Edit tour

Windows Analysis Report
http://jennadewanunwrapped.net

Overview

General Information

Sample URL:http://jennadewanunwrapped.net
Analysis ID:1584797
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected non-DNS traffic on DNS port
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 3300 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 5852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1952,i,13221501935238290709,10592016373701980767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 6552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://jennadewanunwrapped.net" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: http://jennadewanunwrapped.netSlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Source: global trafficTCP traffic: 192.168.2.10:52453 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.55
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: jennadewanunwrapped.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: jennadewanunwrapped.net
Source: global trafficDNS traffic detected: DNS query: korter-bartor.org
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknownHTTP traffic detected: POST /report/v4?s=jQPt8MCqE8ppeCCCh3SLdHB7i0RNA%2BXp5W2fh01pWhIumOr9plbY6oGJisqWSuDs0Ln6kmVzvfWjOh8banNxeBMEVUI2OWirzhKZklUnGdeeSleXn72VPiQ7QfUsUdqgHtjld1soiK1YIw%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 420Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: chromecache_57.4.drString found in binary or memory: https://korter-bartor.org/App/Views/Requests/
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52462 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52462
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: classification engineClassification label: mal48.win@22/8@25/6
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1952,i,13221501935238290709,10592016373701980767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://jennadewanunwrapped.net"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1952,i,13221501935238290709,10592016373701980767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1584797 URL: http://jennadewanunwrapped.net Startdate: 06/01/2025 Architecture: WINDOWS Score: 48 15 korter-bartor.org 2->15 29 Antivirus / Scanner detection for submitted sample 2->29 7 chrome.exe 9 2->7         started        10 chrome.exe 2->10         started        signatures3 process4 dnsIp5 17 192.168.2.10, 138, 443, 49730 unknown unknown 7->17 19 192.168.2.7 unknown unknown 7->19 21 239.255.255.250 unknown Reserved 7->21 12 chrome.exe 7->12         started        process6 dnsIp7 23 www.google.com 216.58.206.68, 443, 49730, 52462 GOOGLEUS United States 12->23 25 a.nel.cloudflare.com 35.190.80.1, 443, 49761, 49763 GOOGLEUS United States 12->25 27 4 other IPs or domains 12->27

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
http://jennadewanunwrapped.net0%Avira URL Cloudsafe
http://jennadewanunwrapped.net100%SlashNextCredential Stealing type: Phishing & Social Engineering
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://korter-bartor.org/App/Views/Requests/0%Avira URL Cloudsafe
https://jennadewanunwrapped.net/0%Avira URL Cloudsafe

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
142.250.186.174
truefalse
    high
    a.nel.cloudflare.com
    35.190.80.1
    truefalse
      high
      www.google.com
      216.58.206.68
      truefalse
        high
        jennadewanunwrapped.net
        188.114.96.3
        truefalse
          unknown
          korter-bartor.org
          unknown
          unknownfalse
            high
            NameMaliciousAntivirus DetectionReputation
            https://jennadewanunwrapped.net/false
            • Avira URL Cloud: safe
            unknown
            NameSourceMaliciousAntivirus DetectionReputation
            https://korter-bartor.org/App/Views/Requests/chromecache_57.4.drfalse
            • Avira URL Cloud: safe
            unknown
            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs
            IPDomainCountryFlagASNASN NameMalicious
            216.58.206.68
            www.google.comUnited States
            15169GOOGLEUSfalse
            239.255.255.250
            unknownReserved
            unknownunknownfalse
            188.114.97.3
            unknownEuropean Union
            13335CLOUDFLARENETUSfalse
            35.190.80.1
            a.nel.cloudflare.comUnited States
            15169GOOGLEUSfalse
            IP
            192.168.2.7
            192.168.2.10
            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1584797
            Start date and time:2025-01-06 14:32:18 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 50s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:http://jennadewanunwrapped.net
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:13
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal48.win@22/8@25/6
            • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, Sgrmuserer.exe, conhost.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.251.173.84, 216.58.206.78, 142.250.185.238, 142.250.181.238, 2.22.50.144, 172.217.16.206, 142.250.185.78, 142.251.35.174, 74.125.0.74, 142.250.184.227, 13.107.246.60, 184.28.90.27, 20.12.23.50
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, r5.sn-t0aedn7e.gvt1.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, r5---sn-t0aedn7e.gvt1.com, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • VT rate limit hit for: http://jennadewanunwrapped.net
            No simulations
            No context
            No context
            No context
            No context
            No context
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 12:33:14 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2673
            Entropy (8bit):3.981631202169437
            Encrypted:false
            SSDEEP:48:8SmbdITMSHkidAKZdA1uehwiZUklqehRy+3:8SpwGey
            MD5:D65145BC0BFEF866F3A535043C5D6D39
            SHA1:16A544AC1CD2930685D90BD15C51FD1F1DF5707D
            SHA-256:DDCD139236E64B80D80C940ED110805ED602FDCDA6421CA4CAAB69853CAB952D
            SHA-512:9289BE2B73EF94924D07597BBCD151166CBAE90165987278CDE35AF756DC60C1651E0611A440FF8D35DABA718BA5DDBAEA00CCFE074C7690418BF445E954FFB5
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.... .z.?`......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V&Z(l....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 12:33:14 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2675
            Entropy (8bit):3.996936507994152
            Encrypted:false
            SSDEEP:48:8ImbdITMSHkidAKZdA1Heh/iZUkAQkqehOy+2:8Ipww9Qjy
            MD5:4CEEF5405E1CF3AB8C6121B4A8C05092
            SHA1:E1C7D36926A2E37D9AD2D7E94DAB7BF627BFE783
            SHA-256:203AEA4EC2AB1BB369B9E11F2364241346DEF44F07C285AB18249B6A3566BC6E
            SHA-512:2F383C454ADB7D54465AE6893FEE47628AAC74FDBBAED674230BC83F14953344713270C5116A4D0C9761456665F45A8893D5534B82768F9BA9DD14339A89D65B
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......n.?`......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V&Z(l....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 08:59:33 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2689
            Entropy (8bit):4.006172680946936
            Encrypted:false
            SSDEEP:48:8FmbdITMbHkidAKZdA149eh7sFiZUkmgqeh7soy+BX:8FpwHnyy
            MD5:1127D4240308FB38636D32405A278C45
            SHA1:266FD97B2D7E7C0B6936D72EB1FC478B2C49AF14
            SHA-256:79C56C076BE9204F27E8A442B758ADF535F486B961EB9B100841D8CE0E1EED53
            SHA-512:4DE2B72D16FE36CF1825604583966001C7CE8BBCB81D46E77232C40C6B13BC40E1081AFCA33391029B8A503FB4FCD72B3FE2A6D54D9EF2C49D79D1BD7D563F80
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....K..r.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VEW.L....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 12:33:14 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.9950263483716744
            Encrypted:false
            SSDEEP:48:8QmbdITMSHkidAKZdA14ehDiZUkwqehKy+R:8QpwrAy
            MD5:8D0A5A370377EAE2CF736F782156F5F8
            SHA1:28FB3128DF3C291E97A0B1FA9ED2F9A84AA842CF
            SHA-256:1C466C8B55773F04E1310C8E5F302C1B27FF1453624F3103BCBBB30A48260C1E
            SHA-512:8A9B7ADF7E647B64C9FD225915D9A1A967284F426C5C51D1A3223C05A58701E3948F2E66EBED0DE623DD5556785107873C6FB7005396641B4C062717FDCF498D
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......g.?`......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V&Z(l....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 12:33:14 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.983251887720001
            Encrypted:false
            SSDEEP:48:8embdITMSHkidAKZdA1mehBiZUk1W1qehMy+C:8epwb9sy
            MD5:152B12CE79B3EC0FCE5224CE68D714C8
            SHA1:99BFC4D86CE0618A9B514901215D5897525D74F3
            SHA-256:100F5B26C003D0B3478DDD2DE35A4279A99CF8C1B6353915697B3D6E682196C4
            SHA-512:0596BEEF085A3C818F55A8B4800289915EB1C097C0DDC2DB0D9D7D71A3365F98B66B0198C6BF8F1FB637A9E7EB0995DD12E51AE912A3E86E2386B4BC068A7815
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......u.?`......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V&Z(l....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 6 12:33:14 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.996587588795539
            Encrypted:false
            SSDEEP:48:8TmbdITMSHkidAKZdA1duT1ehOuTbbiZUk5OjqehOuTbyy+yT+:8Tpw6TyTbxWOvTbyy7T
            MD5:36B048C153EDEDA850AB24F2596C8B32
            SHA1:8DC641CC09C022CF5A943A7B848244BACCF41E10
            SHA-256:13850E50CADAA0E734FF3491B3A68922DDB43E8C817C2978EB7DC8529425D26C
            SHA-512:83925CD80C9A28FA3CA6486443BDA946FD2346FEA98C2A2EB805C767604B9AAD7E8D3EBD71DFCDF87EF428BAD935B063B1137E4E1CD8D606FF86D8A06F60CFD5
