN	Data Raw: 70 74 69 6d 69 73 74 69 63 20 44 69 73 70 6c 61 79 20 42 6f 6c 64 2c 20 73 79 73 74 65 6d 2d 75 69 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 2d 2d 68 65 61 64 6c 69 6e 65 31 2d 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65 6d 3b Data Ascii: ptimistic Display Bold, system-ui, sans-serif;--headline1-font-size:1.75rem;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49742	185.199.109.153	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:26 UTC	565	OUT	GET /css/cross/hidden_2.css HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://accs-homelog.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:26 UTC	734	IN	HTTP/1.1 200 OK Connection: close Content-Length: 573319 Server: GitHub.com Content-Type: text/css; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sat, 23 Dec 2023 09:47:41 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6586acbd-8bf87" expires: Fri, 27 Sep 2024 05:25:26 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 7B77:11E2E:376D02:3E67DB:66F63F6D Accept-Ranges: bytes Age: 0 Date: Fri, 27 Sep 2024 05:15:26 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740026-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414127.849760,VS0,VE51 Vary: Accept-Encoding X-Fastly-Request-ID: 1bdb690cea82920dbf5b87c9e82eda53e1f6c220
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 66 6f 72 6d 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 6c 61 62 65 6c 7b 63 6f 6c 6f 72 3a 23 36 30 36 37 37 30 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 6c 61 62 65 6c 20 69 6e 70 75 74 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 7d 74 65 78 74 61 72 65 61 2c 2e 69 6e 70 75 74 74 65 78 74 2c 2e 69 6e 70 75 74 70 61 73 73 77 6f 72 64 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 64 30 64 35 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 33 70 78 7d 74 65 78 74 61 72 Data Ascii: form{margin:0;padding:0}label{color:#606770;cursor:default;font-weight:600;vertical-align:middle}label input{font-weight:normal}textarea,.inputtext,.inputpassword{-webkit-appearance:none;border:1px solid #ccd0d5;border-radius:0;margin:0;padding:3px}textar
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 62 75 74 74 6f 6e 7b 6d 61 72 67 69 6e 3a 30 7d 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 74 64 2c 74 64 2e 6c 61 62 65 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 64 64 7b 63 6f 6c 6f 72 3a 23 30 30 30 7d 64 74 7b 63 6f 6c 6f 72 3a 23 36 30 36 37 37 30 7d 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 61 62 62 72 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 68 72 7b 62 61 63 6b 67 72 6f 75 6e Data Ascii: sor:pointer;text-decoration:none}button{margin:0}a:hover{text-decoration:underline}img{border:0}td,td.label{text-align:left}dd{color:#000}dt{color:#606770}ul{list-style-type:none;margin:0;padding:0}abbr{border-bottom:none;text-decoration:none}hr{backgroun
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2e 68 6f 6d 65 20 23 63 6f 6e 74 65 6e 74 2c 2e 73 65 61 72 63 68 20 23 63 6f 6e 74 65 6e 74 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 36 30 30 70 78 7d 2e 55 49 53 74 61 6e 64 61 72 64 46 72 61 6d 65 5f 43 6f 6e 74 61 69 6e 65 72 7b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 30 70 78 3b 77 69 64 74 68 3a 39 36 30 70 78 7d 2e 55 49 53 74 61 6e 64 61 72 64 46 72 61 6d 65 5f 43 6f 6e 74 65 6e 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 77 69 64 74 68 3a 37 36 30 70 78 7d 2e 55 49 53 74 61 6e 64 61 72 64 46 72 61 6d 65 5f 53 69 64 65 62 61 72 41 64 73 7b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 77 69 64 74 68 3a 32 30 30 70 Data Ascii: .home #content,.search #content{min-height:600px}.UIStandardFrame_Container{margin:0 auto;padding-top:20px;width:960px}.UIStandardFrame_Content{float:left;margin:0;padding:0;width:760px}.UIStandardFrame_SidebarAds{float:right;margin:0;padding:0;width:200p
