Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://adflowtube.com

Overview

General Information

Sample URL:http://adflowtube.com
Analysis ID:1583497
Infos:

Detection

Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Suricata IDS alerts for network traffic
AI detected suspicious URL
Detected non-DNS traffic on DNS port

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3492 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2216,i,16429256832727744806,8385367764721246391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://adflowtube.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-02T21:00:10.128542+010020582641Exploit Kit Activity Detected192.168.2.4587151.1.1.153UDP
2025-01-02T21:00:10.129102+010020582641Exploit Kit Activity Detected192.168.2.4555491.1.1.153UDP
2025-01-02T21:00:10.141501+010020582641Exploit Kit Activity Detected192.168.2.4591491.1.1.153UDP
2025-01-02T21:00:10.141642+010020582641Exploit Kit Activity Detected192.168.2.4622231.1.1.153UDP
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-02T21:00:11.225461+010020582661Exploit Kit Activity Detected192.168.2.449741188.114.96.3443TCP
2025-01-02T21:00:12.878880+010020582661Exploit Kit Activity Detected192.168.2.449744188.114.96.3443TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: http://adflowtube.comAvira URL Cloud: detection malicious, Label: malware
Antivirus detection for URL or domain
Source: https://adflowtube.com/favicon.icoAvira URL Cloud: Label: malware

Phishing

barindex
AI detected suspicious URL
Source: URLJoe Sandbox AI: AI detected Brand spoofing attempt in URL: http://adflowtube.com
Source: URLJoe Sandbox AI: AI detected Typosquatting in URL: http://adflowtube.com

Networking

barindex
Suricata IDS alerts for network traffic
Source: Network trafficSuricata IDS: 2058264 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com) : 192.168.2.4:62223 -> 1.1.1.1:53
Source: Network trafficSuricata IDS: 2058266 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in TLS SNI (adflowtube .com) : 192.168.2.4:49741 -> 188.114.96.3:443
Source: Network trafficSuricata IDS: 2058266 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in TLS SNI (adflowtube .com) : 192.168.2.4:49744 -> 188.114.96.3:443
Source: Network trafficSuricata IDS: 2058264 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com) : 192.168.2.4:55549 -> 1.1.1.1:53
Source: Network trafficSuricata IDS: 2058264 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com) : 192.168.2.4:59149 -> 1.1.1.1:53
Source: Network trafficSuricata IDS: 2058264 - Severity 1 - ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com) : 192.168.2.4:58715 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.4:62157 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: adflowtube.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: adflowtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: adflowtube.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknownHTTP traffic detected: POST /report/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 395Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 02 Jan 2025 20:00:13 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 0Connection: closereferrer-policy: no-referrerCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8fbd55811bbe42c8-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1689&min_rtt=1680&rtt_var=649&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=1128&delivery_rate=1662870&cwnd=225&unsent_bytes=0&cid=c376c966e8d9358b&ts=564&x=0"
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 62206 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62206
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: classification engineClassification label: mal68.win@17/0@8/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2216,i,16429256832727744806,8385367764721246391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://adflowtube.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2216,i,16429256832727744806,8385367764721246391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://adflowtube.com100%Avira URL Cloudmalware

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://adflowtube.com/favicon.ico100%Avira URL Cloudmalware

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    		high
    www.google.com
    		142.250.181.228
    		truefalse
      		high
      adflowtube.com
      		188.114.96.3
      		truetrue
        		unknown

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://adflowtube.com/favicon.icotrue
        • Avira URL Cloud: malware
        		unknown
        https://a.nel.cloudflare.com/report/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3Dfalse
          		high
          https://adflowtube.com/false
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            142.250.181.228
            		www.google.comUnited States
            		15169GOOGLEUSfalse
            188.114.96.3
            		adflowtube.comEuropean Union
            		13335CLOUDFLARENETUStrue
            35.190.80.1
            		a.nel.cloudflare.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.4
            192.168.2.5

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1583497
            Start date and time:2025-01-02 20:59:12 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 49s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:http://adflowtube.com
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:8
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal68.win@17/0@8/6
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0