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....;.^.?`......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW$O..PROGRA~1..t......O.I&Z%l....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V&Z%l....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.L..Chrome..>......CW.V&Z%l....M......................k..C.h.r.o.m.e.....`.1.....EW.L..APPLIC~1..H......CW.V&Z%l...........................k..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V&Z(l....N.......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........<{.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text, with CRLF, LF line terminators
            Category:downloaded
            Size (bytes):184
            Entropy (8bit):5.016717269823738
            Encrypted:false
            SSDEEP:3:PouVKQMB3tR4/toAcMBzEHjJqhJu+1zWagXRbHOJcr93AKFNTcWWGLv:h4QW3tu/0MOqhJVCaHJcp3AKF6fGLv
            MD5:0BF690ABEAEC869A1A2A629D80D8CECE
            SHA1:83F990AA8D103D79717C2F429D339E003893106A
            SHA-256:474DF52BDB2396F2B26302350E2C7D1C19F9106F43B65D4E942124134B48F490
            SHA-512:61F49EBFC52FE1C04B939C2D4B5869BE74D903019BA2F3F5D179BA37F46F8453A093C2FDD069AF67906135AAE7A01A70E8D92A216CC7FB2FEA1351374F4C2F57
            Malicious:false
            Reputation:low
            URL:https://jennadewanunwrapped.net/
            Preview:<!DOCTYPE html>..<html>..<head>...<title></title>..</head>..<body>..<meta http-equiv="Refresh" content="0; url='https://korter-bartor.org/App/Views/Requests/'" />..</body>..</html>....
            No static file info

            Download Network PCAP: filteredfull

            • Total Packets: 120
            • 443 (HTTPS)
            • 53 (DNS)
            TimestampSource PortDest PortSource IPDest IP
            Jan 6, 2025 14:33:02.895003080 CET49671443192.168.2.10204.79.197.203
            Jan 6, 2025 14:33:05.098165989 CET49674443192.168.2.10173.222.162.55
            Jan 6, 2025 14:33:05.098187923 CET49675443192.168.2.10173.222.162.55
            Jan 6, 2025 14:33:05.301265001 CET49671443192.168.2.10204.79.197.203
            Jan 6, 2025 14:33:10.113765955 CET49671443192.168.2.10204.79.197.203
            Jan 6, 2025 14:33:10.563591957 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:11.051337004 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:11.848202944 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:13.144460917 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:14.768841982 CET49674443192.168.2.10173.222.162.55
            Jan 6, 2025 14:33:14.768865108 CET49675443192.168.2.10173.222.162.55
            Jan 6, 2025 14:33:15.550101042 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:16.434706926 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:16.434746981 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:16.434827089 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:16.435062885 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:16.435081959 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.085874081 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.086236000 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:17.086249113 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.087291002 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.087357044 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:17.091939926 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:17.092015028 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.269545078 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:17.269560099 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:17.316426992 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:18.599350929 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:18.599389076 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:18.599459887 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:18.600064993 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:18.600080013 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.067859888 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.068164110 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.068192005 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.069271088 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.069324017 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.070625067 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.070667982 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.070691109 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.070760012 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.070772886 CET44349747188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.070785046 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.070822001 CET49747443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.071317911 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.071352959 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.071415901 