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 69 6e 3a 30 7d 2e 5f 37 31 70 6e 20 2e 5f 35 65 32 68 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 34 70 78 3b 70 61 64 64 69 6e 67 3a 30 20 31 32 70 78 7d 2e 5f 37 31 70 6e 20 2e 5f 35 65 32 6b 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6d 6d 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 29 3b 62 6f 72 64 65 72 3a 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 38 70 78 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 78 74 29 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 68 65 69 67 68 74 3a 32 34 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 5f 37 31 70 6e 20 2e 5f 34 34 32 5f 7b 70 61 64 64 69 6e 67 2d 62 Data Ascii: in:0}._71pn ._5e2h{line-height:24px;padding:0 12px}._71pn ._5e2k{background-color:var(--comment-background);border:0;border-radius:18px;color:var(--secondary-text);font-size:12px;font-weight:600;height:24px;max-width:100%;padding:0}._71pn ._442_{padding-b
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2e 5f 37 31 70 6e 20 2e 5f 34 73 78 67 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 70 78 7d 2e 5f 37 31 70 6e 20 2e 5f 33 5f 71 6c 7b 6d 61 72 67 69 6e 3a 30 7d 2e 5f 37 31 70 6e 20 2e 5f 33 5f 71 6d 7b 2d 77 65 62 6b 69 74 2d 66 69 6c 74 65 72 3a 73 61 74 75 72 61 74 65 28 30 29 3b 6d 61 72 67 69 6e 3a 32 70 78 20 30 20 30 20 33 70 78 7d 2e 5f 37 31 70 6e 20 2e 5f 33 5f 71 6f 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 70 78 7d 2e 5f 37 31 70 6e 20 2e 5f 36 39 34 77 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 61 72 67 69 6e 3a 30 20 31 36 70 78 20 34 70 78 20 31 36 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a Data Ascii: ._71pn ._4sxg{align-items:center;display:flex;margin-left:8px}._71pn ._3_ql{margin:0}._71pn ._3_qm{-webkit-filter:saturate(0);margin:2px 0 0 3px}._71pn ._3_qo{margin-left:8px}._71pn ._694w{align-items:center;display:flex;margin:0 16px 4px 16px;min-height:
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 2e 5f 37 31 70 6e 20 2e 5f 32 2d 35 68 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2d 69 63 6f 6e 29 7d 2e 5f 37 31 70 6e 20 2e 5f 36 39 67 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6d 6d 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7d 2e 5f 37 31 70 6e 20 2e 5f 31 33 78 6b 7b 70 61 64 64 69 6e 67 3a 34 70 78 20 31 36 70 78 7d 2e 5f 37 31 70 6e 20 2e 5f 31 6d 32 6c 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 37 68 6c 71 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 37 6d 74 67 7b 63 6f Data Ascii: ;vertical-align:middle}._71pn ._2-5h{color:var(--placeholder-icon)}._71pn ._69g3{background-color:var(--comment-background)}._71pn ._13xk{padding:4px 16px}._71pn ._1m2l{color:var(--secondary-text)}._71pn ._7hlq{color:var(--secondary-text)}._71pn ._7mtg{co