            Warnings

            • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 216.58.212.131, 142.250.185.110, 74.125.206.84, 142.250.185.238, 216.58.212.174, 142.250.186.78, 199.232.214.172, 192.229.221.95, 142.250.181.238, 142.250.186.174, 172.217.16.206, 142.251.41.14, 74.125.0.137, 142.250.185.67, 184.28.90.27, 4.245.163.56, 13.107.246.45
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, r4.sn-ab5l6nk6.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, r4---sn-ab5l6nk6.gvt1.com, update.googleapis.com, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • VT rate limit hit for: http://adflowtube.com

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            No created / dropped files found

            Static File Info

            No static file info

            Network Behavior

            Suricata IDS Alerts

            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
            2025-01-02T21:00:10.128542+01002058264ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com)1192.168.2.4587151.1.1.153UDP
            2025-01-02T21:00:10.129102+01002058264ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com)1192.168.2.4555491.1.1.153UDP
            2025-01-02T21:00:10.141501+01002058264ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com)1192.168.2.4591491.1.1.153UDP
            2025-01-02T21:00:10.141642+01002058264ET EXPLOIT_KIT Redirect to TOAD Domain in DNS Lookup (adflowtube .com)1192.168.2.4622231.1.1.153UDP
            2025-01-02T21:00:11.225461+01002058266ET EXPLOIT_KIT Redirect to TOAD Domain in TLS SNI (adflowtube .com)1192.168.2.449741188.114.96.3443TCP
            2025-01-02T21:00:12.878880+01002058266ET EXPLOIT_KIT Redirect to TOAD Domain in TLS SNI (adflowtube .com)1192.168.2.449744188.114.96.3443TCP

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Jan 2, 2025 21:00:05.898587942 CET49675443192.168.2.4173.222.162.32
            Jan 2, 2025 21:00:08.795641899 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:08.795680046 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:08.795752048 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:08.795938015 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:08.795952082 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.432029009 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.432796001 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:09.432841063 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.433867931 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.433943987 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:09.435132027 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:09.435205936 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.489283085 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:09.489304066 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:09.536164045 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:10.152334929 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.152384996 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.152446985 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.153053045 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.153065920 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.690593004 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.731494904 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.755090952 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.755100012 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.756114960 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.756171942 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763444901 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763478041 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763516903 CET44349740188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.763546944 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763571978 CET49740443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763843060 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.763886929 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:10.763942003 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.764415026 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:10.764434099 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.225040913 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.225461006 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.225482941 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.226429939 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.226484060 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.227417946 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.227483034 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.227777004 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.227876902 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.274847031 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.861905098 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.861970901 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.862165928 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.862606049 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.862627029 CET44349741188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.862637997 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.862692118 CET49741443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.919176102 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.919210911 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:11.919311047 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.919765949 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:11.919780970 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.405313015 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.405565977 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.405596018 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.406476021 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.406532049 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.406812906 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.406826019 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.406869888 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.406872034 CET44349743188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.407004118 CET49743443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.407162905 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.407211065 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.407268047 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.407454967 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.407466888 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.875591993 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.878880024 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.878897905 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.879194975 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.880326033 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.880384922 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:12.880481005 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:12.923329115 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:13.427664042 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:13.427725077 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:13.427788019 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:13.428412914 CET49744443192.168.2.4188.114.96.3
            Jan 2, 2025 21:00:13.428436041 CET44349744188.114.96.3192.168.2.4
            Jan 2, 2025 21:00:13.436707973 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.436757088 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.436830997 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.437064886 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.437079906 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.897634029 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.897994041 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.898029089 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.898893118 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.898951054 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.899928093 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.899986982 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.900170088 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:13.900180101 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:13.942152977 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.022260904 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.022320032 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.022373915 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.022706032 CET49745443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.022723913 CET4434974535.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.023363113 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.023416996 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.023478031 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.023741961 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.023751020 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.479677916 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.479959011 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.479985952 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.480283976 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.480573893 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.480624914 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.480700970 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.523334980 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.607562065 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.607620955 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:14.607676983 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.607958078 CET49746443192.168.2.435.190.80.1
            Jan 2, 2025 21:00:14.607975960 CET4434974635.190.80.1192.168.2.4
            Jan 2, 2025 21:00:19.352983952 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:19.353053093 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:19.353104115 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:21.305618048 CET49738443192.168.2.4142.250.181.228
            Jan 2, 2025 21:00:21.305645943 CET44349738142.250.181.228192.168.2.4
            Jan 2, 2025 21:00:27.246170998 CET6215753192.168.2.41.1.1.1
            Jan 2, 2025 21:00:27.251018047 CET53621571.1.1.1192.168.2.4
            Jan 2, 2025 21:00:27.251089096 CET6215753192.168.2.41.1.1.1
            Jan 2, 2025 21:00:27.251117945 CET6215753192.168.2.41.1.1.1
            Jan 2, 2025 21:00:27.255867004 CET53621571.1.1.1192.168.2.4
            Jan 2, 2025 21:00:27.695699930 CET53621571.1.1.1192.168.2.4
            Jan 2, 2025 21:00:27.696346045 CET6215753192.168.2.41.1.1.1
            Jan 2, 2025 21:00:27.701391935 CET53621571.1.1.1192.168.2.4
            Jan 2, 2025 21:00:27.701467037 CET6215753192.168.2.41.1.1.1
            Jan 2, 2025 21:01:08.849422932 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:08.849448919 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:08.849508047 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:08.849775076 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:08.849785089 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:09.580457926 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:09.580838919 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:09.580852032 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:09.581207991 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:09.581561089 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:09.581629992 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:09.629316092 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:13.692634106 CET4972480192.168.2.42.22.50.144
            Jan 2, 2025 21:01:13.692641973 CET4972380192.168.2.42.22.50.144
            Jan 2, 2025 21:01:13.697691917 CET80497242.22.50.144192.168.2.4
            Jan 2, 2025 21:01:13.697747946 CET4972480192.168.2.42.22.50.144
            Jan 2, 2025 21:01:13.697835922 CET80497232.22.50.144192.168.2.4
            Jan 2, 2025 21:01:13.697886944 CET4972380192.168.2.42.22.50.144
            Jan 2, 2025 21:01:19.473392963 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:19.473447084 CET44362206142.250.181.228192.168.2.4
            Jan 2, 2025 21:01:19.473500013 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:21.304234028 CET62206443192.168.2.4142.250.181.228
            Jan 2, 2025 21:01:21.304248095 CET44362206142.250.181.228192.168.2.4

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Jan 2, 2025 21:00:05.077202082 CET53492771.1.1.1192.168.2.4
            Jan 2, 2025 21:00:05.104765892 CET53640031.1.1.1192.168.2.4
            Jan 2, 2025 21:00:06.172213078 CET53591111.1.1.1192.168.2.4
            Jan 2, 2025 21:00:08.787228107 CET6185253192.168.2.41.1.1.1
            Jan 2, 2025 21:00:08.787348032 CET6262453192.168.2.41.1.1.1
            Jan 2, 2025 21:00:08.794265985 CET53626241.1.1.1192.168.2.4
            Jan 2, 2025 21:00:08.794985056 CET53618521.1.1.1192.168.2.4
            Jan 2, 2025 21:00:10.128541946 CET5871553192.168.2.41.1.1.1
            Jan 2, 2025 21:00:10.129101992 CET5554953192.168.2.41.1.1.1
            Jan 2, 2025 21:00:10.139517069 CET53555491.1.1.1192.168.2.4
            Jan 2, 2025 21:00:10.141500950 CET5914953192.168.2.41.1.1.1
            Jan 2, 2025 21:00:10.141642094 CET6222353192.168.2.41.1.1.1
            Jan 2, 2025 21:00:10.149739981 CET53591491.1.1.1192.168.2.4
            Jan 2, 2025 21:00:10.151853085 CET53622231.1.1.1192.168.2.4
            Jan 2, 2025 21:00:10.162321091 CET53587151.1.1.1192.168.2.4
            Jan 2, 2025 21:00:13.429371119 CET5405353192.168.2.41.1.1.1
            Jan 2, 2025 21:00:13.429522991 CET5997253192.168.2.41.1.1.1
            Jan 2, 2025 21:00:13.436088085 CET53599721.1.1.1192.168.2.4
            Jan 2, 2025 21:00:13.436223984 CET53540531.1.1.1192.168.2.4
            Jan 2, 2025 21:00:23.203242064 CET53570671.1.1.1192.168.2.4
            Jan 2, 2025 21:00:25.291872978 CET138138192.168.2.4192.168.2.255
            Jan 2, 2025 21:00:27.245748043 CET53510621.1.1.1192.168.2.4
            Jan 2, 2025 21:01:04.639664888 CET53651301.1.1.1192.168.2.4

            ICMP Packets

            TimestampSource IPDest IPChecksumCodeType
            Jan 2, 2025 21:00:10.162375927 CET192.168.2.41.1.1.1c204(Port unreachable)Destination Unreachable

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Jan 2, 2025 21:00:08.787228107 CET192.168.2.41.1.1.10x2395Standard query (0)www.google.comA (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:08.787348032 CET192.168.2.41.1.1.10x2a60Standard query (0)www.google.com65IN (0x0001)false
            Jan 2, 2025 21:00:10.128541946 CET192.168.2.41.1.1.10x10e6Standard query (0)adflowtube.comA (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.129101992 CET192.168.2.41.1.1.10x752eStandard query (0)adflowtube.com65IN (0x0001)false
            Jan 2, 2025 21:00:10.141500950 CET192.168.2.41.1.1.10x2e0cStandard query (0)adflowtube.comA (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.141642094 CET192.168.2.41.1.1.10x7620Standard query (0)adflowtube.com65IN (0x0001)false
            Jan 2, 2025 21:00:13.429371119 CET192.168.2.41.1.1.10x9693Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:13.429522991 CET192.168.2.41.1.1.10x5380Standard query (0)a.nel.cloudflare.com65IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Jan 2, 2025 21:00:08.794265985 CET1.1.1.1192.168.2.40x2a60No error (0)www.google.com65IN (0x0001)false
            Jan 2, 2025 21:00:08.794985056 CET1.1.1.1192.168.2.40x2395No error (0)www.google.com142.250.181.228A (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.139517069 CET1.1.1.1192.168.2.40x752eNo error (0)adflowtube.com65IN (0x0001)false
            Jan 2, 2025 21:00:10.149739981 CET1.1.1.1192.168.2.40x2e0cNo error (0)adflowtube.com188.114.96.3A (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.149739981 CET1.1.1.1192.168.2.40x2e0cNo error (0)adflowtube.com188.114.97.3A (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.151853085 CET1.1.1.1192.168.2.40x7620No error (0)adflowtube.com65IN (0x0001)false
            Jan 2, 2025 21:00:10.162321091 CET1.1.1.1192.168.2.40x10e6No error (0)adflowtube.com188.114.96.3A (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:10.162321091 CET1.1.1.1192.168.2.40x10e6No error (0)adflowtube.com188.114.97.3A (IP address)IN (0x0001)false
            Jan 2, 2025 21:00:13.436223984 CET1.1.1.1192.168.2.40x9693No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false

            HTTP Request Dependency Graph

            • adflowtube.com
            • a.nel.cloudflare.com

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            0192.168.2.449741188.114.96.34433492C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-02 20:00:11 UTC657OUTGET / HTTP/1.1
            Host: adflowtube.com
            Connection: keep-alive
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
            Sec-Fetch-Site: none
            Sec-Fetch-Mode: navigate
            Sec-Fetch-User: ?1
            Sec-Fetch-Dest: document
            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
            sec-ch-ua-mobile: ?0
            sec-ch-ua-platform: "Windows"
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-02 20:00:11 UTC818INHTTP/1.1 200 OK
            Date: Thu, 02 Jan 2025 20:00:11 GMT
            Content-Type: text/plain; charset=UTF-8
            Content-Length: 0
            Connection: close
            referrer-policy: no-referrer
            cf-cache-status: DYNAMIC
            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMumyqqFF9v1B38imj%2FISNbMnvaiDylkK3pCtKnc0fyfvqbr3qjOADyWvNdS%2B1VNIrchNfAcLgkOXYmTPqbmcwqqUP4IU%2BrbZ%2Bmd3NXJbXMvKTsJ62nSe47x%2F1fG%2FuJnzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
            Server: cloudflare
            CF-RAY: 8fbd55769f9117ad-EWR
            alt-svc: h3=":443"; ma=86400
            server-timing: cfL4;desc="?proto=TCP&rtt=1650&min_rtt=1642&rtt_var=632&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=1235&delivery_rate=1707602&cwnd=171&unsent_bytes=0&cid=8d4ed4455aabcaa9&ts=646&x=0"


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            1192.168.2.449744188.114.96.34433492C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-02 20:00:12 UTC550OUTGET /favicon.ico HTTP/1.1
            Host: adflowtube.com
            Connection: keep-alive
            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
            sec-ch-ua-mobile: ?0
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            sec-ch-ua-platform: "Windows"
            Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
            Sec-Fetch-Site: same-origin
            Sec-Fetch-Mode: no-cors
            Sec-Fetch-Dest: image
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-02 20:00:13 UTC857INHTTP/1.1 404 Not Found
            Date: Thu, 02 Jan 2025 20:00:13 GMT
            Content-Type: text/plain; charset=UTF-8
            Content-Length: 0
            Connection: close
            referrer-policy: no-referrer
            Cache-Control: max-age=14400
            CF-Cache-Status: EXPIRED
            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
            Server: cloudflare
            CF-RAY: 8fbd55811bbe42c8-EWR
            alt-svc: h3=":443"; ma=86400
            server-timing: cfL4;desc="?proto=TCP&rtt=1689&min_rtt=1680&rtt_var=649&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=1128&delivery_rate=1662870&cwnd=225&unsent_bytes=0&cid=c376c966e8d9358b&ts=564&x=0"


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            2192.168.2.44974535.190.80.14433492C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-02 20:00:13 UTC545OUTOPTIONS /report/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3D HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Origin: https://adflowtube.com
            Access-Control-Request-Method: POST
            Access-Control-Request-Headers: content-type
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-02 20:00:14 UTC336INHTTP/1.1 200 OK
            Content-Length: 0
            access-control-max-age: 86400
            access-control-allow-methods: POST, OPTIONS
            access-control-allow-origin: *
            access-control-allow-headers: content-length, content-type
            date: Thu, 02 Jan 2025 20:00:13 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            3192.168.2.44974635.190.80.14433492C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-02 20:00:14 UTC488OUTPOST /report/v4?s=2MJFiIVODYRcESYWftigeGA9rouvVxq2zvx%2BmMRS%2BrUXUIaeiQE5ts%2F5av20kzmeENtEOndYfSJqmvn%2BVxABle%2BzgalaS5ux%2F87y1sCSpldX2Jm%2BNDtwdAwKCKRF8NdjqQ%3D%3D HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Content-Length: 395
            Content-Type: application/reports+json
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-02 20:00:14 UTC395OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 35 30 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 38 38 2e 31 31 34 2e 39 36 2e 33 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 64 66 6c 6f 77 74 75 62 65 2e 63 6f 6d 2f 66
            Data Ascii: [{"age":0,"body":{"elapsed_time":1509,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"188.114.96.3","status_code":404,"type":"http.error"},"type":"network-error","url":"https://adflowtube.com/f
            2025-01-02 20:00:14 UTC168INHTTP/1.1 200 OK
            Content-Length: 0
            date: Thu, 02 Jan 2025 20:00:14 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:0
            Start time:15:00:01
            Start date:02/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff76e190000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:2
            Start time:15:00:03
            Start date:02/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2216,i,16429256832727744806,8385367764721246391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff76e190000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:3
            Start time:15:00:09
            Start date:02/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://adflowtube.com"
            Imagebase:0x7ff76e190000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            Disassembly

            No disassembly