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.071618080 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.071630955 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.542290926 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.542589903 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.542603016 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.543731928 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.543817043 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.545159101 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.545231104 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.545401096 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.545411110 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.598030090 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.724704027 CET49671443192.168.2.10204.79.197.203
            Jan 6, 2025 14:33:19.777625084 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.777734041 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.777929068 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.779331923 CET49748443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.779350042 CET44349748188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.859730959 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.859766960 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:19.859862089 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.860259056 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:19.860277891 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.042741060 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.042773008 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.042834997 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.043174028 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.043188095 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.329648018 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.331172943 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.331202984 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.332289934 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.332355976 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.335761070 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.335786104 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.335846901 CET44349755188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.335941076 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.335975885 CET49755443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.336420059 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.336457968 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.336882114 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.337321043 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.337332964 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.364530087 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:20.500524998 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.500824928 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.500854015 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.501929045 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.502047062 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.503294945 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.503375053 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.503483057 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.503490925 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.550806999 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.625986099 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.626239061 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.626312017 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.626610041 CET49761443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.626629114 CET4434976135.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.632543087 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.632594109 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.632726908 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.634032965 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:20.634047985 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:20.794753075 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.795068979 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.795099974 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.795449972 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.795870066 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:20.795924902 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:20.848618031 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:21.091430902 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.091723919 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.091753960 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.092159033 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.092583895 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.092648983 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.092773914 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.135345936 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.219249964 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.219369888 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.219561100 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.219620943 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.219643116 CET4434976335.190.80.1192.168.2.10
            Jan 6, 2025 14:33:21.219652891 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:21.219691992 CET49763443192.168.2.1035.190.80.1
            Jan 6, 2025 14:33:26.992391109 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:26.992448092 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:26.992496967 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:27.693057060 CET49730443192.168.2.10216.58.206.68
            Jan 6, 2025 14:33:27.693094969 CET44349730216.58.206.68192.168.2.10
            Jan 6, 2025 14:33:29.971834898 CET49677443192.168.2.1020.42.65.85
            Jan 6, 2025 14:33:35.703744888 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:35.703808069 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:35.703900099 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:37.693309069 CET49762443192.168.2.10188.114.97.3
            Jan 6, 2025 14:33:37.693315029 CET44349762188.114.97.3192.168.2.10
            Jan 6, 2025 14:33:55.152157068 CET5245353192.168.2.101.1.1.1
            Jan 6, 2025 14:33:55.156970978 CET53524531.1.1.1192.168.2.10
            Jan 6, 2025 14:33:55.157160044 CET5245353192.168.2.101.1.1.1
            Jan 6, 2025 14:33:55.157250881 CET5245353192.168.2.101.1.1.1
            Jan 6, 2025 14:33:55.162035942 CET53524531.1.1.1192.168.2.10
            Jan 6, 2025 14:33:55.601644993 CET53524531.1.1.1192.168.2.10
            Jan 6, 2025 14:33:55.602597952 CET5245353192.168.2.101.1.1.1
            Jan 6, 2025 14:33:55.607642889 CET53524531.1.1.1192.168.2.10
            Jan 6, 2025 14:33:55.607712984 CET5245353192.168.2.101.1.1.1
            Jan 6, 2025 14:34:16.489335060 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:16.489372015 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:16.489440918 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:16.489790916 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:16.489803076 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:17.131695032 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:17.132075071 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:17.132091999 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:17.132385015 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:17.132709980 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:17.132767916 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:17.175375938 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:27.042434931 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:27.042516947 CET44352462216.58.206.68192.168.2.10
            Jan 6, 2025 14:34:27.042661905 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:27.693979979 CET52462443192.168.2.10216.58.206.68
            Jan 6, 2025 14:34:27.694011927 CET44352462216.58.206.68192.168.2.10
            TimestampSource PortDest PortSource IPDest IP
            Jan 6, 2025 14:33:12.937117100 CET53644851.1.1.1192.168.2.10
            Jan 6, 2025 14:33:12.944314003 CET53655281.1.1.1192.168.2.10
            Jan 6, 2025 14:33:14.186053991 CET53646121.1.1.1192.168.2.10
            Jan 6, 2025 14:33:16.426678896 CET5295753192.168.2.101.1.1.1
            Jan 6, 2025 14:33:16.426872015 CET5907253192.168.2.101.1.1.1
            Jan 6, 2025 14:33:16.433516026 CET53529571.1.1.1192.168.2.10
            Jan 6, 2025 14:33:16.433640957 CET53590721.1.1.1192.168.2.10
            Jan 6, 2025 14:33:18.541179895 CET5311553192.168.2.101.1.1.1
            Jan 6, 2025 14:33:18.541364908 CET5300253192.168.2.101.1.1.1
            Jan 6, 2025 14:33:18.555932999 CET53531151.1.1.1192.168.2.10
            Jan 6, 2025 14:33:18.556746960 CET53530021.1.1.1192.168.2.10
            Jan 6, 2025 14:33:18.563334942 CET6324353192.168.2.101.1.1.1
            Jan 6, 2025 14:33:18.563553095 CET6540453192.168.2.101.1.1.1
            Jan 6, 2025 14:33:18.598350048 CET53654041.1.1.1192.168.2.10
            Jan 6, 2025 14:33:18.598604918 CET53632431.1.1.1192.168.2.10
            Jan 6, 2025 14:33:19.854911089 CET5386753192.168.2.101.1.1.1
            Jan 6, 2025 14:33:19.855252981 CET6143453192.168.2.101.1.1.1
            Jan 6, 2025 14:33:19.863790035 CET53538671.1.1.1192.168.2.10
            Jan 6, 2025 14:33:19.869996071 CET53614341.1.1.1192.168.2.10
            Jan 6, 2025 14:33:19.870425940 CET5646853192.168.2.101.1.1.1
            Jan 6, 2025 14:33:19.885423899 CET53564681.1.1.1192.168.2.10
            Jan 6, 2025 14:33:19.981167078 CET5901453192.168.2.108.8.8.8
            Jan 6, 2025 14:33:19.981441021 CET5704253192.168.2.101.1.1.1
            Jan 6, 2025 14:33:19.988522053 CET53570421.1.1.1192.168.2.10
            Jan 6, 2025 14:33:19.989605904 CET53590148.8.8.8192.168.2.10
            Jan 6, 2025 14:33:20.034908056 CET5407853192.168.2.101.1.1.1
            Jan 6, 2025 14:33:20.035453081 CET5841453192.168.2.101.1.1.1
            Jan 6, 2025 14:33:20.041836977 CET53540781.1.1.1192.168.2.10
            Jan 6, 2025 14:33:20.042191029 CET53584141.1.1.1192.168.2.10
            Jan 6, 2025 14:33:21.037014961 CET5360953192.168.2.101.1.1.1
            Jan 6, 2025 14:33:21.037247896 CET5740653192.168.2.101.1.1.1
            Jan 6, 2025 14:33:21.046684980 CET53574061.1.1.1192.168.2.10
            Jan 6, 2025 14:33:21.052079916 CET53536091.1.1.1192.168.2.10
            Jan 6, 2025 14:33:26.090131998 CET6330253192.168.2.101.1.1.1
            Jan 6, 2025 14:33:26.090564013 CET5401153192.168.2.101.1.1.1
            Jan 6, 2025 14:33:26.098680019 CET53633021.1.1.1192.168.2.10
            Jan 6, 2025 14:33:26.105488062 CET53540111.1.1.1192.168.2.10
            Jan 6, 2025 14:33:26.125595093 CET5315053192.168.2.101.1.1.1
            Jan 6, 2025 14:33:26.140844107 CET53531501.1.1.1192.168.2.10
            Jan 6, 2025 14:33:26.143098116 CET5373453192.168.2.101.1.1.1
            Jan 6, 2025 14:33:26.143385887 CET6089853192.168.2.101.1.1.1
            Jan 6, 2025 14:33:26.158138990 CET53608981.1.1.1192.168.2.10
            Jan 6, 2025 14:33:26.158410072 CET53537341.1.1.1192.168.2.10
            Jan 6, 2025 14:33:31.155220032 CET53554281.1.1.1192.168.2.10
            Jan 6, 2025 14:33:50.089855909 CET53582971.1.1.1192.168.2.10
            Jan 6, 2025 14:33:55.151393890 CET53497561.1.1.1192.168.2.10
            Jan 6, 2025 14:33:56.180887938 CET5597953192.168.2.101.1.1.1
            Jan 6, 2025 14:33:56.181070089 CET6495653192.168.2.101.1.1.1
            Jan 6, 2025 14:33:56.195210934 CET53649561.1.1.1192.168.2.10
            Jan 6, 2025 14:33:56.196650028 CET53559791.1.1.1192.168.2.10
            Jan 6, 2025 14:33:56.197244883 CET5529553192.168.2.101.1.1.1
            Jan 6, 2025 14:33:56.213258982 CET53552951.1.1.1192.168.2.10
            Jan 6, 2025 14:34:08.135543108 CET138138192.168.2.10192.168.2.255
            Jan 6, 2025 14:34:11.160979986 CET5026253192.168.2.101.1.1.1
            Jan 6, 2025 14:34:11.279722929 CET53502621.1.1.1192.168.2.10
            Jan 6, 2025 14:34:12.498774052 CET53607471.1.1.1192.168.2.10
            Jan 6, 2025 14:34:25.567295074 CET6351453192.168.2.101.1.1.1
            Jan 6, 2025 14:34:25.575910091 CET53635141.1.1.1192.168.2.10
            TimestampSource IPDest IPChecksumCodeType
            Jan 6, 2025 14:33:19.870073080 CET192.168.2.101.1.1.1c23f(Port unreachable)Destination Unreachable
            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Jan 6, 2025 14:33:16.426678896 CET192.168.2.101.1.1.10x55acStandard query (0)www.google.comA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:16.426872015 CET192.168.2.101.1.1.10x4ce4Standard query (0)www.google.com65IN (0x0001)false
            Jan 6, 2025 14:33:18.541179895 CET192.168.2.101.1.1.10x754bStandard query (0)jennadewanunwrapped.netA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:18.541364908 CET192.168.2.101.1.1.10x60eStandard query (0)jennadewanunwrapped.net65IN (0x0001)false
            Jan 6, 2025 14:33:18.563334942 CET192.168.2.101.1.1.10xe75eStandard query (0)jennadewanunwrapped.netA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:18.563553095 CET192.168.2.101.1.1.10xa742Standard query (0)jennadewanunwrapped.net65IN (0x0001)false
            Jan 6, 2025 14:33:19.854911089 CET192.168.2.101.1.1.10xa9a1Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.855252981 CET192.168.2.101.1.1.10xecfStandard query (0)korter-bartor.org65IN (0x0001)false
            Jan 6, 2025 14:33:19.870425940 CET192.168.2.101.1.1.10xaff5Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.981167078 CET192.168.2.108.8.8.80x416cStandard query (0)google.comA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.981441021 CET192.168.2.101.1.1.10x572Standard query (0)google.comA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:20.034908056 CET192.168.2.101.1.1.10x34e6Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:20.035453081 CET192.168.2.101.1.1.10x5250Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
            Jan 6, 2025 14:33:21.037014961 CET192.168.2.101.1.1.10xf57dStandard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:21.037247896 CET192.168.2.101.1.1.10xde02Standard query (0)korter-bartor.org65IN (0x0001)false
            Jan 6, 2025 14:33:26.090131998 CET192.168.2.101.1.1.10xed57Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.090564013 CET192.168.2.101.1.1.10x9259Standard query (0)korter-bartor.org65IN (0x0001)false
            Jan 6, 2025 14:33:26.125595093 CET192.168.2.101.1.1.10xdb07Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.143098116 CET192.168.2.101.1.1.10x612Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.143385887 CET192.168.2.101.1.1.10x755dStandard query (0)korter-bartor.org65IN (0x0001)false
            Jan 6, 2025 14:33:56.180887938 CET192.168.2.101.1.1.10xcaabStandard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:56.181070089 CET192.168.2.101.1.1.10x6050Standard query (0)korter-bartor.org65IN (0x0001)false
            Jan 6, 2025 14:33:56.197244883 CET192.168.2.101.1.1.10xa46cStandard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:34:11.160979986 CET192.168.2.101.1.1.10x1763Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            Jan 6, 2025 14:34:25.567295074 CET192.168.2.101.1.1.10x6fc0Standard query (0)korter-bartor.orgA (IP address)IN (0x0001)false
            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Jan 6, 2025 14:33:16.433516026 CET1.1.1.1192.168.2.100x55acNo error (0)www.google.com216.58.206.68A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:16.433640957 CET1.1.1.1192.168.2.100x4ce4No error (0)www.google.com65IN (0x0001)false
            Jan 6, 2025 14:33:18.555932999 CET1.1.1.1192.168.2.100x754bNo error (0)jennadewanunwrapped.net188.114.96.3A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:18.555932999 CET1.1.1.1192.168.2.100x754bNo error (0)jennadewanunwrapped.net188.114.97.3A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:18.556746960 CET1.1.1.1192.168.2.100x60eNo error (0)jennadewanunwrapped.net65IN (0x0001)false
            Jan 6, 2025 14:33:18.598350048 CET1.1.1.1192.168.2.100xa742No error (0)jennadewanunwrapped.net65IN (0x0001)false
            Jan 6, 2025 14:33:18.598604918 CET1.1.1.1192.168.2.100xe75eNo error (0)jennadewanunwrapped.net188.114.97.3A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:18.598604918 CET1.1.1.1192.168.2.100xe75eNo error (0)jennadewanunwrapped.net188.114.96.3A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.863790035 CET1.1.1.1192.168.2.100xa9a1Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.869996071 CET1.1.1.1192.168.2.100xecfName error (3)korter-bartor.orgnonenone65IN (0x0001)false
            Jan 6, 2025 14:33:19.885423899 CET1.1.1.1192.168.2.100xaff5Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.988522053 CET1.1.1.1192.168.2.100x572No error (0)google.com142.250.186.174A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:19.989605904 CET8.8.8.8192.168.2.100x416cNo error (0)google.com142.250.186.142A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:20.041836977 CET1.1.1.1192.168.2.100x34e6No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:21.046684980 CET1.1.1.1192.168.2.100xde02Name error (3)korter-bartor.orgnonenone65IN (0x0001)false
            Jan 6, 2025 14:33:21.052079916 CET1.1.1.1192.168.2.100xf57dName error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.098680019 CET1.1.1.1192.168.2.100xed57Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.105488062 CET1.1.1.1192.168.2.100x9259Name error (3)korter-bartor.orgnonenone65IN (0x0001)false
            Jan 6, 2025 14:33:26.140844107 CET1.1.1.1192.168.2.100xdb07Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:26.158138990 CET1.1.1.1192.168.2.100x755dName error (3)korter-bartor.orgnonenone65IN (0x0001)false
            Jan 6, 2025 14:33:26.158410072 CET1.1.1.1192.168.2.100x612Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:56.195210934 CET1.1.1.1192.168.2.100x6050Name error (3)korter-bartor.orgnonenone65IN (0x0001)false
            Jan 6, 2025 14:33:56.196650028 CET1.1.1.1192.168.2.100xcaabName error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:33:56.213258982 CET1.1.1.1192.168.2.100xa46cName error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:34:11.279722929 CET1.1.1.1192.168.2.100x1763Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            Jan 6, 2025 14:34:25.575910091 CET1.1.1.1192.168.2.100x6fc0Name error (3)korter-bartor.orgnonenoneA (IP address)IN (0x0001)false
            • jennadewanunwrapped.net
            • a.nel.cloudflare.com
            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            0192.168.2.1049748188.114.97.34435852C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-06 13:33:19 UTC666OUTGET / HTTP/1.1
            Host: jennadewanunwrapped.net
            Connection: keep-alive
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
            Sec-Fetch-Site: none
            Sec-Fetch-Mode: navigate
            Sec-Fetch-User: ?1
            Sec-Fetch-Dest: document
            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
            sec-ch-ua-mobile: ?0
            sec-ch-ua-platform: "Windows"
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-06 13:33:19 UTC806INHTTP/1.1 200 OK
            Date: Mon, 06 Jan 2025 13:33:19 GMT
            Content-Type: text/html
            Transfer-Encoding: chunked
            Connection: close
            Vary: Accept-Encoding
            cf-cache-status: DYNAMIC
            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQPt8MCqE8ppeCCCh3SLdHB7i0RNA%2BXp5W2fh01pWhIumOr9plbY6oGJisqWSuDs0Ln6kmVzvfWjOh8banNxeBMEVUI2OWirzhKZklUnGdeeSleXn72VPiQ7QfUsUdqgHtjld1soiK1YIw%3D%3D"}],"group":"cf-nel","max_age":604800}
            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
            Server: cloudflare
            CF-RAY: 8fdc1445aefc422e-EWR
            alt-svc: h3=":443"; ma=86400
            server-timing: cfL4;desc="?proto=TCP&rtt=1664&min_rtt=1658&rtt_var=634&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2861&recv_bytes=1244&delivery_rate=1707602&cwnd=252&unsent_bytes=0&cid=d6c4b1619218adba&ts=247&x=0"
            2025-01-06 13:33:19 UTC190INData Raw: 62 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 74 69 74 6c 65 3e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 52 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 20 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 6b 6f 72 74 65 72 2d 62 61 72 74 6f 72 2e 6f 72 67 2f 41 70 70 2f 56 69 65 77 73 2f 52 65 71 75 65 73 74 73 2f 27 22 20 2f 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0a 0a 0a 0a 0d 0a
            Data Ascii: b8<!DOCTYPE html><html><head><title></title></head><body><meta http-equiv="Refresh" content="0; url='https://korter-bartor.org/App/Views/Requests/'" /></body></html>
            2025-01-06 13:33:19 UTC5INData Raw: 30 0d 0a 0d 0a
            Data Ascii: 0


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            1192.168.2.104976135.190.80.14435852C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-06 13:33:20 UTC554OUTOPTIONS /report/v4?s=jQPt8MCqE8ppeCCCh3SLdHB7i0RNA%2BXp5W2fh01pWhIumOr9plbY6oGJisqWSuDs0Ln6kmVzvfWjOh8banNxeBMEVUI2OWirzhKZklUnGdeeSleXn72VPiQ7QfUsUdqgHtjld1soiK1YIw%3D%3D HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Origin: https://jennadewanunwrapped.net
            Access-Control-Request-Method: POST
            Access-Control-Request-Headers: content-type
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-06 13:33:20 UTC336INHTTP/1.1 200 OK
            Content-Length: 0
            access-control-max-age: 86400
            access-control-allow-methods: OPTIONS, POST
            access-control-allow-origin: *
            access-control-allow-headers: content-type, content-length
            date: Mon, 06 Jan 2025 13:33:20 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            2192.168.2.104976335.190.80.14435852C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-06 13:33:21 UTC488OUTPOST /report/v4?s=jQPt8MCqE8ppeCCCh3SLdHB7i0RNA%2BXp5W2fh01pWhIumOr9plbY6oGJisqWSuDs0Ln6kmVzvfWjOh8banNxeBMEVUI2OWirzhKZklUnGdeeSleXn72VPiQ7QfUsUdqgHtjld1soiK1YIw%3D%3D HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Content-Length: 420
            Content-Type: application/reports+json
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-06 13:33:21 UTC420OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 37 34 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6a 65 6e 6e 61 64 65 77 61 6e 75 6e 77 72 61 70 70 65 64 2e 6e 65 74 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 30 2c 22 74 79 70 65 22 3a 22 61 62 61 6e 64 6f 6e 65 64 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f
            Data Ascii: [{"age":0,"body":{"elapsed_time":174,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://jennadewanunwrapped.net/","sampling_fraction":1.0,"server_ip":"","status_code":0,"type":"abandoned"},"type":"network-error","url":"https://
            2025-01-06 13:33:21 UTC168INHTTP/1.1 200 OK
            Content-Length: 0
            date: Mon, 06 Jan 2025 13:33:21 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            020406080s020406080100

            Click to jump to process

            020406080s0.0050100MB

            Click to jump to process

            Target ID:0
            Start time:08:33:06
            Start date:06/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff6c5c30000
            File size:3'242'272 bytes
            MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            Target ID:4
            Start time:08:33:10
            Start date:06/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1952,i,13221501935238290709,10592016373701980767,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff6c5c30000
            File size:3'242'272 bytes
            MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            Target ID:8
            Start time:08:33:17
            Start date:06/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://jennadewanunwrapped.net"
            Imagebase:0x7ff6c5c30000
            File size:3'242'272 bytes
            MD5 hash:83395EAB5B03DEA9720F8D7AC0D15CAA
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            No disassembly