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2d 64 61 72 6b 2d 6d 6f 64 65 20 2e 5f 37 31 70 6e 20 2e 5f 35 72 35 6e 7b 2d 77 65 62 6b 69 74 2d 66 69 6c 74 65 72 3a 76 61 72 28 2d 2d 66 69 6c 74 65 72 2d 70 72 69 6d 61 72 79 2d 69 63 6f 6e 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 72 35 6c 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 72 69 6d 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 72 35 6d 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 73 65 63 6f 6e 64 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 72 39 79 2e 5f 34 2d 75 38 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 63 61 72 64 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 72 39 79 2e 5f 34 2d 75 32 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 5f 37 31 70 6e 20 Data Ascii: -dark-mode ._71pn ._5r5n{-webkit-filter:var(--filter-primary-icon)}._71pn ._5r5l{color:var(--primary-text)}._71pn ._5r5m{color:var(--secondary-text)}._71pn ._5r9y._4-u8{background:var(--card-background)}._71pn ._5r9y._4-u2{border-color:transparent}._71pn
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 34 2d 69 30 2c 2e 5f 37 31 70 6e 20 2e 5f 34 2d 69 32 2c 2e 5f 37 31 70 6e 20 2e 5f 35 61 38 75 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 61 72 64 2d 62 61 63 6b 67 72 6f 75 6e 64 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 64 69 76 69 64 65 72 29 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 72 69 6d 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 34 74 32 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 61 72 64 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 32 63 39 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 70 72 69 6d 61 72 79 2d 74 65 78 74 29 7d 2e 5f 37 31 70 6e 20 2e 5f 35 31 2d 75 20 2e 5f 35 30 7a 79 7b 2d 77 65 62 6b 69 74 2d 66 69 6c 74 65 Data Ascii: 4-i0,._71pn ._4-i2,._71pn ._5a8u{background-color:var(--card-background);border-color:var(--divider);color:var(--primary-text)}._71pn ._4t2a{background-color:var(--card-background)}._71pn ._52c9{color:var(--primary-text)}._71pn ._51-u ._50zy{-webkit-filte
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 68 35 2c 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 68 36 2c 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 7d 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 62 75 74 74 6f 6e 2c 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 69 6e 70 75 74 2c 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 6c 61 62 65 6c 2c 23 66 61 63 65 62 6f 6f 6b 20 2e 73 79 73 74 65 6d 2d 66 6f 6e 74 73 2d 2d 62 6f 64 79 20 73 65 6c 65 63 74 2c 23 66 61 63 65 62 6f 6f Data Ascii: -fonts--body h5,#facebook .system-fonts--body h6,#facebook .system-fonts--body p{font-family:inherit}#facebook .system-fonts--body button,#facebook .system-fonts--body input,#facebook .system-fonts--body label,#facebook .system-fonts--body select,#faceboo
2024-09-27 05:15:26 UTC	1378	IN	Data Raw: 61 64 6f 77 2d 69 6e 73 65 74 29 7d 2e 78 31 30 62 36 61 71 71 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 36 70 78 7d 2e 78 31 30 66 35 6e 77 63 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 31 70 78 20 76 61 72 28 2d 2d 73 68 61 64 6f 77 2d 31 29 7d 2e 78 31 30 6c 36 74 71 6b 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 78 31 30 77 36 74 39 37 7b 68 65 69 67 68 74 3a 33 32 70 78 7d 2e 78 31 30 77 68 39 62 69 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 78 31 30 77 6a 64 31 64 7b 68 65 69 67 68 74 3a 35 30 70 78 7d 2e 78 31 30 77 6c 74 36 32 7b 6f 76 65 72 66 6c 6f 77 2d 79 3a 68 69 64 64 65 6e 7d 2e 78 31 31 30 6c 73 6d 77 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 Data Ascii: adow-inset)}.x10b6aqq{padding-bottom:6px}.x10f5nwc{box-shadow:0 0 0 1px var(--shadow-1)}.x10l6tqk{position:absolute}.x10w6t97{height:32px}.x10wh9bi{margin-top:0!important}.x10wjd1d{height:50px}.x10wlt62{overflow-y:hidden}.x110lsmw{border-bottom-left-radiu

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49745	157.240.252.13	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:28 UTC	617	OUT	GET /rsrc.php/v3/yW/r/AFgIDquDCzO.png HTTP/1.1 Host: static.xx.fbcdn.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://accs-homelog.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:29 UTC	1142	IN	HTTP/1.1 404 Not Found Vary: Accept-Encoding x-fatal-request: static.xx.fbcdn.net Edge-Control: cache-maxage=10m Pragma: no-cache Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT timing-allow-origin: * reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/" report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-security-policy: default-src data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1: 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src data: blob: 'self' https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; document-policy: force-load-at-top
2024-09-27 05:15:29 UTC	1164	IN	Data Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
2024-09-27 05:15:29 UTC	2956	IN	Data Raw: 50 72 6f 78 79 2d 53 74 61 74 75 73 3a 20 68 74 74 70 5f 72 65 71 75 65 73 74 5f 65 72 72 6f 72 3b 20 65 5f 70 72 6f 78 79 3d 22 41 63 4a 64 4b 48 4a 35 35 63 56 6e 41 59 78 77 5f 34 68 68 56 68 69 34 54 4d 6f 58 68 51 75 54 6f 4a 66 37 68 4b 6f 4c 4b 74 35 65 64 37 41 49 72 73 57 33 6d 42 58 52 42 61 4e 42 46 6e 47 58 67 6c 47 5a 42 75 42 49 47 33 6b 72 6a 79 53 71 75 43 78 72 22 3b 20 65 5f 66 62 5f 62 69 6e 61 72 79 76 65 72 73 69 6f 6e 3d 22 41 63 4b 73 59 57 38 67 37 4f 6f 61 70 59 69 50 65 4e 6b 58 46 74 44 39 68 6f 73 33 65 68 74 78 6e 36 6a 71 5a 67 6d 54 46 36 7a 70 55 33 78 4e 6a 5f 41 55 66 6f 79 35 68 57 64 53 52 6d 44 7a 33 7a 4a 70 6f 2d 33 58 79 35 47 63 32 4c 71 74 56 70 72 34 41 54 57 30 43 57 4e 6c 59 63 79 5f 34 71 73 22 3b 20 65 5f 66 Data Ascii: Proxy-Status: http_request_error; e_proxy="AcJdKHJ55cVnAYxw_4hhVhi4TMoXhQuToJf7hKoLKt5ed7AIrsW3mBXRBaNBFnGXglGZBuBIG3krjySquCxr"; e_fb_binaryversion="AcKsYW8g7OoapYiPeNkXFtD9hos3ehtxn6jqZgmTF6zpU3xNj_AUfoy5hWdSRmDz3zJpo-3Xy5Gc2LqtVpr4ATW0CWNlYcy_4qs"; e_f

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49743	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:28 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 05:15:28 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=41446 Date: Fri, 27 Sep 2024 05:15:28 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49749	185.199.109.153	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:29 UTC	604	OUT	GET /img/favicon.ico HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://accs-homelog.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:29 UTC	733	IN	HTTP/1.1 200 OK Connection: close Content-Length: 5430 Server: GitHub.com Content-Type: image/vnd.microsoft.icon permissions-policy: interest-cohort=() Last-Modified: Sat, 23 Dec 2023 09:47:41 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6586acbd-1536" expires: Fri, 27 Sep 2024 05:25:29 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: CE32:184F04:3FEF58:46EAA6:66F63F71 Accept-Ranges: bytes Date: Fri, 27 Sep 2024 05:15:29 GMT Via: 1.1 varnish Age: 0 X-Served-By: cache-ewr-kewr1740042-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727414130.567059,VS0,VE27 Vary: Accept-Encoding X-Fastly-Request-ID: 10ac1be98f9634b163fa37fd31e641c9b8ae1888
2024-09-27 05:15:29 UTC	1378	IN	Data Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 a0 ff f3 ec cf ff ff ff ff ff ff ff ff ff 66 08 df ff 67 09 90 ff 64 08 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 65 07 90 ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 09 90 ff 70 10 10 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 66 07 cf ff 66 08 ff ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff Data Ascii: h& ( h ffgd@`efffffep`fffffff
2024-09-27 05:15:29 UTC	1378	IN	Data Raw: ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ec e0 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 07 ef ff 67 09 90 ff 68 08 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 65 07 90 ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ec e0 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 09 90 ff 70 10 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 df ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 Data Ascii: ffffegh `effffffffffeph fffff
2024-09-27 05:15:29 UTC	1378	IN	Data Raw: 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 79 27 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b2 83 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 67 08 9f ff 66 07 cf ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 79 27 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff d8 c1 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 07 cf ff 65 07 ef ff 66 08 ff ff 66 08 ff ff Data Ascii: ffffy'ffffffffgffffffffy'fffffffffeff
2024-09-27 05:15:29 UTC	1296	IN	Data Raw: ff 66 08 ff ff 66 08 ff ff 65 09 90 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff b3 84 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 9f 64 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 68 08 20 00 00 00 00 00 00 00 00 00 00 00 00 ff 66 07 8f ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff b3 84 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 9f 64 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 Data Ascii: ffeh fffffffffffdffffffh ffffffffffffdffff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49748	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:29 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 05:15:29 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=41391 Date: Fri, 27 Sep 2024 05:15:29 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-27 05:15:29 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49750	185.199.111.153	443	2852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 05:15:30 UTC	361	OUT	GET /img/favicon.ico HTTP/1.1 Host: accs-homelog.github.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 05:15:31 UTC	731	IN	HTTP/1.1 200 OK Connection: close Content-Length: 5430 Server: GitHub.com Content-Type: image/vnd.microsoft.icon permissions-policy: interest-cohort=() Last-Modified: Sat, 23 Dec 2023 09:47:41 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6586acbd-1536" expires: Fri, 27 Sep 2024 05:25:29 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: CE32:184F04:3FEF58:46EAA6:66F63F71 Accept-Ranges: bytes Date: Fri, 27 Sep 2024 05:15:31 GMT Via: 1.1 varnish Age: 1 X-Served-By: cache-ewr-kewr1740071-EWR X-Cache: HIT X-Cache-Hits: 1 X-Timer: S1727414131.014163,VS0,VE1 Vary: Accept-Encoding X-Fastly-Request-ID: 0968f640303c04c440d4702db2b2a21cc38ee1b5
2024-09-27 05:15:31 UTC	1378	IN	Data Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 a0 ff f3 ec cf ff ff ff ff ff ff ff ff ff 66 08 df ff 67 09 90 ff 64 08 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 65 07 90 ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 09 90 ff 70 10 10 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 66 07 cf ff 66 08 ff ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff Data Ascii: h& ( h ffgd@`efffffep`fffffff
2024-09-27 05:15:31 UTC	1378	IN	Data Raw: ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ec e0 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 07 ef ff 67 09 90 ff 68 08 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 60 00 10 ff 65 07 90 ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff eb e0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ec e0 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 65 09 90 ff 70 10 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 df ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 Data Ascii: ffffegh `effffffffffeph fffff
2024-09-27 05:15:31 UTC	1378	IN	Data Raw: 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 79 27 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b2 83 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 67 08 9f ff 66 07 cf ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 79 27 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff d8 c1 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 07 cf ff 65 07 ef ff 66 08 ff ff 66 08 ff ff Data Ascii: ffffy'ffffffffgffffffffy'fffffffffeff
2024-09-27 05:15:31 UTC	1296	IN	Data Raw: ff 66 08 ff ff 66 08 ff ff 65 09 90 00 00 00 00 00 00 00 00 ff 68 08 20 ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff b3 84 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 9f 64 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 68 08 20 00 00 00 00 00 00 00 00 00 00 00 00 ff 66 07 8f ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff b3 84 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 9f 64 ff ff 66 08 ff ff 66 08 ff ff 66 08 ff ff 66 08 Data Ascii: ffeh fffffffffffdffffffh ffffffffffffdffff

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 8, Parent PID: 772

General

Target ID:	0
Start time:	01:15:16
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2852, Parent PID: 8

General

Target ID:	2
Start time:	01:15:19
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2028,i,9282736922343624635,9867241186984207605,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6352, Parent PID: 772

General

Target ID:	3
Start time:	01:15:21
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://accs-homelog.github.io/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly