Edit tour

Windows Analysis Report
http://www.grhga.icu/

Overview

General Information

Sample URL:	http://www.grhga.icu/
Analysis ID:	1589363
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5052 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 3160 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2176,i,1418175317753013884,4419938951954758614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6404 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.grhga.icu/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

HTTP traffic detected: POST /report/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 434Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Jan 2025 00:46:09 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 900920b4ee1a4393-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1600&min_rtt=1577&rtt_var=639&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2819&recv_bytes=1117&delivery_rate=1651583&cwnd=206&unsent_bytes=0&cid=304425a62e6c8f09&ts=1023&x=0"

Source: chromecache_52.3.dr, chromecache_54.3.dr	String found in binary or memory: http://telegram.org/dl
Source: chromecache_55.3.dr	String found in binary or memory: https://github.com/rastikerdar/vazirmatn
Source: chromecache_58.3.dr	String found in binary or memory: https://t.me
Source: chromecache_58.3.dr	String found in binary or memory: https://telegram.me;
Source: chromecache_58.3.dr	String found in binary or memory: https://web.telegram.org/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49864 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:50009 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:50019 version: TLS 1.2

Source: classification engine

Classification label: mal56.win@17/15@10/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2176,i,1418175317753013884,4419938951954758614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.grhga.icu/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2176,i,1418175317753013884,4419938951954758614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://www.grhga.icu/	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label
https://www.grhga.icu/main.9a912c00d881695d0ddb.js	100%	Avira URL Cloud	phishing
https://telegram.me;	0%	Avira URL Cloud	safe
https://www.grhga.icu/site.webmanifest	100%	Avira URL Cloud	phishing
https://www.grhga.icu/main.b563a1b1790456b66383.css	100%	Avira URL Cloud	phishing
https://www.grhga.icu/compatTest.js	100%	Avira URL Cloud	phishing
https://www.grhga.icu/icon-192x192.png	100%	Avira URL Cloud	phishing
https://www.grhga.icu/favicon-32x32.png	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false	high
www.google.com	216.58.206.36	true	false	high
www.grhga.icu	172.67.146.163	true	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.grhga.icu/site.webmanifest	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/compatTest.js	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/favicon-32x32.png	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/main.b563a1b1790456b66383.css	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/main.9a912c00d881695d0ddb.js	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/icon-192x192.png	false	Avira URL Cloud: phishing	unknown
https://www.grhga.icu/	false		unknown
https://a.nel.cloudflare.com/report/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://web.telegram.org/	chromecache_58.3.dr	false		high
https://t.me	chromecache_58.3.dr	false		high
https://telegram.me;	chromecache_58.3.dr	false	Avira URL Cloud: safe	unknown
http://telegram.org/dl	chromecache_52.3.dr, chromecache_54.3.dr	false		high
https://github.com/rastikerdar/vazirmatn	chromecache_55.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.21.57.146	unknown	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.6

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1589363
Start date and time:	2025-01-12 01:45:04 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 2m 59s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.grhga.icu/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.win@17/15@10/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.181.227, 142.250.186.174, 74.125.206.84, 172.217.18.110, 142.250.186.110, 192.229.221.95, 142.250.185.142, 216.58.206.78, 142.250.184.238, 142.250.185.238, 142.250.186.46, 2.16.164.105, 216.58.206.35, 172.217.18.14, 142.250.185.206, 13.107.246.45, 2.23.242.162, 20.109.210.53
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://www.grhga.icu/

Input	Output
URL: http://www.grhga.icu Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": true, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: http://www.grhga.icu
URL: https://www.grhga.icu/compatTest.js... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a compatibility test for various web platform features. It checks for the availability of features like Promises, WebSockets, Web Crypto API, Object.fromEntries, ResizeObserver, CSS Supports, and various Intl APIs. The script is designed to display a warning message and prevent the page from loading if the required features are not available. This behavior is common for web applications that require certain capabilities to function properly. The script does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. It is primarily focused on feature detection and graceful degradation, which is a common and legitimate practice in web development." }
function compatTest() { var hasPromise = typeof Promise !== 'undefined'; var hasWebSockets = typeof WebSocket !== 'undefined'; var hasWebCrypto = window.crypto && typeof window.crypto.subtle !== 'undefined'; var hasObjectFromEntries = typeof Object.fromEntries !== 'undefined'; var hasResizeObserver = typeof window.ResizeObserver !== 'undefined'; var hasCssSupports = window.CSS && typeof window.CSS.supports === 'function'; var hasIntl = typeof window.Intl !== 'undefined'; var hasDisplayNames = hasIntl && typeof Intl.DisplayNames !== 'undefined'; var hasPluralRules = hasIntl && typeof Intl.PluralRules !== 'undefined'; var hasNumberFormat = hasIntl && typeof Intl.NumberFormat !== 'undefined'; var isCompatible = hasPromise && hasWebSockets && hasWebCrypto && hasObjectFromEntries && hasResizeObserver && hasCssSupports && hasDisplayNames && hasPluralRules && hasNumberFormat; if (isCompatible \|\| (window.localStorage && window.localStorage.getItem('tt-ignore-compat'))) { window.isCompatTestPassed = true; return; } if (window.console && console.warn) { console.warn('Compatibility test report:'); console.warn('Promise', hasPromise); console.warn('WebSocket', hasWebSockets); console.warn('WebCrypto', hasWebCrypto); console.warn('Object.fromEntries', hasObjectFromEntries); console.warn('ResizeObserver', hasResizeObserver); console.warn('CSS.supports', hasCssSupports); console.warn('Intl.DisplayNames', hasDisplayNames); console.warn('Intl.PluralRules', hasPluralRules); console.warn('Intl.NumberFormat', hasNumberFormat); } // Hardcoded page because server forbids iframe embedding document.title = 'Unsupported Browser'; document.body.setAttribute('style', 'height: 100%; margin: 0; font-family: Arial, Helvetica, sans-serif;'); document.body.innerHTML = '<table style="width:100%;height:100%;border-collapse:collapse"><tr><td style="vertical-align:middle;text-align:center"><div style="display:inline-block"><img src=./unsupported.png><h3>Your browser is not supported</h3><p>Please, update it or use our <a href="http://telegram.org/dl" target="_blank">native clients</a>.</p><a id="ignore" href="#">I\'m Feeling Lucky</a></div></table>'; if (!window.ignore) return; if (!window.ignore.addEventListener) { window.ignore.style.display = 'none'; return; } window.ignore.addEventListener('click', function() { window.localStorage.setItem('tt-ignore-compat', '1'); window.location.reload(); }); } compatTest();

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	734
Entropy (8bit):	7.530376176853497
Encrypted:	false
SSDEEP:	12:6v/7ssAPXunwxdzD9DK4Nq2iBhdcGFToOgNRpPRU27hiF5TS2pj4CVhz:hsqXuwxlbiBXcGFToOgzpP+eMTSwFx
MD5:	B57D8D2F8DD9C25272A03B1EDE73C9D3
SHA1:	B2A7DFEF5EDB775AE8326C9A6C073E986829766F
SHA-256:	3182F898341813D110B67FEFD45C253D20E3FD803BAEC16CDE730F82A38D62F7
SHA-512:	3CE601CB2BA9F1FD6290AF0248BEF64264348C06A32904FB39954DC4E23AB5D97705C6A9F8BC7C569B0134027AB7C10A9CFB81C2FFC64C8351C6063C2C6168FD
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/favicon-32x32.png
Preview:	.PNG........IHDR... ... .....D.......PLTE...G..0..0../..-....../..(../..:..7..8....'..3..7..7..4..7..7..?..8..8..8..5..4..3..2..1..0..0.....-..,..+....*..(..(..(..........x..n..........._..0..0..L..0..S..........@.................tRNS..H......00.............H.......IDATx.m....@...L.ww.8u...k.Nu..g4_..rL.v..f.........Ls8.26.x....e.J..S\6.A...q.Q.D.1.....\|oTx.&.-&.H/...8.$=..U..`...h.Q.O?"......mAD.&-..%.....u.9.I...j.Z..{x<9..2&...D...I..&B'._w......5Z.W....z.Y#.yu..u...Q}..A.l6...pb..a.....%j..I\|=.}......v...'.....o.;....?........K...5...j..:.%].......>...[^...0.F..E...A...z.....Pi..A.x.Bo....U..6.t=...n.8.@.br..9......X.jY.e.Hv.V Q.Z.e.h'.Uk..(...........Zm.e.......b.........?.+mt......IEND.B`.

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (413)
Category:	dropped
Size (bytes):	2544
Entropy (8bit):	5.119071748552234
Encrypted:	false
SSDEEP:	48:p8izjb0Kn4YK+FH7X+IDxMp8GQF/7whyls5BhuezEzD/VzDatJzVvWz1uz0yAzJB:p8izjb0Kn4/sHaIDxMp8GQNo5kEtXvQB
MD5:	DA7800EA928A021F2539AB41E6F2323E
SHA1:	0141DA1DC85CA8F34212F3DDE2FAC9BF61F5ADB7
SHA-256:	15C24EC2B4CB94F24E66750F09E7071E5659E20A5ED926F69F565E20A81027CF
SHA-512:	228CA1C1F1FF8DE139EBCFA7B084BC40D467A56DDCCD103CF02A3FA26BA8C1B4D1961904511198E2FB6797837414BB3C09FC9F0902C3874F2467F279D526F0A9
Malicious:	false
Reputation:	low
Preview:	function compatTest() {. var hasPromise = typeof Promise !== 'undefined';. var hasWebSockets = typeof WebSocket !== 'undefined';. var hasWebCrypto = window.crypto && typeof window.crypto.subtle !== 'undefined';. var hasObjectFromEntries = typeof Object.fromEntries !== 'undefined';. var hasResizeObserver = typeof window.ResizeObserver !== 'undefined';. var hasCssSupports = window.CSS && typeof window.CSS.supports === 'function';. var hasIntl = typeof window.Intl !== 'undefined';. var hasDisplayNames = hasIntl && typeof Intl.DisplayNames !== 'undefined';. var hasPluralRules = hasIntl && typeof Intl.PluralRules !== 'undefined';. var hasNumberFormat = hasIntl && typeof Intl.NumberFormat !== 'undefined';.. var isCompatible = hasPromise && hasWebSockets && hasWebCrypto && hasObjectFromEntries && hasResizeObserver. && hasCssSupports && hasDisplayNames && hasPluralRules && hasNumberFormat;.. if (isCompatible \|\| (window.localStorage && window.localStorage.getItem('tt-ignore-compa

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	1174
Entropy (8bit):	4.166203119056516
Encrypted:	false
SSDEEP:	24:wcLvQrf7+QWesfS0NjCBN+5up2Yyf5tt6b4TaDTxhn:9C5W1fZNjCBPw6bHH
MD5:	380929FC234CD3312DF9B76886EDB3F6
SHA1:	90A81A29FB36AF658509EF9FB5D2648AF9A135D4
SHA-256:	AC46FD5680C1929E49CADE11A2186E222CBDA6146CCA49F3C995CCC0F7AD1616
SHA-512:	0B9612B2BBEFBE74B179BFA4A454A4180493DE93C3369AF0B307E12E1CF393323D7DF8A3F20F3D95D219BFBF3633DF3A702BC7667E4F493FF9C2B0478206F2C7
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/site.webmanifest
Preview:	{. "name": "Telegram Web",. "short_name": "Telegram Web",. "description": "Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.",. "start_url": "./",. "gcm_sender_id": "122867383838",. "icons": [. {. "src": "icon-192x192.png",. "sizes": "192x192",. "type": "image/png". },. {. "src": "icon-384x384.png",. "sizes": "384x384",. "type": "image/png". },. {. "src": "icon-512x512.png",. "sizes": "512x512",. "type": "image/png". }. ],. "screenshots" : [{. "src": "screenshot.jpg",. "sizes": "1280x802",. "type": "image/jpeg". }],. "share_target": {. "action": "./share/",. "method": "POST",. "enctype": "multipart/form-data",. "params": {. "title": "title",. "text": "text",. "url": "url",. "files": [. {. "na

Chrome Cache Entry: 54

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (413)
Category:	downloaded
Size (bytes):	2544
Entropy (8bit):	5.119071748552234
Encrypted:	false
SSDEEP:	48:p8izjb0Kn4YK+FH7X+IDxMp8GQF/7whyls5BhuezEzD/VzDatJzVvWz1uz0yAzJB:p8izjb0Kn4/sHaIDxMp8GQNo5kEtXvQB
MD5:	DA7800EA928A021F2539AB41E6F2323E
SHA1:	0141DA1DC85CA8F34212F3DDE2FAC9BF61F5ADB7
SHA-256:	15C24EC2B4CB94F24E66750F09E7071E5659E20A5ED926F69F565E20A81027CF
SHA-512:	228CA1C1F1FF8DE139EBCFA7B084BC40D467A56DDCCD103CF02A3FA26BA8C1B4D1961904511198E2FB6797837414BB3C09FC9F0902C3874F2467F279D526F0A9
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/compatTest.js
Preview:	function compatTest() {. var hasPromise = typeof Promise !== 'undefined';. var hasWebSockets = typeof WebSocket !== 'undefined';. var hasWebCrypto = window.crypto && typeof window.crypto.subtle !== 'undefined';. var hasObjectFromEntries = typeof Object.fromEntries !== 'undefined';. var hasResizeObserver = typeof window.ResizeObserver !== 'undefined';. var hasCssSupports = window.CSS && typeof window.CSS.supports === 'function';. var hasIntl = typeof window.Intl !== 'undefined';. var hasDisplayNames = hasIntl && typeof Intl.DisplayNames !== 'undefined';. var hasPluralRules = hasIntl && typeof Intl.PluralRules !== 'undefined';. var hasNumberFormat = hasIntl && typeof Intl.NumberFormat !== 'undefined';.. var isCompatible = hasPromise && hasWebSockets && hasWebCrypto && hasObjectFromEntries && hasResizeObserver. && hasCssSupports && hasDisplayNames && hasPluralRules && hasNumberFormat;.. if (isCompatible \|\| (window.localStorage && window.localStorage.getItem('tt-ignore-compa

Chrome Cache Entry: 55

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10891)
Category:	downloaded
Size (bytes):	106611
Entropy (8bit):	5.293326196428632
Encrypted:	false
SSDEEP:	768:2KKifpmlPrbvZobYqNx2IgG7d+hnoo9eb6Ub0vOAn9BQ9Tds6tfEEV+2orlT2k:2bibbYU2IgGp+OmOoiDfsP
MD5:	61B057B4B7F8E4CBD24C039830E4B235
SHA1:	431DB711E068D1FBF6CCC192C650D764323F9B30
SHA-256:	AAA8B742C441F359A0F72D891425E6B4AD07D438711FD0506386EF29924297D7
SHA-512:	F185BA06EFCDCB58AB4A2D5D78FD551148FBB4FD98C7B55E9F4B5BCDE6D92A491F0FD94EA1ECFEFC97795A25B3878EDDA4E565B37AE71FBE2B14A99FB9DD6F4C
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/main.b563a1b1790456b66383.css
Preview:	.KU67Uur0{display:inline-block;width:100%}.y_uRZXtA{-webkit-mask-image:linear-gradient(to top, transparent 0px, black 1rem);mask-image:linear-gradient(to top, transparent 0px, black 1rem)}.JNVT2DU9{margin-top:.125rem;margin-bottom:.125rem;max-height:inherit}.pyX4NpPB{position:absolute;display:grid;place-items:center;width:1.5rem;height:1.5rem;border-radius:50%;bottom:0;right:0}.RmvXwV0W{cursor:var(--custom-cursor, pointer)}..pMUccFN9{position:absolute;top:0;right:0;bottom:0;left:0;pointer-events:none;opacity:0;transition:opacity .15s ease-in-out}.auCNtLQ4,.a44ZN3hD{display:flex;font-size:1.25rem;padding:.125rem;border-radius:.125rem;margin:.125rem;transition:background-color .15s ease-in-out;cursor:var(--custom-cursor, pointer)}.auCNtLQ4:hover,.auCNtLQ4.jq1KLfVD,.a44ZN3hD:hover,.a44ZN3hD.jq1KLfVD{background-color:var(--color-background-compact-menu-hover)}.L95Dh7wN{position:absolute;top:0;right:0;display:flex;align-items:center;padding:.125rem;background-color:var(--color-background-co

Chrome Cache Entry: 56

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	734
Entropy (8bit):	7.530376176853497
Encrypted:	false
SSDEEP:	12:6v/7ssAPXunwxdzD9DK4Nq2iBhdcGFToOgNRpPRU27hiF5TS2pj4CVhz:hsqXuwxlbiBXcGFToOgzpP+eMTSwFx
MD5:	B57D8D2F8DD9C25272A03B1EDE73C9D3
SHA1:	B2A7DFEF5EDB775AE8326C9A6C073E986829766F
SHA-256:	3182F898341813D110B67FEFD45C253D20E3FD803BAEC16CDE730F82A38D62F7
SHA-512:	3CE601CB2BA9F1FD6290AF0248BEF64264348C06A32904FB39954DC4E23AB5D97705C6A9F8BC7C569B0134027AB7C10A9CFB81C2FFC64C8351C6063C2C6168FD
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....D.......PLTE...G..0..0../..-....../..(../..:..7..8....'..3..7..7..4..7..7..?..8..8..8..5..4..3..2..1..0..0.....-..,..+....*..(..(..(..........x..n..........._..0..0..L..0..S..........@.................tRNS..H......00.............H.......IDATx.m....@...L.ww.8u...k.Nu..g4_..rL.v..f.........Ls8.26.x....e.J..S\6.A...q.Q.D.1.....\|oTx.&.-&.H/...8.$=..U..`...h.Q.O?"......mAD.&-..%.....u.9.I...j.Z..{x<9..2&...D...I..&B'._w......5Z.W....z.Y#.yu..u...Q}..A.l6...pb..a.....%j..I\|=.}......v...'.....o.;....?........K...5...j..:.%].......>...[^...0.F..E...A...z.....Pi..A.x.Bo....U..6.t=...n.8.@.br..9......X.jY.e.Hv.V Q.Z.e.h'.Uk..(...........Zm.e.......b.........?.+mt......IEND.B`.

Chrome Cache Entry: 57

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 686x386, components 3
Category:	dropped
Size (bytes):	48658
Entropy (8bit):	7.967212962790157
Encrypted:	false
SSDEEP:	768:ZqQPfffvE0ff8BXfAjBq4XT27ffD9ZKAka+9hQLHfUD0nfffdp2urLnpv0BTxS3q:ZqKfffvFff0fAjBR67ffJ8PXnQLH20nW
MD5:	EB9E7BA950B329E98AD26D49BAF57442
SHA1:	5CDBAF7F3AE628A326396A2676428995E751A0CE
SHA-256:	E54F10FF5EC0A3D9C1622FB7D92F47EF20FA6BEF340195AC3CD80CA0BD61139E
SHA-512:	A949FAD2F569E5F217AE59E9FC8F931EA44FB653A14E1DE82B33C3790346EC1CD82082DDE5B67E4224108D7EB5CF0A8435D2B6B4ECCB46B5870EEAB75F171F53
Malicious:	false
Reputation:	low
Preview:	......JFIF.......................................................................... ................................................................................"..........................................e..........................!...1A.."Qaq2R....#BSbr....%35CTst...........$46UVcu.....&Dde...E.....'7..................................H.........................!1AQ.aq.."S......2r.#3Bb.....R.4C......5EFTs.............?..)J.JW.h.t......K.}...3^L.$...yo.J...^._C...\..I.S....q.......t.j;......`}5.S.........zd.~.?.Q..."W.y....W.K.5...~...>.g.^..J...j...[....?.........K..{.....0.lVu...R.Iz.D......]#~.as'.\...\u.'.....L......j.......i.d..3P....0..- ..".K...g..s....C..#kr..>F..I....x..V..z...-..]V.O.....+.7...+......H.....M. .Z.~...{..f..?.O.wl=.h...mO...w].....\|.]...]..._d6......o.5.N=.....<.co......\|..[O.......b..}..f.Z......?..^..L......x...V.-...R.:#i.t.n;..>..?..W.y......sf..\|......=.H...\..?.+./HqxY.....nk\|tXsf..K..K.....%.?.0...V..\+%....q

Chrome Cache Entry: 58

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	2641
Entropy (8bit):	5.022310522710875
Encrypted:	false
SSDEEP:	48:0GLdhj5BPQp4Dl1D5nyI4Zl4K5HcIYF2JSYoPYFLCD+TsQNp4ywphyT:lupYBhIQ4SYoP7DyjpAhM
MD5:	E464C5AD2B7ACA0117069B93AB5AA98D
SHA1:	9E2036377F8D1B72E9277DE72C7090CA6C2BB5FA
SHA-256:	4A945D985D4421B85D7C9B6841FFE233B11137808005870545B1DDF26E5EA704
SHA-512:	000B368826094128C800B962D9833FDFE7F6CBF576F90369906FD77C9971A1DA7EED0A3EA5915BBC78F0FCF867D3EA3DDF07B659C79B1C5605DDA90314BD66AD
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/
Preview:	<!doctype html>.<html lang="en">.<head>. <meta charset="UTF-8"/>. <meta name="google" content="notranslate">. <title>Telegram</title>. <meta name="title" content="Telegram"/>. <meta name="description" content="Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed."/>. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no, shrink-to-fit=no, viewport-fit=cover"/>. <meta name="theme-color" content="#ffffff"/>.. ........... -->. <meta name="robots" content="noindex, nofollow"/>.. Open Graph ... -->. <meta property="og:title" content="Telegram">. <meta property="og:description" content="Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.">. <meta property="og:image" content="./icon-192x192.png">. <meta property="og:url" content="https://web.telegram.org/">. <meta property="og:type

Chrome Cache Entry: 59

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 686x386, components 3
Category:	downloaded
Size (bytes):	48658
Entropy (8bit):	7.967212962790157
Encrypted:	false
SSDEEP:	768:ZqQPfffvE0ff8BXfAjBq4XT27ffD9ZKAka+9hQLHfUD0nfffdp2urLnpv0BTxS3q:ZqKfffvFff0fAjBR67ffJ8PXnQLH20nW
MD5:	EB9E7BA950B329E98AD26D49BAF57442
SHA1:	5CDBAF7F3AE628A326396A2676428995E751A0CE
SHA-256:	E54F10FF5EC0A3D9C1622FB7D92F47EF20FA6BEF340195AC3CD80CA0BD61139E
SHA-512:	A949FAD2F569E5F217AE59E9FC8F931EA44FB653A14E1DE82B33C3790346EC1CD82082DDE5B67E4224108D7EB5CF0A8435D2B6B4ECCB46B5870EEAB75F171F53
Malicious:	false
Reputation:	low
URL:	https://www.grhga.icu/icon-192x192.png
Preview:	......JFIF.......................................................................... ................................................................................"..........................................e..........................!...1A.."Qaq2R....#BSbr....%35CTst...........$46UVcu.....&Dde...E.....'7..................................H.........................!1AQ.aq.."S......2r.#3Bb.....R.4C......5EFTs.............?..)J.JW.h.t......K.}...3^L.$...yo.J...^._C...\..I.S....q.......t.j;......`}5.S.........zd.~.?.Q..."W.y....W.K.5...~...>.g.^..J...j...[....?.........K..{.....0.lVu...R.Iz.D......]#~.as'.\...\u.'.....L......j.......i.d..3P....0..- ..".K...g..s....C..#kr..>F..I....x..V..z...-..]V.O.....+.7...+......H.....M. .Z.~...{..f..?.O.wl=.h...mO...w].....\|.]...]..._d6......o.5.N=.....<.co......\|..[O.......b..}..f.Z......?..^..L......x...V.-...R.:#i.t.n;..>..?..W.y......sf..\|......=.H...\..?.+./HqxY.....nk\|tXsf..K..K.....%.?.0...V..\+%....q

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 01:45:51.263726950 CET	49673	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:45:51.263849974 CET	49674	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:45:51.576308966 CET	49672	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:45:59.935040951 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:45:59.935076952 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:45:59.935146093 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:45:59.943991899 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:45:59.944005966 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.734996080 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.737472057 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.741831064 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.741849899 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.742168903 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.744242907 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.744311094 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.744316101 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.744466066 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.787337065 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.902884007 CET	49673	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:46:00.914510965 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.914635897 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.914694071 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.914880991 CET	49714	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:00.914899111 CET	443	49714	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:00.922111034 CET	49674	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:46:01.246998072 CET	49672	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:46:02.817269087 CET	443	49705	173.222.162.64	192.168.2.6
Jan 12, 2025 01:46:02.817362070 CET	49705	443	192.168.2.6	173.222.162.64
Jan 12, 2025 01:46:03.757277012 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:03.757314920 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:03.757431984 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:03.757638931 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:03.757651091 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.408978939 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.409269094 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:04.409287930 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.410701036 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.410768986 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:04.415725946 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:04.415807962 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.467063904 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:04.467078924 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:04.513950109 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:05.207442999 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.207489014 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.207546949 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.207815886 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.207828999 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.672343016 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.672825098 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.672851086 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.674455881 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.674782991 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.675673008 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.675755978 CET	443	49732	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.675781965 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.675781965 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.675934076 CET	49732	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.680777073 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.680804968 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:05.681065083 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.681065083 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:05.681094885 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.174354076 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.174763918 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.174782038 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.176249981 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.176934958 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.177365065 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.177365065 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.177376032 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.177439928 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.217365026 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.217375040 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.265522957 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.892569065 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.892703056 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.892780066 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:06.892802954 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.893008947 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:06.895529985 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.069899082 CET	49734	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.069932938 CET	443	49734	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.093434095 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.093482018 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.093641043 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.094541073 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.094558954 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.095844984 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.095886946 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.096016884 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.096287966 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.096298933 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.096384048 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.096621990 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.096636057 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.096822023 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.096831083 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.555941105 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.556185961 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.556207895 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.557182074 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.557243109 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.557549953 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.557602882 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.557602882 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.557663918 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.557672977 CET	443	49747	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.557682037 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.557713032 CET	49747	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.558060884 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.558123112 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.558195114 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.558365107 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.558393955 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.565975904 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.566167116 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.566180944 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.567766905 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.567821980 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568186998 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568202019 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568239927 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568252087 CET	443	49746	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.568294048 CET	49746	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568514109 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568607092 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.568667889 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568835020 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.568869114 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.582684040 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.582874060 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.582884073 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.584382057 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.584439039 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.584687948 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.584698915 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.584748030 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.584769964 CET	443	49745	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.584822893 CET	49745	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.585004091 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.585032940 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:07.585099936 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.585278034 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:07.585303068 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.034384966 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.034665108 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.034692049 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.037863016 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.037920952 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.038325071 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.038382053 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.038535118 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.038543940 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.056173086 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.056541920 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.056557894 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.058029890 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.058108091 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.058628082 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.058715105 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.058970928 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.058986902 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.063328981 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.063580990 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.063600063 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.064662933 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.064727068 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.065089941 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.065155983 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.065236092 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.065244913 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.092526913 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.107799053 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.107865095 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.165755033 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165796041 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165817976 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165832043 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.165838003 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165846109 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165865898 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.165883064 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165904045 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165914059 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.165925980 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.165954113 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.165961981 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.170535088 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.170583010 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.170592070 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.197038889 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.197119951 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.197164059 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.197194099 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.197285891 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.197321892 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.198347092 CET	49754	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.198364019 CET	443	49754	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.214498043 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.214507103 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.222872019 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.222893000 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.222937107 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.223288059 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.223299980 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.242094994 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:08.242125034 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:08.242181063 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:08.242806911 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:08.242819071 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:08.252384901 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252428055 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.252440929 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252485037 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252515078 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.252525091 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252549887 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252574921 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252583027 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.252592087 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252615929 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252620935 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.252629042 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.252665043 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.253499985 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.253545046 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.253566980 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.253576040 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.253583908 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.253614902 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.253621101 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254420042 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254446030 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254460096 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.254467010 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254503965 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.254504919 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254513025 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.254550934 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.254556894 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255285978 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255320072 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255331993 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.255340099 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255369902 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255369902 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.255378008 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.255419970 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.339060068 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.339117050 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.339169979 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.339210033 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.339220047 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.339252949 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.339504957 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.339554071 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.340389967 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.340432882 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.340451002 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.340459108 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.340502977 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.340554953 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.340599060 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.340909958 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.340955973 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.341011047 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.341048002 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.341085911 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.341121912 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.341861010 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.341905117 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.341928959 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.341972113 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.342046022 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.342082977 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.342822075 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.342866898 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.342937946 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.342986107 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.343024969 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.343069077 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.343074083 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.343146086 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.343187094 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.343827963 CET	49753	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.343841076 CET	443	49753	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.688730955 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.689009905 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.689030886 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.690447092 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.690502882 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.690917969 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.690936089 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.690990925 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.691004992 CET	443	49761	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.691061020 CET	49761	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.691327095 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.691350937 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:08.691565037 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.691751957 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:08.691764116 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.048242092 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.048326015 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.050972939 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.050983906 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.051419973 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.053417921 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.053476095 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.053481102 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.053601027 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.078886032 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.079032898 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.079081059 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.084284067 CET	49755	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.084302902 CET	443	49755	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.089091063 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.089116096 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.089216948 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.094758987 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.094770908 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.099330902 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.119709969 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.119720936 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.119952917 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.120244980 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.120255947 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.120667934 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.120696068 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.120773077 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.120997906 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.121010065 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.176243067 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.176523924 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.176542044 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.177959919 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.178033113 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.178513050 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.178596020 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.178651094 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.219337940 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.231304884 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.231317997 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.233630896 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.233736992 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.233856916 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.234164000 CET	49762	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:09.234179020 CET	443	49762	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:09.279305935 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.326999903 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.327056885 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.327157974 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.327169895 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.327224970 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.329700947 CET	49763	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.329719067 CET	443	49763	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.571188927 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.571477890 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.571485996 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.572501898 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.572554111 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.573633909 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.573684931 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.573946953 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.573955059 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.594733000 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.595093966 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.595104933 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.596134901 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.596210957 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.598828077 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.598849058 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.598891973 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.598896980 CET	443	49770	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.599019051 CET	49770	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.599204063 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.599276066 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.599332094 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.599544048 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.599569082 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.606431961 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.606679916 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.606694937 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.608120918 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.608180046 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608464003 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608477116 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608516932 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608536005 CET	443	49771	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.608589888 CET	49771	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608730078 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.608762980 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.608927965 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.609183073 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:09.609195948 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:09.626866102 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.698746920 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.698873043 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.698952913 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699042082 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699069977 CET	443	49769	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.699094057 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699115038 CET	49769	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699469090 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699507952 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:09.699574947 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699733973 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:09.699760914 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.077147961 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.077413082 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.077491045 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.080812931 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.080888033 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.081248045 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.081414938 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.081474066 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.081490040 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.087579012 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.087801933 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.087824106 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.088109016 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.088438988 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.088504076 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.088572979 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.121838093 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.131329060 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.137490034 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.172035933 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.172317028 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.172353983 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.172708988 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.173008919 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.173079967 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.173187971 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.219324112 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.238262892 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.238353968 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.238401890 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.240437984 CET	49775	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.240457058 CET	443	49775	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.244133949 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.244201899 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.244271994 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.244596958 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.244620085 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.301568031 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.301646948 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.301698923 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.301826000 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.301826000 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.301856041 CET	443	49780	35.190.80.1	192.168.2.6
Jan 12, 2025 01:46:10.301903009 CET	49780	443	192.168.2.6	35.190.80.1
Jan 12, 2025 01:46:10.716991901 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.717238903 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.717304945 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.721095085 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.721169949 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721530914 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721565008 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721592903 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721719027 CET	443	49781	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.721782923 CET	49781	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721918106 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.721971035 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.722035885 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.722290993 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.722309113 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.766396046 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.766758919 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.766820908 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.767255068 CET	49774	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.767287970 CET	443	49774	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.770405054 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.770448923 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:10.770503044 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.770754099 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:10.770771980 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.202925920 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.203339100 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.203352928 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.203819990 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.204575062 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.204657078 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.204922915 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.240461111 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.251326084 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.251837969 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.251858950 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.253391027 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.253451109 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.260344028 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.260371923 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.260435104 CET	443	49788	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.260457039 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.260477066 CET	49788	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.261259079 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.261302948 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.261362076 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.261831045 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.261842012 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.347675085 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.347804070 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.347853899 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.349323988 CET	49787	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.349351883 CET	443	49787	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.748776913 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.752067089 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.752089977 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.753578901 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.753644943 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.764940023 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.765068054 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.765305042 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.765320063 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.809015989 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.899620056 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899682045 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899720907 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899741888 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.899760962 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899832964 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899872065 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.899876118 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899892092 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.899914980 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.899988890 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.900031090 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.900037050 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.904493093 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.904530048 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.904566050 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.904594898 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.904603004 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.904613972 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.949661016 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.991635084 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.991806030 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.991853952 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.991863966 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.991960049 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992010117 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992055893 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.992057085 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992072105 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992109060 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.992820024 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992872000 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992917061 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992918015 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.992930889 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.992954969 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.993593931 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.993643999 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.993694067 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.993695974 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.993709087 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.993732929 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.994322062 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994373083 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.994378090 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994390965 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994437933 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.994445086 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994493961 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994544983 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994587898 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.994596004 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.994637966 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:11.995143890 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.995229006 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.995321035 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:11.995368004 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.049319029 CET	49794	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.049339056 CET	443	49794	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.063718081 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.063747883 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.064094067 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.064397097 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.064415932 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.543049097 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.551208973 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.551271915 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.553744078 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.553812981 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557101965 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557101965 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557221889 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557295084 CET	443	49801	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.557357073 CET	49801	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557617903 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.557678938 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:12.557744980 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.558355093 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:12.558383942 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.034836054 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.035716057 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.035779953 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.037256002 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.037318945 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.040674925 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.040766001 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.041049957 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.041065931 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.094357014 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.191876888 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.191948891 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.191992044 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.191993952 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.192023993 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192068100 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.192075014 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192089081 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192135096 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.192147017 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192236900 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192272902 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192281008 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.192291975 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.192343950 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.192648888 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.247791052 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.247819901 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.282880068 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.282921076 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.282994032 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283034086 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.283051014 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283080101 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.283113956 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283153057 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283246040 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.283257008 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283411980 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.283895969 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.283981085 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.284024000 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.284044981 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.284054041 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.284538031 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.284545898 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.284975052 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285012960 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285042048 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.285049915 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285100937 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285134077 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.285142899 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285305977 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.285315037 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285816908 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285852909 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285887003 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.285892963 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.285904884 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.286127090 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.329057932 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.329066992 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.372680902 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.403186083 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.403265953 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.403336048 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.403343916 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.403361082 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:13.403978109 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.403978109 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.716487885 CET	49803	443	192.168.2.6	104.21.57.146
Jan 12, 2025 01:46:13.716527939 CET	443	49803	104.21.57.146	192.168.2.6
Jan 12, 2025 01:46:14.308716059 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:14.308864117 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:14.308922052 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:16.217096090 CET	49720	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:46:16.217123985 CET	443	49720	216.58.206.36	192.168.2.6
Jan 12, 2025 01:46:21.738801956 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:21.738847017 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:21.738955975 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:21.739526033 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:21.739537954 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.551114082 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.551188946 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.553184032 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.553189039 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.553390980 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.555088043 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.555143118 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.555146933 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.555340052 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.599343061 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.730722904 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.730851889 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:22.730901957 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.731024981 CET	49864	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:22.731040955 CET	443	49864	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:43.887897015 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:43.887923956 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:43.887972116 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:43.888583899 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:43.888592958 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.666764021 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.666887999 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.668411016 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.668421030 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.669092894 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.670872927 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.670872927 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.670887947 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.671000004 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.715325117 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.841011047 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.841141939 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.841542006 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.842048883 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:46:44.842061996 CET	443	50009	40.115.3.253	192.168.2.6
Jan 12, 2025 01:46:44.842098951 CET	50009	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:03.810540915 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:03.810615063 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:03.810715914 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:03.811561108 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:03.811582088 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:04.448462009 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:04.448971033 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:04.449012041 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:04.449708939 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:04.450783968 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:04.450886011 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:04.496782064 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:06.763793945 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:06.763883114 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:06.764147043 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:06.764905930 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:06.764942884 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.664458990 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.664690018 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.667952061 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.667987108 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.668767929 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.670980930 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.671070099 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.671083927 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.671206951 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.711335897 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.849522114 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.849737883 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:07.849822998 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.850004911 CET	50019	443	192.168.2.6	40.115.3.253
Jan 12, 2025 01:47:07.850044966 CET	443	50019	40.115.3.253	192.168.2.6
Jan 12, 2025 01:47:14.352955103 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:14.353121042 CET	443	50018	216.58.206.36	192.168.2.6
Jan 12, 2025 01:47:14.353204966 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:16.217412949 CET	50018	443	192.168.2.6	216.58.206.36
Jan 12, 2025 01:47:16.217453957 CET	443	50018	216.58.206.36	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 12, 2025 01:45:59.436872959 CET	53	51358	1.1.1.1	192.168.2.6
Jan 12, 2025 01:45:59.502048969 CET	53	52177	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:00.556077003 CET	53	64049	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:03.749463081 CET	51337	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:03.749625921 CET	62739	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:03.756376028 CET	53	62739	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:03.756392002 CET	53	51337	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:05.150235891 CET	59086	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:05.150358915 CET	63633	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:05.164407969 CET	53	63633	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:05.175376892 CET	51511	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:05.175786972 CET	61987	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:05.177364111 CET	53	59086	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:05.195434093 CET	53	61987	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:05.206974030 CET	53	51511	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:08.205557108 CET	53486	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:08.205751896 CET	62639	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:08.218353987 CET	53	62639	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:08.222470999 CET	53	53486	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:09.080662966 CET	52423	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:09.080859900 CET	60973	53	192.168.2.6	1.1.1.1
Jan 12, 2025 01:46:09.087620974 CET	53	52423	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:09.087868929 CET	53	60973	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:17.535820961 CET	53	55903	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:36.614330053 CET	53	60631	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:59.311959028 CET	53	62807	1.1.1.1	192.168.2.6
Jan 12, 2025 01:46:59.520082951 CET	53	51003	1.1.1.1	192.168.2.6

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 12, 2025 01:46:05.177423000 CET	192.168.2.6	1.1.1.1	c205	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 12, 2025 01:46:03.749463081 CET	192.168.2.6	1.1.1.1	0x969a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:03.749625921 CET	192.168.2.6	1.1.1.1	0x632b	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 12, 2025 01:46:05.150235891 CET	192.168.2.6	1.1.1.1	0xc0c5	Standard query (0)	www.grhga.icu	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.150358915 CET	192.168.2.6	1.1.1.1	0xe267	Standard query (0)	www.grhga.icu	65	IN (0x0001)	false
Jan 12, 2025 01:46:05.175376892 CET	192.168.2.6	1.1.1.1	0x7de7	Standard query (0)	www.grhga.icu	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.175786972 CET	192.168.2.6	1.1.1.1	0xe45e	Standard query (0)	www.grhga.icu	65	IN (0x0001)	false
Jan 12, 2025 01:46:08.205557108 CET	192.168.2.6	1.1.1.1	0xcd6c	Standard query (0)	www.grhga.icu	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:08.205751896 CET	192.168.2.6	1.1.1.1	0x3f88	Standard query (0)	www.grhga.icu	65	IN (0x0001)	false
Jan 12, 2025 01:46:09.080662966 CET	192.168.2.6	1.1.1.1	0x604d	Standard query (0)	a.nel.cloudflare.com	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:09.080859900 CET	192.168.2.6	1.1.1.1	0xf742	Standard query (0)	a.nel.cloudflare.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class	DNS over HTTPS
Jan 12, 2025 01:46:03.756376028 CET	1.1.1.1	192.168.2.6	0x632b	No error (0)	www.google.com		65	IN (0x0001)	false
Jan 12, 2025 01:46:03.756392002 CET	1.1.1.1	192.168.2.6	0x969a	No error (0)	www.google.com	216.58.206.36	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.164407969 CET	1.1.1.1	192.168.2.6	0xe267	No error (0)	www.grhga.icu		65	IN (0x0001)	false
Jan 12, 2025 01:46:05.177364111 CET	1.1.1.1	192.168.2.6	0xc0c5	No error (0)	www.grhga.icu	172.67.146.163	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.177364111 CET	1.1.1.1	192.168.2.6	0xc0c5	No error (0)	www.grhga.icu	104.21.57.146	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.195434093 CET	1.1.1.1	192.168.2.6	0xe45e	No error (0)	www.grhga.icu		65	IN (0x0001)	false
Jan 12, 2025 01:46:05.206974030 CET	1.1.1.1	192.168.2.6	0x7de7	No error (0)	www.grhga.icu	104.21.57.146	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:05.206974030 CET	1.1.1.1	192.168.2.6	0x7de7	No error (0)	www.grhga.icu	172.67.146.163	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:08.218353987 CET	1.1.1.1	192.168.2.6	0x3f88	No error (0)	www.grhga.icu		65	IN (0x0001)	false
Jan 12, 2025 01:46:08.222470999 CET	1.1.1.1	192.168.2.6	0xcd6c	No error (0)	www.grhga.icu	104.21.57.146	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:08.222470999 CET	1.1.1.1	192.168.2.6	0xcd6c	No error (0)	www.grhga.icu	172.67.146.163	A (IP address)	IN (0x0001)	false
Jan 12, 2025 01:46:09.087620974 CET	1.1.1.1	192.168.2.6	0x604d	No error (0)	a.nel.cloudflare.com	35.190.80.1	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

www.grhga.icu

https:

a.nel.cloudflare.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.6	49714	40.115.3.253	443

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:00 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6c 42 35 75 77 5a 66 72 6b 45 65 75 51 30 4a 4f 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 36 31 32 64 39 39 31 33 38 37 36 63 33 66 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: lB5uwZfrkEeuQ0JO.1Context: 8612d9913876c3fe
2025-01-12 00:46:00 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-12 00:46:00 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 6c 42 35 75 77 5a 66 72 6b 45 65 75 51 30 4a 4f 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 36 31 32 64 39 39 31 33 38 37 36 63 33 66 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 51 32 6b 46 39 4c 73 64 6b 61 51 55 71 51 78 41 43 4a 6c 67 68 53 71 53 54 51 52 2b 4e 73 47 65 51 4f 4e 59 53 57 53 43 38 2b 61 65 6b 47 46 6d 35 47 39 45 42 78 32 72 6e 37 74 6f 53 58 4c 58 4d 31 33 35 57 38 6e 69 50 6d 44 68 2f 79 6d 49 62 74 62 74 67 7a 2b 47 48 66 62 4e 62 41 4b 7a 65 75 2f 39 41 68 54 4b 2f 38 4a 63 59 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: lB5uwZfrkEeuQ0JO.2Context: 8612d9913876c3fe<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAQ2kF9LsdkaQUqQxACJlghSqSTQR+NsGeQONYSWSC8+aekGFm5G9EBx2rn7toSXLXM135W8niPmDh/ymIbtbtgz+GHfbNbAKzeu/9AhTK/8JcY
2025-01-12 00:46:00 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 6c 42 35 75 77 5a 66 72 6b 45 65 75 51 30 4a 4f 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 36 31 32 64 39 39 31 33 38 37 36 63 33 66 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: lB5uwZfrkEeuQ0JO.3Context: 8612d9913876c3fe<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-12 00:46:00 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-12 00:46:00 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 42 58 66 44 5a 73 55 52 6c 6b 4f 70 67 61 30 66 4e 4a 45 51 56 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: BXfDZsURlkOpga0fNJEQVw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49734	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:06 UTC	656	OUT	GET / HTTP/1.1 Host: www.grhga.icu Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:06 UTC	836	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:06 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Last-Modified: Wed, 18 Dec 2024 05:51:20 GMT Vary: Accept-Encoding cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CLGWMSCan0CnFNwmRoGjEctJPdsqQIkEkJLrvkt55De0kg7Bzr%2BPfyZj7hz5CAsNrMvxEBoUTSEUrUmvyoUrl6BdyXabl8Gi097g79%2BtpDTHkzLDELm%2B9h0ZubnncbG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920a92f4d0f6f-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1485&min_rtt=1477&rtt_var=570&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2817&recv_bytes=1234&delivery_rate=1892417&cwnd=209&unsent_bytes=0&cid=a37293fc925e752a&ts=733&x=0"
2025-01-12 00:46:06 UTC	533	IN	Data Raw: 61 35 31 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 6f 6f 67 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 74 72 61 6e 73 6c 61 74 65 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 54 65 6c 65 67 72 61 6d 22 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 54 65 6c 65 67 72 61 6d 20 69 73 20 61 20 63 6c 6f 75 64 2d 62 61 73 65 64 Data Ascii: a51<!doctype html><html lang="en"><head> <meta charset="UTF-8"/> <meta name="google" content="notranslate"> <title>Telegram</title> <meta name="title" content="Telegram"/> <meta name="description" content="Telegram is a cloud-based
2025-01-12 00:46:06 UTC	1369	IN	Data Raw: 20 e7 a6 81 e6 ad a2 e6 90 9c e7 b4 a2 e5 bc 95 e6 93 8e e7 b4 a2 e5 bc 95 e5 92 8c e8 b7 9f e8 b8 aa 20 2d 2d 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 2f 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 4f 70 65 6e 20 47 72 61 70 68 20 e5 85 83 e6 a0 87 e7 ad be 20 2d 2d 3e 0a 20 20 20 20 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 54 65 6c 65 67 72 61 6d 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 54 65 6c 65 67 72 61 6d 20 69 73 20 61 20 63 6c 6f 75 64 2d 62 61 73 65 64 20 6d 6f 62 69 6c 65 Data Ascii: --> <meta name="robots" content="noindex, nofollow"/> ... Open Graph --> <meta property="og:title" content="Telegram"> <meta property="og:description" content="Telegram is a cloud-based mobile
2025-01-12 00:46:06 UTC	746	IN	Data Raw: 63 75 72 65 2d 72 65 71 75 65 73 74 73 3b 0a 20 20 20 20 22 2f 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 e5 9b be e6 a0 87 e5 92 8c e6 b8 85 e5 8d 95 e6 96 87 e4 bb b6 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 63 61 6e 6f 6e 69 63 61 6c 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 65 62 2e 74 65 6c 65 67 72 61 6d 2e 6f 72 67 2f 22 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 73 69 7a 65 73 3d 22 33 32 78 33 32 22 20 68 72 65 66 3d 22 2e 2f 66 61 76 69 63 6f 6e 2d 33 32 78 33 32 2e 70 6e 67 22 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 73 69 7a 65 73 3d 22 31 38 30 78 31 38 30 22 20 68 72 65 66 3d Data Ascii: cure-requests; "/> ... --> <link rel="canonical" href="https://web.telegram.org/"/> <link rel="icon" type="image/png" sizes="32x32" href="./favicon-32x32.png"/> <link rel="apple-touch-icon" sizes="180x180" href=
2025-01-12 00:46:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49753	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:08 UTC	554	OUT	GET /main.b563a1b1790456b66383.css HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:08 UTC	935	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:08 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Last-Modified: Sun, 11 Aug 2024 15:15:18 GMT Vary: Accept-Encoding ETag: W/"66b8d586-1a073" Expires: Sun, 12 Jan 2025 12:29:53 GMT Cache-Control: max-age=43200 CF-Cache-Status: HIT Age: 975 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvAsuPn5VvyFxgXReSt5g87k6oSoqUMbQ6phONk%2F6gkgmkiab97obHK%2F8chPFusBbg0wtSKnftXn2KIoWIDpsLBH5zpTnDwN1bb2TyP3Hw5rA3yKDqklGP8nhGF9Oczv"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920b4be27efa7-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1988&min_rtt=1987&rtt_var=747&sent=3&recv=6&lost=0&retrans=0&sent_bytes=2818&recv_bytes=1132&delivery_rate=1462193&cwnd=150&unsent_bytes=0&cid=3931d127fb72e1c2&ts=141&x=0"
2025-01-12 00:46:08 UTC	434	IN	Data Raw: 37 63 64 30 0d 0a 2e 4b 55 36 37 55 75 72 30 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 79 5f 75 52 5a 58 74 41 7b 2d 77 65 62 6b 69 74 2d 6d 61 73 6b 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 74 6f 70 2c 20 74 72 61 6e 73 70 61 72 65 6e 74 20 30 70 78 2c 20 62 6c 61 63 6b 20 31 72 65 6d 29 3b 6d 61 73 6b 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 74 6f 70 2c 20 74 72 61 6e 73 70 61 72 65 6e 74 20 30 70 78 2c 20 62 6c 61 63 6b 20 31 72 65 6d 29 7d 2e 4a 4e 56 54 32 44 55 39 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 31 32 35 72 65 6d 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 31 32 35 72 65 6d 3b 6d 61 78 2d 68 65 69 67 68 74 Data Ascii: 7cd0.KU67Uur0{display:inline-block;width:100%}.y_uRZXtA{-webkit-mask-image:linear-gradient(to top, transparent 0px, black 1rem);mask-image:linear-gradient(to top, transparent 0px, black 1rem)}.JNVT2DU9{margin-top:.125rem;margin-bottom:.125rem;max-height
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 2e 70 4d 55 63 63 46 4e 39 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 72 69 67 68 74 3a 30 3b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 3b 6f 70 61 63 69 74 79 3a 30 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6f 70 61 63 69 74 79 20 2e 31 35 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 7d 2e 61 75 43 4e 74 4c 51 34 2c 2e 61 34 34 5a 4e 33 68 44 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 70 61 64 64 69 6e 67 3a 2e 31 32 35 72 65 6d 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 31 32 35 72 65 6d 3b 6d 61 72 67 69 6e 3a 2e 31 32 35 72 65 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 Data Ascii: .pMUccFN9{position:absolute;top:0;right:0;bottom:0;left:0;pointer-events:none;opacity:0;transition:opacity .15s ease-in-out}.auCNtLQ4,.a44ZN3hD{display:flex;font-size:1.25rem;padding:.125rem;border-radius:.125rem;margin:.125rem;transition:background-color
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 2e 63 6f 64 65 2d 6f 76 65 72 6c 61 79 7b 6f 70 61 63 69 74 79 3a 31 7d 2e 43 6f 64 65 42 6c 6f 63 6b 20 2e 63 6f 64 65 2d 62 6c 6f 63 6b 2e 6e 6f 2d 77 6f 72 64 2d 77 72 61 70 7b 77 68 69 74 65 2d 73 70 61 63 65 3a 70 72 65 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 2e 32 35 72 65 6d 7d 68 74 6d 6c 2e 74 68 65 6d 65 2d 6c 69 67 68 74 20 2e 43 6f 64 65 42 6c 6f 63 6b 20 2e 63 6f 64 65 2d 62 6c 6f 63 6b 7b 2d 2d 63 6f 6c 6f 72 2d 74 79 70 65 3a 20 23 30 30 35 33 64 34 3b 2d 2d 63 6f 6c 6f 72 2d 6b 65 79 77 6f 72 64 3a 20 23 33 38 38 65 32 32 3b 2d 2d 63 6f 6c 6f 72 2d 63 6c 61 73 73 3a 20 23 33 65 36 63 32 30 3b 2d 2d 63 6f 6c 6f 72 2d 73 74 72 69 6e 67 3a 20 23 39 61 31 31 31 31 3b 2d 2d 63 6f 6c 6f 72 2d 74 65 6d 70 6c 61 74 65 3a 20 23 39 61 35 33 Data Ascii: .code-overlay{opacity:1}.CodeBlock .code-block.no-word-wrap{white-space:pre;padding-bottom:.25rem}html.theme-light .CodeBlock .code-block{--color-type: #0053d4;--color-keyword: #388e22;--color-class: #3e6c20;--color-string: #9a1111;--color-template: #9a53
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 2d 2d 63 6f 6c 6f 72 2d 6c 69 6e 6b 29 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 2e 68 6c 6a 73 2d 62 75 69 6c 74 5f 69 6e 2c 2e 68 6c 6a 73 2d 74 79 70 65 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 74 79 70 65 29 7d 2e 68 6c 6a 73 2d 6e 75 6d 62 65 72 2c 2e 68 6c 6a 73 2d 63 6c 61 73 73 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 63 6c 61 73 73 29 7d 2e 68 6c 6a 73 2d 73 74 72 69 6e 67 2c 2e 68 6c 6a 73 2d 6d 65 74 61 20 2e 68 6c 6a 73 2d 73 74 72 69 6e 67 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 73 74 72 69 6e 67 29 7d 2e 68 6c 6a 73 2d 72 65 67 65 78 70 2c 2e 68 6c 6a 73 2d 74 65 6d 70 6c 61 74 65 2d 74 61 67 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 74 65 Data Ascii: --color-link);text-decoration:underline}.hljs-built_in,.hljs-type{color:var(--color-type)}.hljs-number,.hljs-class{color:var(--color-class)}.hljs-string,.hljs-meta .hljs-string{color:var(--color-string)}.hljs-regexp,.hljs-template-tag{color:var(--color-te
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 5f 54 61 44 78 57 67 7b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 7d 2e 77 71 6a 75 30 32 68 52 7b 77 69 64 74 68 3a 76 61 72 28 2d 2d 63 75 73 74 6f 6d 2d 65 6d 6f 6a 69 2d 73 69 7a 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 63 75 73 74 6f 6d 2d 65 6d 6f 6a 69 2d 73 69 7a 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 43 45 46 65 31 46 68 48 2c 2e 77 71 6a 75 30 32 68 52 2c 2e 4f 5f 54 61 44 78 57 67 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 76 Data Ascii: _TaDxWg{width:100%;height:100%;pointer-events:none}.wqju02hR{width:var(--custom-emoji-size) !important;height:var(--custom-emoji-size) !important;-webkit-user-select:none !important;user-select:none !important}.CEFe1FhH,.wqju02hR,.O_TaDxWg{border-radius:v
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 3a 31 2e 32 35 72 65 6d 7d 2e 48 52 4c 72 6e 5a 76 51 7b 77 69 64 74 68 3a 31 2e 35 72 65 6d 3b 68 65 69 67 68 74 3a 31 2e 35 72 65 6d 7d 2e 65 62 4f 32 57 4a 6b 76 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 77 69 64 74 68 3a 31 65 6d 3b 68 65 69 67 68 74 3a 31 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 65 78 74 2d 74 6f 70 7d 2e 6c 62 4b 36 61 4d 47 41 7b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 7d 2e 68 71 67 31 63 4b 6c 37 7b 63 75 72 73 6f 72 3a 76 61 72 28 2d 2d 63 75 73 74 6f 6d 2d 63 75 72 73 6f 72 2c 20 70 6f 69 6e 74 65 72 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 61 75 74 6f 7d 0a 2e 73 77 42 6e 4f 6b 31 68 7b 63 6f 6c 6f 72 3a 69 6e Data Ascii: :1.25rem}.HRLrnZvQ{width:1.5rem;height:1.5rem}.ebO2WJkv{display:inline-block;width:1em;height:1em;line-height:1;vertical-align:text-top}.lbK6aMGA{width:100%;height:100%}.hqg1cKl7{cursor:var(--custom-cursor, pointer);pointer-events:auto}.swBnOk1h{color:in
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 4f 70 74 69 6d 69 7a 65 64 52 74 6c 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2c 23 72 6f 6f 74 20 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 4f 70 74 69 6d 69 7a 65 64 52 74 6c 42 61 63 6b 77 61 72 64 73 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 72 61 6e 73 66 6f 72 6d 20 76 61 72 28 2d 2d 73 6c 69 64 65 2d 74 72 61 6e 73 69 74 69 6f 6e 29 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e Data Ascii: nsition-slideOptimizedRtl>.Transition_slide,#root .Transition-slideOptimizedRtlBackwards>.Transition_slide{position:absolute;top:0;left:0;transform:scale(0);transition:transform var(--slide-transition)}.Transition-slide>.Transition_slide-to{transform:tran
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 74 65 59 28 2d 31 30 30 25 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 73 6c 69 64 65 2d 76 65 72 74 69 63 61 6c 2d 6f 75 74 2d 62 61 63 6b 77 61 72 64 73 20 76 61 72 28 2d 2d 73 6c 69 64 65 2d 74 72 61 6e 73 69 74 69 6f 6e 29 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 56 65 72 74 69 63 61 6c 42 61 63 6b 77 61 72 64 73 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 66 72 6f 6d 7b 61 6e 69 6d 61 74 69 6f 6e 3a 73 6c 69 64 65 2d 76 65 72 74 69 63 61 6c 2d 69 6e 2d 62 61 63 6b 77 61 72 64 73 20 76 61 72 28 2d 2d 73 6c 69 64 65 2d 74 72 61 6e 73 69 74 69 6f 6e 29 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 56 65 72 74 69 63 61 6c 46 61 64 65 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a Data Ascii: teY(-100%);animation:slide-vertical-out-backwards var(--slide-transition)}.Transition-slideVerticalBackwards>.Transition_slide-from{animation:slide-vertical-in-backwards var(--slide-transition)}.Transition-slideVerticalFade>.Transition_slide-to{transform:
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 2e 35 72 65 6d 29 3b 6f 70 61 63 69 74 79 3a 30 3b 61 6e 69 6d 61 74 69 6f 6e 3a 66 61 64 65 2d 6f 75 74 2d 62 61 63 6b 77 61 72 64 73 2d 6f 70 61 63 69 74 79 20 76 61 72 28 2d 2d 73 6c 69 64 65 2d 74 72 61 6e 73 69 74 69 6f 6e 29 2c 73 6c 69 64 65 2d 66 61 64 65 2d 6f 75 74 2d 62 61 63 6b 77 61 72 64 73 2d 6d 6f 76 65 20 76 61 72 28 2d 2d 73 6c 69 64 65 2d 74 72 61 6e 73 69 74 69 6f 6e 29 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 46 61 64 65 41 6e 64 72 6f 69 64 7b 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 63 6f 6c 6f 72 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 73 6c 69 64 65 46 61 64 65 41 6e 64 72 Data Ascii: o{transform:translateX(-1.5rem);opacity:0;animation:fade-out-backwards-opacity var(--slide-transition),slide-fade-out-backwards-move var(--slide-transition)}.Transition-slideFadeAndroid{--background-color: var(--color-background)}.Transition-slideFadeAndr
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 74 69 6f 6e 2d 7a 6f 6f 6d 46 61 64 65 42 61 63 6b 77 61 72 64 73 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 2e 39 35 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 66 61 64 65 2d 6f 75 74 2d 62 61 63 6b 77 61 72 64 73 2d 6f 70 61 63 69 74 79 20 2e 31 35 73 20 65 61 73 65 2c 7a 6f 6f 6d 2d 66 61 64 65 2d 6f 75 74 2d 62 61 63 6b 77 61 72 64 73 2d 6d 6f 76 65 20 2e 31 35 73 20 65 61 73 65 7d 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 66 61 64 65 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 66 72 6f 6d 2c 2e 54 72 61 6e 73 69 74 69 6f 6e 2d 66 61 64 65 42 61 63 6b 77 61 72 64 73 3e 2e 54 72 61 6e 73 69 74 69 6f 6e 5f 73 6c 69 64 65 2d 66 72 6f 6d 7b 6f 70 61 63 69 74 79 3a 31 3b 61 6e 69 6d Data Ascii: tion-zoomFadeBackwards>.Transition_slide-to{transform:scale(0.95);animation:fade-out-backwards-opacity .15s ease,zoom-fade-out-backwards-move .15s ease}.Transition-fade>.Transition_slide-from,.Transition-fadeBackwards>.Transition_slide-from{opacity:1;anim

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49754	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:08 UTC	524	OUT	GET /compatTest.js HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:08 UTC	947	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:08 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Last-Modified: Mon, 19 Aug 2024 08:00:42 GMT Vary: Accept-Encoding ETag: W/"66c2fbaa-9f0" Expires: Sun, 12 Jan 2025 12:29:53 GMT Cache-Control: max-age=43200 CF-Cache-Status: HIT Age: 975 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8yJ%2F1jwMdvwTPCbd19puAarde3JgivAfC0B4B2DstgJfdXHd%2BkVbeoT6pbJDrUOBBNMmYA2k43MTP106z5m4F2yT8lzpa881Z4xRO9ZntRkw70ybKwK9qkElykQxs1a"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920b4cc8d43eb-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1556&min_rtt=1546&rtt_var=601&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2817&recv_bytes=1102&delivery_rate=1789215&cwnd=183&unsent_bytes=0&cid=da0128e3bf94d9aa&ts=151&x=0"
2025-01-12 00:46:08 UTC	422	IN	Data Raw: 39 66 30 0d 0a 66 75 6e 63 74 69 6f 6e 20 63 6f 6d 70 61 74 54 65 73 74 28 29 20 7b 0a 20 20 76 61 72 20 68 61 73 50 72 6f 6d 69 73 65 20 3d 20 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 57 65 62 53 6f 63 6b 65 74 73 20 3d 20 74 79 70 65 6f 66 20 57 65 62 53 6f 63 6b 65 74 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 57 65 62 43 72 79 70 74 6f 20 3d 20 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 20 26 26 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 2e 73 75 62 74 6c 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 4f 62 6a 65 63 74 46 72 6f 6d 45 6e 74 72 69 65 73 20 3d 20 74 79 70 65 6f 66 20 Data Ascii: 9f0function compatTest() { var hasPromise = typeof Promise !== 'undefined'; var hasWebSockets = typeof WebSocket !== 'undefined'; var hasWebCrypto = window.crypto && typeof window.crypto.subtle !== 'undefined'; var hasObjectFromEntries = typeof
2025-01-12 00:46:08 UTC	1369	IN	Data Raw: 6f 72 74 73 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 3b 0a 20 20 76 61 72 20 68 61 73 49 6e 74 6c 20 3d 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 49 6e 74 6c 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 44 69 73 70 6c 61 79 4e 61 6d 65 73 20 3d 20 68 61 73 49 6e 74 6c 20 26 26 20 74 79 70 65 6f 66 20 49 6e 74 6c 2e 44 69 73 70 6c 61 79 4e 61 6d 65 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 50 6c 75 72 61 6c 52 75 6c 65 73 20 3d 20 68 61 73 49 6e 74 6c 20 26 26 20 74 79 70 65 6f 66 20 49 6e 74 6c 2e 50 6c 75 72 61 6c 52 75 6c 65 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 4e 75 6d 62 65 72 46 6f 72 6d 61 74 20 3d 20 68 61 73 49 6e 74 Data Ascii: orts === 'function'; var hasIntl = typeof window.Intl !== 'undefined'; var hasDisplayNames = hasIntl && typeof Intl.DisplayNames !== 'undefined'; var hasPluralRules = hasIntl && typeof Intl.PluralRules !== 'undefined'; var hasNumberFormat = hasInt
2025-01-12 00:46:08 UTC	760	IN	Data Raw: 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 27 29 3b 0a 20 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 20 3d 20 27 3c 74 61 62 6c 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 22 3e 3c 74 72 3e 3c 74 64 20 73 74 79 6c 65 3d 22 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 22 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 3c 69 6d 67 20 73 72 63 3d 2e 2f 75 6e 73 75 70 70 6f 72 74 65 64 2e 70 6e 67 Data Ascii: font-family: Arial, Helvetica, sans-serif;'); document.body.innerHTML = '<table style="width:100%;height:100%;border-collapse:collapse"><tr><td style="vertical-align:middle;text-align:center"><div style="display:inline-block"><img src=./unsupported.png
2025-01-12 00:46:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49755	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:08 UTC	539	OUT	GET /main.9a912c00d881695d0ddb.js HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:09 UTC	809	IN	HTTP/1.1 404 Not Found Date: Sun, 12 Jan 2025 00:46:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920b4ee1a4393-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1600&min_rtt=1577&rtt_var=639&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2819&recv_bytes=1117&delivery_rate=1651583&cwnd=206&unsent_bytes=0&cid=304425a62e6c8f09&ts=1023&x=0"
2025-01-12 00:46:09 UTC	555	IN	Data Raw: 32 32 34 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 Data Ascii: 224<html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Ch
2025-01-12 00:46:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
5	192.168.2.6	49762	40.115.3.253	443

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:09 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6c 62 62 65 72 2b 32 6d 75 6b 61 59 79 5a 64 4a 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 37 30 62 61 66 62 38 30 35 64 39 61 39 66 30 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: lbber+2mukaYyZdJ.1Context: 870bafb805d9a9f0
2025-01-12 00:46:09 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-12 00:46:09 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 6c 62 62 65 72 2b 32 6d 75 6b 61 59 79 5a 64 4a 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 37 30 62 61 66 62 38 30 35 64 39 61 39 66 30 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 51 32 6b 46 39 4c 73 64 6b 61 51 55 71 51 78 41 43 4a 6c 67 68 53 71 53 54 51 52 2b 4e 73 47 65 51 4f 4e 59 53 57 53 43 38 2b 61 65 6b 47 46 6d 35 47 39 45 42 78 32 72 6e 37 74 6f 53 58 4c 58 4d 31 33 35 57 38 6e 69 50 6d 44 68 2f 79 6d 49 62 74 62 74 67 7a 2b 47 48 66 62 4e 62 41 4b 7a 65 75 2f 39 41 68 54 4b 2f 38 4a 63 59 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: lbber+2mukaYyZdJ.2Context: 870bafb805d9a9f0<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAQ2kF9LsdkaQUqQxACJlghSqSTQR+NsGeQONYSWSC8+aekGFm5G9EBx2rn7toSXLXM135W8niPmDh/ymIbtbtgz+GHfbNbAKzeu/9AhTK/8JcY
2025-01-12 00:46:09 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 6c 62 62 65 72 2b 32 6d 75 6b 61 59 79 5a 64 4a 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 38 37 30 62 61 66 62 38 30 35 64 39 61 39 66 30 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: lbber+2mukaYyZdJ.3Context: 870bafb805d9a9f0<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-12 00:46:09 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-12 00:46:09 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 72 70 69 41 66 68 71 74 63 30 79 2b 6a 36 41 72 6f 34 56 53 6b 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: rpiAfhqtc0y+j6Aro4VSkQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49763	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:09 UTC	350	OUT	GET /compatTest.js HTTP/1.1 Host: www.grhga.icu Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:09 UTC	954	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:09 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Last-Modified: Mon, 19 Aug 2024 08:00:42 GMT Vary: Accept-Encoding ETag: W/"66c2fbaa-9f0" Expires: Sun, 12 Jan 2025 12:29:53 GMT Cache-Control: max-age=43200 CF-Cache-Status: HIT Age: 976 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uga9CiofmMdalPUjBkEoY3BPlpBXA0uVxATkfv1AC3qSZX%2B3rbh7Eg3J%2B2dyjwzS5MmSi3BDzU%2BsEHlyrR5CJk8HOlkmpM4Zr8%2Fx8l8%2BqJghzUtClEe1BObd%2FKbwGdur"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920bbe9c1c443-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1598&min_rtt=1478&rtt_var=795&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2819&recv_bytes=928&delivery_rate=1195251&cwnd=244&unsent_bytes=0&cid=9216ed24fbd44155&ts=164&x=0"
2025-01-12 00:46:09 UTC	415	IN	Data Raw: 39 66 30 0d 0a 66 75 6e 63 74 69 6f 6e 20 63 6f 6d 70 61 74 54 65 73 74 28 29 20 7b 0a 20 20 76 61 72 20 68 61 73 50 72 6f 6d 69 73 65 20 3d 20 74 79 70 65 6f 66 20 50 72 6f 6d 69 73 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 57 65 62 53 6f 63 6b 65 74 73 20 3d 20 74 79 70 65 6f 66 20 57 65 62 53 6f 63 6b 65 74 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 57 65 62 43 72 79 70 74 6f 20 3d 20 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 20 26 26 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 2e 73 75 62 74 6c 65 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 4f 62 6a 65 63 74 46 72 6f 6d 45 6e 74 72 69 65 73 20 3d 20 74 79 70 65 6f 66 20 Data Ascii: 9f0function compatTest() { var hasPromise = typeof Promise !== 'undefined'; var hasWebSockets = typeof WebSocket !== 'undefined'; var hasWebCrypto = window.crypto && typeof window.crypto.subtle !== 'undefined'; var hasObjectFromEntries = typeof
2025-01-12 00:46:09 UTC	1369	IN	Data Raw: 53 53 2e 73 75 70 70 6f 72 74 73 20 3d 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 3b 0a 20 20 76 61 72 20 68 61 73 49 6e 74 6c 20 3d 20 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 49 6e 74 6c 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 44 69 73 70 6c 61 79 4e 61 6d 65 73 20 3d 20 68 61 73 49 6e 74 6c 20 26 26 20 74 79 70 65 6f 66 20 49 6e 74 6c 2e 44 69 73 70 6c 61 79 4e 61 6d 65 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 50 6c 75 72 61 6c 52 75 6c 65 73 20 3d 20 68 61 73 49 6e 74 6c 20 26 26 20 74 79 70 65 6f 66 20 49 6e 74 6c 2e 50 6c 75 72 61 6c 52 75 6c 65 73 20 21 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 3b 0a 20 20 76 61 72 20 68 61 73 4e 75 6d 62 65 72 46 6f 72 6d 61 74 20 3d Data Ascii: SS.supports === 'function'; var hasIntl = typeof window.Intl !== 'undefined'; var hasDisplayNames = hasIntl && typeof Intl.DisplayNames !== 'undefined'; var hasPluralRules = hasIntl && typeof Intl.PluralRules !== 'undefined'; var hasNumberFormat =
2025-01-12 00:46:09 UTC	767	IN	Data Raw: 67 69 6e 3a 20 30 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 27 29 3b 0a 20 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 69 6e 6e 65 72 48 54 4d 4c 20 3d 20 27 3c 74 61 62 6c 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 22 3e 3c 74 72 3e 3c 74 64 20 73 74 79 6c 65 3d 22 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 22 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 3c 69 6d 67 20 73 72 63 3d 2e 2f 75 6e 73 75 70 70 6f 72 Data Ascii: gin: 0; font-family: Arial, Helvetica, sans-serif;'); document.body.innerHTML = '<table style="width:100%;height:100%;border-collapse:collapse"><tr><td style="vertical-align:middle;text-align:center"><div style="display:inline-block"><img src=./unsuppor
2025-01-12 00:46:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49769	35.190.80.1	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:09 UTC	532	OUT	OPTIONS /report/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://www.grhga.icu Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:09 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: * access-control-allow-headers: content-type, content-length date: Sun, 12 Jan 2025 00:46:09 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49774	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:10 UTC	526	OUT	GET /site.webmanifest HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:10 UTC	868	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:10 GMT Content-Type: application/octet-stream Content-Length: 1174 Connection: close Last-Modified: Mon, 19 Aug 2024 08:00:42 GMT ETag: "66c2fbaa-496" Accept-Ranges: bytes cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZb18eWtENTWuvCkmduiSSy2HHh%2FbHueW6ZCsvtQAWK9Yb%2BpLVdm7CHtRpqR3X4awXB5%2FWHRFl2CTMyC5ezl71txJMnn9KDBPh2U07r%2F7UgweJbXvw60IIrfVqkL2E72"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920c18f94439d-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2389&min_rtt=2385&rtt_var=902&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2818&recv_bytes=1104&delivery_rate=1208109&cwnd=200&unsent_bytes=0&cid=430e758e6ae134f2&ts=699&x=0"
2025-01-12 00:46:10 UTC	501	IN	Data Raw: 7b 0a 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 54 65 6c 65 67 72 61 6d 20 57 65 62 22 2c 0a 20 20 20 20 22 73 68 6f 72 74 5f 6e 61 6d 65 22 3a 20 22 54 65 6c 65 67 72 61 6d 20 57 65 62 22 2c 0a 20 20 20 20 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 20 22 54 65 6c 65 67 72 61 6d 20 69 73 20 61 20 63 6c 6f 75 64 2d 62 61 73 65 64 20 6d 6f 62 69 6c 65 20 61 6e 64 20 64 65 73 6b 74 6f 70 20 6d 65 73 73 61 67 69 6e 67 20 61 70 70 20 77 69 74 68 20 61 20 66 6f 63 75 73 20 6f 6e 20 73 65 63 75 72 69 74 79 20 61 6e 64 20 73 70 65 65 64 2e 22 2c 0a 20 20 20 20 22 73 74 61 72 74 5f 75 72 6c 22 3a 20 22 2e 2f 22 2c 0a 20 20 20 20 22 67 63 6d 5f 73 65 6e 64 65 72 5f 69 64 22 3a 20 22 31 32 32 38 36 37 33 38 33 38 33 38 22 2c 0a 20 20 20 20 22 69 63 6f 6e 73 22 3a 20 5b Data Ascii: { "name": "Telegram Web", "short_name": "Telegram Web", "description": "Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed.", "start_url": "./", "gcm_sender_id": "122867383838", "icons": [
2025-01-12 00:46:10 UTC	673	IN	Data Raw: 7d 2c 0a 20 20 20 20 20 20 20 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 22 73 72 63 22 3a 20 22 69 63 6f 6e 2d 35 31 32 78 35 31 32 2e 70 6e 67 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 22 73 69 7a 65 73 22 3a 20 22 35 31 32 78 35 31 32 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 22 74 79 70 65 22 3a 20 22 69 6d 61 67 65 2f 70 6e 67 22 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 5d 2c 0a 20 20 20 20 22 73 63 72 65 65 6e 73 68 6f 74 73 22 20 3a 20 5b 7b 0a 20 20 20 20 20 20 22 73 72 63 22 3a 20 22 73 63 72 65 65 6e 73 68 6f 74 2e 6a 70 67 22 2c 0a 20 20 20 20 20 20 22 73 69 7a 65 73 22 3a 20 22 31 32 38 30 78 38 30 32 22 2c 0a 20 20 20 20 20 20 22 74 79 70 65 22 3a 20 22 69 6d 61 67 65 2f 6a 70 65 67 22 0a 20 20 20 20 7d 5d 2c 0a 20 20 20 20 22 73 Data Ascii: }, { "src": "icon-512x512.png", "sizes": "512x512", "type": "image/png" } ], "screenshots" : [{ "src": "screenshot.jpg", "sizes": "1280x802", "type": "image/jpeg" }], "s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49775	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:10 UTC	588	OUT	GET /favicon-32x32.png HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:10 UTC	934	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:10 GMT Content-Type: image/png Content-Length: 734 Connection: close Last-Modified: Mon, 19 Aug 2024 08:00:42 GMT ETag: "66c2fbaa-2de" Expires: Mon, 10 Feb 2025 10:25:55 GMT Cache-Control: max-age=2592000 CF-Cache-Status: HIT Age: 51615 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FJns%2BbyqCOxdbyZawOlOWRktLWUTR9fRy68vfQIF%2BGxih%2BAhEBEmRg4L8Qvht4aak7qpyi53L1ZpGr3NPQZHExwp80sFnlmmdsilt%2BGFdmyzC6yq4LeUnPgNiJRoeSq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920c18c8a4269-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1764&min_rtt=1761&rtt_var=668&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2817&recv_bytes=1166&delivery_rate=1630374&cwnd=250&unsent_bytes=0&cid=c71fac15e945d9db&ts=157&x=0"
2025-01-12 00:46:10 UTC	435	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 bd 50 4c 54 45 00 00 00 47 b7 f4 30 a5 de 30 a6 df 2f a5 df 2d a2 da 2a 9f d7 2a 9d d4 2f a3 df 28 9e d6 2f 9f d9 3a af e9 37 ae ea 38 b0 e8 2a 9e d5 27 9f d3 33 ab e7 37 b0 ec 37 a7 e7 34 a7 e4 37 af e7 37 b0 e7 3f b4 ef 38 af e8 38 a8 e8 38 ac e9 35 ac e8 34 aa e6 33 a8 e4 32 a8 e2 31 a6 e1 30 a4 e0 30 a5 de 2e a3 dd 2d a1 db 2c a0 d9 2b 9f d8 2a 9e d6 2a 9d d5 28 9c d4 28 9b d3 28 a0 d8 c0 e0 f3 a0 d3 f0 f0 f8 fc 78 c3 ea 6e c0 e7 f8 ff ff ff ff ff e2 f0 f8 5f b8 e3 30 a0 e0 30 a0 d8 4c b0 e0 30 a8 e0 53 b0 e6 95 d0 ee d8 f0 f8 b0 dc f0 40 ac e0 83 c8 e8 b8 e0 f0 cc e8 f8 ca fc e3 93 00 00 00 19 74 52 4e 53 00 08 48 98 f0 d8 c4 98 18 e0 30 30 de Data Ascii: PNGIHDR DPLTEG00/-*/(/:78'377477?8885432100.-,+**(((xn_00L0S@tRNSH00
2025-01-12 00:46:10 UTC	299	IN	Data Raw: e2 e0 7b 78 3c 39 b1 cb 32 26 80 b8 ca 44 ab cb c1 49 85 bc 26 42 27 cb 5f 77 97 92 d3 f9 83 eb 35 5a af 57 eb d5 aa 03 f2 7a bd 59 23 ef 79 75 c8 f3 75 a1 83 1b 51 7d b3 91 41 da 6c 36 eb e8 fd 70 62 ae 17 61 8e 0e fe 86 ac 25 6a d8 fa 49 7c 3d 2e 7d ca d1 91 1a 90 04 f2 76 bb f5 bd 27 fd f7 af e7 fb 6f 87 3b fb db 98 0c 0a 3f f8 e1 c5 d3 fc 80 e7 c8 4b 1a 14 10 35 8d 0e 18 6a 9a 16 3a a9 25 5d 91 08 82 c6 e9 1a 0a 3e 0e e7 06 5b 5e 16 80 b5 30 d3 89 46 ce fc 45 1e a8 86 41 8b 01 a8 7a c9 e6 e9 a0 bb ce a9 00 50 69 19 05 41 10 78 f8 42 6f 81 8e 17 bd 55 01 d4 36 8a 74 3d 08 ce 97 bd 6e e8 38 da 40 98 62 72 86 89 39 06 e6 9e df f7 0a 83 58 a5 6a 59 a6 65 e2 b0 48 76 ae 56 20 51 ab 5a b6 65 e3 b0 68 27 b4 55 6b 90 a9 28 f6 0f a5 02 05 ac dd c2 da ce de a5 Data Ascii: {x<92&DI&B'_w5ZWzY#yuuQ}Al6pba%jI\|=.}v'o;?K5j:%]>[^0FEAzPiAxBoU6t=n8@br9XjYeHvV QZeh'Uk(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	49780	35.190.80.1	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:10 UTC	476	OUT	POST /report/v4?s=HAM%2F6Bnx5ncAl%2FIwlQfqjt4VR6zSHZNC4%2BOABPpI3pPZHcv2XcOTmgVR24o4ZkjoDhKPsaoF153nNkvjlMCqT%2BMQRtnDCoPZQeibby64XC85%2BZi4LRaOtqumiRSvpKBE HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 434 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:10 UTC	434	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 39 38 33 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 72 68 67 61 2e 69 63 75 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 35 37 2e 31 34 36 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 Data Ascii: [{"age":0,"body":{"elapsed_time":1983,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://www.grhga.icu/","sampling_fraction":1.0,"server_ip":"104.21.57.146","status_code":404,"type":"http.error"},"type":"network-error","url":"h
2025-01-12 00:46:10 UTC	168	IN	HTTP/1.1 200 OK Content-Length: 0 date: Sun, 12 Jan 2025 00:46:09 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	49787	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:11 UTC	354	OUT	GET /favicon-32x32.png HTTP/1.1 Host: www.grhga.icu Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:11 UTC	931	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:11 GMT Content-Type: image/png Content-Length: 734 Connection: close Last-Modified: Mon, 19 Aug 2024 08:00:42 GMT ETag: "66c2fbaa-2de" Expires: Mon, 10 Feb 2025 10:25:55 GMT Cache-Control: max-age=2592000 CF-Cache-Status: HIT Age: 51616 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVose6p991hWLt4o%2Bgq0kqKExdzVo2PqO3%2BOs2FSEmNFsNb7kPOmkHF3RdVYO7ptQKcxdox4qcEEZr8sCVpGLW%2FmyJydfnk9wy84qCz8Juc4%2BWUBN7XCxLqyw5YsowWF"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920c888cd3308-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1965&min_rtt=1963&rtt_var=738&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2818&recv_bytes=932&delivery_rate=1487519&cwnd=105&unsent_bytes=0&cid=a0be9470819592fd&ts=154&x=0"
2025-01-12 00:46:11 UTC	438	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 bd 50 4c 54 45 00 00 00 47 b7 f4 30 a5 de 30 a6 df 2f a5 df 2d a2 da 2a 9f d7 2a 9d d4 2f a3 df 28 9e d6 2f 9f d9 3a af e9 37 ae ea 38 b0 e8 2a 9e d5 27 9f d3 33 ab e7 37 b0 ec 37 a7 e7 34 a7 e4 37 af e7 37 b0 e7 3f b4 ef 38 af e8 38 a8 e8 38 ac e9 35 ac e8 34 aa e6 33 a8 e4 32 a8 e2 31 a6 e1 30 a4 e0 30 a5 de 2e a3 dd 2d a1 db 2c a0 d9 2b 9f d8 2a 9e d6 2a 9d d5 28 9c d4 28 9b d3 28 a0 d8 c0 e0 f3 a0 d3 f0 f0 f8 fc 78 c3 ea 6e c0 e7 f8 ff ff ff ff ff e2 f0 f8 5f b8 e3 30 a0 e0 30 a0 d8 4c b0 e0 30 a8 e0 53 b0 e6 95 d0 ee d8 f0 f8 b0 dc f0 40 ac e0 83 c8 e8 b8 e0 f0 cc e8 f8 ca fc e3 93 00 00 00 19 74 52 4e 53 00 08 48 98 f0 d8 c4 98 18 e0 30 30 de Data Ascii: PNGIHDR DPLTEG00/-*/(/:78'377477?8885432100.-,+**(((xn_00L0S@tRNSH00
2025-01-12 00:46:11 UTC	296	IN	Data Raw: 78 3c 39 b1 cb 32 26 80 b8 ca 44 ab cb c1 49 85 bc 26 42 27 cb 5f 77 97 92 d3 f9 83 eb 35 5a af 57 eb d5 aa 03 f2 7a bd 59 23 ef 79 75 c8 f3 75 a1 83 1b 51 7d b3 91 41 da 6c 36 eb e8 fd 70 62 ae 17 61 8e 0e fe 86 ac 25 6a d8 fa 49 7c 3d 2e 7d ca d1 91 1a 90 04 f2 76 bb f5 bd 27 fd f7 af e7 fb 6f 87 3b fb db 98 0c 0a 3f f8 e1 c5 d3 fc 80 e7 c8 4b 1a 14 10 35 8d 0e 18 6a 9a 16 3a a9 25 5d 91 08 82 c6 e9 1a 0a 3e 0e e7 06 5b 5e 16 80 b5 30 d3 89 46 ce fc 45 1e a8 86 41 8b 01 a8 7a c9 e6 e9 a0 bb ce a9 00 50 69 19 05 41 10 78 f8 42 6f 81 8e 17 bd 55 01 d4 36 8a 74 3d 08 ce 97 bd 6e e8 38 da 40 98 62 72 86 89 39 06 e6 9e df f7 0a 83 58 a5 6a 59 a6 65 e2 b0 48 76 ae 56 20 51 ab 5a b6 65 e3 b0 68 27 b4 55 6b 90 a9 28 f6 0f a5 02 05 ac dd c2 da ce de a5 5a 6d 06 Data Ascii: x<92&DI&B'_w5ZWzY#yuuQ}Al6pba%jI\|=.}v'o;?K5j:%]>[^0FEAzPiAxBoU6t=n8@br9XjYeHvV QZeh'Uk(Zm

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.6	49794	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:11 UTC	587	OUT	GET /icon-192x192.png HTTP/1.1 Host: www.grhga.icu Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.grhga.icu/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:11 UTC	935	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:11 GMT Content-Type: image/png Content-Length: 48658 Connection: close Last-Modified: Sat, 16 Nov 2024 15:47:33 GMT ETag: "6738be95-be12" Expires: Mon, 10 Feb 2025 11:30:53 GMT Cache-Control: max-age=2592000 CF-Cache-Status: HIT Age: 47718 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qg3AqZV21qjwSS0uIc5%2FGYyHi%2F4bSF87UIdZM%2BoYnn7SyJOd4a7dzK5zphisV5vZJ3pzTZyVIF55SdqZO1YMFYcGDyeyHHii4TY8QvPhQRSFNtk%2F6cSFiJ7GAUIQgesp"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920cbfa9e42ef-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1777&min_rtt=1775&rtt_var=671&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2818&recv_bytes=1165&delivery_rate=1624930&cwnd=224&unsent_bytes=0&cid=8689fb67d30df0a3&ts=160&x=0"
2025-01-12 00:46:11 UTC	434	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 03 02 02 08 08 08 08 08 08 08 0a 0a 0a 0a 0a 0b 0b 0b 0b 0b 0b 0c 0c 0c 0c 0c 0c 0c 0d 0d 0d 0d 0d 0d 0d 0d 0e 0e 0e 0e 0e 0e 0e 10 10 14 10 10 10 11 13 13 13 11 12 19 1e 17 13 20 13 15 17 16 01 03 04 04 06 05 06 0a 06 06 0a 0d 0d 0a 0d 0d 0e 10 0f 0f 0d 10 0f 0d 0d 0e 0d 10 0d 0d 0d 0e 0d 0d 0d 0d 0f 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d ff c0 00 11 08 01 82 02 ae 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 01 00 01 04 03 01 01 00 00 00 00 00 00 00 00 00 00 08 01 06 07 09 02 04 05 03 0a ff c4 00 65 10 00 02 01 03 02 02 05 06 05 09 10 0f 07 04 02 03 01 02 03 00 04 11 05 12 06 21 07 08 13 31 41 09 14 22 51 61 71 32 52 81 91 a1 15 23 42 Data Ascii: JFIF "e!1A"Qaq2R#B
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 68 0e 74 ae 85 ee b9 0c 7f a2 4b 1a 7d fb aa fe 33 5e 4c dd 24 e9 eb df 79 6f f2 4a 87 f1 13 5e b6 5f 43 ce d2 ea 5c b4 ab 49 ba 53 b1 f0 9f 7f ec 71 ca ff 00 90 86 be 12 74 af 6a 3b 96 e9 bd d6 97 18 f9 cc 60 7d 35 e9 53 9b e0 99 e5 d4 8a e6 8b d2 95 8f ae 7a 64 80 7e a3 3f ee 84 51 ff 00 1b 22 57 91 79 d6 06 04 ef 8d 57 f6 4b cb 35 fa 04 ec 7e 8a d8 ad ea 3e 11 67 87 5e 9a e6 8c b1 4a c1 17 dd 6a ad 13 be 5b 05 fb fb e5 3f c5 c6 ff 00 8e ad fb de b9 b6 4b ff 00 7b d3 c7 de bd c4 a7 f8 30 ad 6c 56 75 9f f0 b3 c7 9d 52 ea 49 7a a5 44 fb 9e ba f6 c7 e0 5d 23 7e c5 61 73 27 cd 97 5c fc d5 e6 5c 75 c8 27 e0 1b f7 fd 8f 4c db f4 c8 cd f8 ab 6a b0 ac ff 00 84 d6 ef 69 2e 64 c3 cd 33 50 9e eb ad b5 c1 f8 30 ea a7 de 2d 20 1f c2 8f 22 bc 4b be b5 17 67 fe ed 73 Data Ascii: htK}3^L$yoJ^_C\ISqtj;`}5Szd~?Q"WyWK5~>g^Jj[?K{0lVuRIzD]#~as'\\u'Lji.d3P0- "Kgs
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 5a 98 1c 9b db 54 3e b8 ed 8c cd f8 72 ed 3f 2d 71 7e 9e 6e 47 2f aa f7 40 7a a2 b7 86 3f 9b 99 c5 60 5c d2 bb 7b 28 f4 39 76 e5 d4 cc d7 7d 36 48 df 0b 51 d5 1f ff 00 5d 50 7f 05 0f e3 af 12 eb a4 f8 db e1 3d f4 9f 7f 79 27 f4 76 d6 33 cd 50 d6 7b 38 ae 43 6e 5d 4b e6 6e 3c b7 3f f7 62 df 7f 71 3b ff 00 c4 ae a3 f1 e4 43 ba ce df e5 52 ff 00 96 4d 58 5a de a8 20 89 e5 6c 90 83 38 1d e7 d4 07 bc e0 56 28 9f 8e ef 72 b2 92 c9 1c 8e 51 08 8c 18 b7 0e f4 dc 46 58 8c f3 20 8a e2 b8 ba a7 41 a5 24 f3 dd bc e9 a3 42 75 b2 d3 f7 92 47 fb 64 38 f8 10 5b 27 ba 08 ff 00 e5 af 99 e9 46 eb c1 95 7e f5 15 7f 10 15 8f 78 6f 5a ed e3 0e 46 d6 07 6b 01 dd 91 e2 3d 87 be bd 5a ec a7 38 ce 2a 51 e0 ce 69 c5 c1 b8 be 25 cb 37 48 f7 a7 f5 77 f9 09 15 d0 9f 8b ee 4f 7c d2 1f Data Ascii: ZT>r?-q~nG/@z?`\{(9v}6HQ]P=y'v3P{8Cn]Kn<?bq;CRMXZ l8V(rQFX A$BuGd8['F~xoZFk=Z8*Qi%7HwO\|
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 56 0c 8a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 11 4b ad df 4d e6 d7 36 d0 65 a6 88 26 c4 1c f7 dd cf ca 01 8f 1e c8 1e d0 0f 8e 53 d5 50 db a6 ab 41 60 b0 69 aa 77 4c ab e7 17 d2 fd 94 d7 72 f3 7c b7 79 11 8f 41 41 f0 f7 d6 42 e1 4d 69 b5 9e 27 13 4b e9 43 15 cd d5 f1 07 98 2b 6c 0f 63 cb d4 18 44 07 ba b0 b7 4b fa a9 9f 53 bc 91 8e 7e bc c3 e4 5f 44 7e 2a fa 0d 9d ba a3 15 05 c5 25 9f 16 52 ee 6a ba 92 72 ea f7 78 22 cd 2d 54 aa 9a a5 4a e0 e3 15 43 4c d5 45 64 1c 6a 86 aa d5 4c d0 c3 3c ce 24 d2 fb 68 5e 31 c8 b0 e4 7d a0 e4 7d 22 ac ad 36 19 13 b2 86 64 95 e0 86 47 93 cd b6 b1 8d a4 70 01 60 c1 80 52 76 81 9c 77 0f 6d 64 29 27 03 c4 7c e2 Data Ascii: VR)@)JPR)@)JPR)@)JPR)@)JPKM6e&SPA`iwLr\|yAABMi'KC+lcDKS~_D~*%Rjrx"-TJCLEdjL<$h^1}}"6dGp`Rvwmd)'\|
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 60 60 0e 40 96 23 14 6a fa c4 93 c8 d2 ca e5 dd f9 92 7f 10 f5 01 e0 07 21 5d ae 2b e2 59 2e e7 79 e4 3c d8 fa 2b e0 8b f6 28 3d 80 72 f6 9c 9f 1a f2 2b ea fa 66 9c ad 61 b5 2d f5 1f 17 d3 b9 77 23 e5 1a 9e a3 2b a9 ec c7 f7 6b 82 eb de fa b6 29 4a 54 e1 08 29 4a 50 c0 a5 54 0a bc 38 67 a2 6b eb ac 14 84 c6 87 f5 49 7d 05 c7 ac 02 37 1f 91 4d 73 d6 b8 a5 45 6d 54 92 4b bc e8 a5 42 a5 67 b3 4e 2d be e2 ce ab 9f 81 38 fa 6b 09 43 a1 dd 19 3f 5c 88 9f 45 c7 ac 7a 98 78 37 f3 55 ed c5 1d 03 79 ad 9c d7 06 e3 73 c3 19 91 94 26 10 aa 8c b0 07 39 ce 33 83 e3 ea 15 88 21 94 30 04 10 41 e6 08 ae 2a 75 ed b5 0a 72 8c 7d 28 f0 7b b1 fe 77 1d b5 28 5c d8 54 8c a5 e8 cb 8a fe ff 00 53 2e f1 be 9c f6 92 8e 29 d1 14 c9 95 5f ab 3a 7c 7f f7 fb 64 e4 d2 aa 0e 43 50 b3 5c Data Ascii: ``@#j!]+Y.y<+(=r+fa-w#+k)JT)JPT8gkI}7MsEmTKBgN-8kC?\Ezx7Uys&93!0A*ur}({w(\TS.)_:\|dCP\
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 2c af 50 32 a8 8e 48 a5 ed 4c 67 31 7a 3b 42 02 76 21 2e 0e d2 86 40 64 f4 ae 06 4a 2c 61 40 c9 53 71 9d b2 c7 34 bd b2 94 80 91 31 5c bf 66 41 20 e4 28 27 00 83 cc 02 39 1e 7c 8e 39 e9 7c 57 04 ce f1 c6 fb 9d 06 58 6d 61 cb 38 3b 4b 00 1b 6b 7a 2d b7 3b 5b 91 c1 e5 58 b7 5d d2 de 06 ba 8a 38 2e a5 46 78 d3 38 8d d5 e1 22 4b 8d 91 83 6e eb b6 29 66 64 fa e6 e6 25 c6 4b 04 c0 b8 fa 2d d0 0c 4c ec d0 b4 78 8a 21 1e 4c 85 42 3a 86 75 1d a1 cf 68 5d 43 49 81 8d df 64 4e e0 00 e8 eb 5d 60 e0 8b 7e db 2d 42 75 8e 49 22 32 43 14 45 0b 44 ef 1b 90 5a 75 3b 55 a3 60 49 51 8c 73 c5 5d 9c 37 d2 25 bd c5 ac 57 64 f9 ba 4a e6 20 b3 b2 29 12 89 5a 1e cc 90 ec 85 8c 8a 42 ed 66 dd cb 19 cd 60 3d 5b a3 6b c5 ba b9 51 69 77 71 6b 35 c5 cb 3c 22 42 91 ed b8 d4 4c b3 3c 67 Data Ascii: ,P2HLg1z;Bv!.@dJ,a@Sq41\fA ('9\|9\|WXma8;Kkz-;[X]8.Fx8"Kn)fd%K-Lx!LB:uh]CIdN]`~-BuI"2CEDZu;U`IQs]7%WdJ )ZBf`=[kQiwqk5<"BL<g
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 29 9a e4 d5 4b 8d 87 c1 24 be a6 4c 8a 50 40 20 e4 1e 60 d6 5c e9 06 f6 4b bd 02 1d 4e 11 ba fb 44 99 2f a3 c7 c2 63 68 7f be 23 cf 7e 2e 6c da 44 3e d7 1e aa 8e 5a 0e b4 63 3b 4f 34 3f 3a fb 47 fe d5 26 3a b9 df 2c ab 77 6c d8 68 e5 8c 36 d3 cc 10 41 49 07 ca a5 45 76 eb 74 d5 4b 7e d7 9c 1a 7e c7 b9 a3 8f 44 9b a5 73 d9 f2 9a 6b db c5 12 0b 44 d5 52 78 62 9e 33 ba 39 a3 49 63 61 e2 92 28 75 3f 2a 91 5a d9 f2 c4 74 cf ab 69 52 e8 51 69 ba 85 dd 8a 4f 1d fc 93 0b 59 9e 13 23 44 d6 ab 19 66 8c ab 1d a2 47 c0 27 1c f3 8a 9b 3d 56 2e 4f d4 3b 48 18 92 d6 2d 75 a6 92 c7 24 fd 4e bb 9e c9 49 3e b6 48 15 be 5a c2 bd 7e ba 8b 5c 71 8b e9 92 5b df c3 66 d6 0b 74 8c 26 85 e4 59 16 e0 c2 d9 05 18 15 2a 61 c6 08 20 86 ef 18 af 98 4e 3b 32 6b bc fa 74 5e 52 66 a9 b8 Data Ascii: )K$LP@ `\KND/ch#~.lD>Zc;O4?:G&:,wlh6AIEvtK~~DskDRxb39Ica(u?ZtiRQiOY#DfG'=V.O;H-u$NI>HZ~\q[ft&Ya N;2kt^Rf
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 9a 57 68 6d a0 ed 50 38 89 95 41 92 49 90 1c 48 80 c6 11 81 5d c4 83 80 36 21 4a d3 7f 06 f9 6b 75 c4 9c 1b fd 2f 4b 9e db 23 72 5a 8b ab 69 82 e7 9e d9 25 b8 ba 42 40 f0 31 8c fa c5 6d 3f a0 9e 9b ec 78 87 4d b7 d5 34 f7 26 09 c1 05 1f 02 58 65 43 89 21 95 41 21 5d 1b 97 22 41 18 20 90 41 a0 32 0d 29 4a 02 0d f0 a3 7e 7d da 9f d7 1c 3d f3 94 48 4f f4 4d 5f 1d 4b 25 db 7d c4 b0 fa af 2d 26 fd f6 dc 8f e8 55 8f a5 ae cd 63 40 fb bd 3e f6 d8 fb e3 49 c6 3f dd d5 db d5 4a 5d 9c 43 c4 11 fd b2 db 4f 97 1e bd a6 64 27 e9 ab 5d cf a5 6d 3f e9 fb 15 bb 6d d5 a3 ed 25 b0 aa d5 2a b5 54 2c 82 94 a5 00 a5 29 40 29 4a 50 0a c6 3d 2c 70 15 e5 dc b6 d2 db c9 06 2d a4 b7 92 38 e5 8d d8 ac 8b 73 1c 92 4c 19 66 8d 73 d9 26 c0 a5 49 db bc 02 3b 4c 8c 9d 54 c5 01 89 f8 97 Data Ascii: WhmP8AIH]6!Jku/K#rZi%B@1m?xM4&XeC!A!]"A A2)J~}=HOM_K%}-&Uc@>I?J]COd']m?m%*T,)@)JP=,p-8sLfs&I;LT
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: 4b d2 f5 0d 45 c6 e5 b1 b3 b8 b9 db f1 cc 31 33 aa 7e ed 80 5f 96 be dd 16 fe 96 69 df b4 6d 3f 88 8e b1 7f 5e cb 07 93 84 38 81 13 e1 7d 4e 95 b9 7c 58 ca bb ff 00 01 4d 01 a2 3e 10 1f d9 17 10 c2 75 5b d5 b7 1a 9d fe fb eb d9 a4 54 58 a3 77 2f 33 ef 90 ec 52 b1 82 91 86 f4 41 d8 3b b9 56 da 6e fa be f4 56 d6 46 c8 4d a1 af d6 ca 0b a5 d4 a2 f3 b5 7d b8 12 f6 e6 7c 97 07 d2 c1 05 09 e5 b7 1c ab 4e 9d 10 f4 6f 26 b1 a9 d9 69 70 cb 14 32 df 4e b6 f1 c9 39 61 12 bb 83 b7 79 50 5b d2 20 28 c0 24 b1 03 c6 a6 d8 f2 2b 71 0f f9 4b 4a fc 2b 9f fa 14 04 3f e1 3e 26 6d 03 88 62 b9 b4 b8 0e 34 cd 4c f6 77 11 b0 65 9a 18 2e 0a 16 0c be 8b 47 3c 21 81 db c9 95 cf ae b7 39 e5 3d bc 12 70 35 f4 83 ba 46 b0 71 ee 69 e2 61 f8 ea 13 c1 e4 56 d7 f7 0d da 96 94 17 20 31 06 Data Ascii: KE13~_im?^8}N\|XM>u[TXw/3RA;VnVFM}\|No&ip2N9ayP[ ($+qKJ+?>&mb4Lwe.G<!9=p5FqiaV 1
2025-01-12 00:46:11 UTC	1369	IN	Data Raw: cd e4 7b 47 b7 86 ee 01 33 07 92 34 9b 78 31 33 85 5d dd 9b c6 e1 58 8d c5 36 e4 93 92 64 57 93 77 c9 fb a5 f1 1d 84 da be ae f3 c9 0a 5c bd b4 16 90 c9 d8 ab 18 d5 19 e4 9a 45 06 42 32 e1 51 11 93 b8 92 4e 40 16 af 96 43 fc 6d 8f fd 53 69 fc 75 d5 4d 5f 23 99 ff 00 b2 6f fe b4 bb fc 88 28 08 2f e5 31 ea 7b a7 70 b5 d6 9f 26 96 66 5b 4d 42 39 b3 04 d2 76 bd 94 b0 18 f3 d9 c8 46 f2 8e b2 03 87 2c 43 03 cf 04 01 25 fc 88 bc 47 23 5a 6b 96 85 89 8e 2b 8b 59 d1 49 e4 ad 2c 72 23 e3 d5 b8 44 99 f7 57 95 e5 c2 f8 1c 3d f7 d7 ff 00 8a da b8 f9 0f bb b8 87 df 61 f8 ae 68 0d a8 d2 94 a0 21 06 b6 bd 9e a9 c3 ed f1 35 1d 4e d8 fb 9a 5b 94 03 f8 62 bd ee 81 9f b3 e2 fb e4 ee ed b4 95 3f 2c 57 40 7f 4a bc 5e 95 c7 65 79 a7 b7 da 78 96 45 f9 26 9a 26 fa 44 95 ea 70 2b Data Ascii: {G34x13]X6dWw\EB2QN@CmSiuM_#o(/1{p&f[MB9vF,C%G#Zk+YI,r#DW=ah!5N[b?,W@J^eyxE&&Dp+

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.6	49803	104.21.57.146	443	3160	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:13 UTC	353	OUT	GET /icon-192x192.png HTTP/1.1 Host: www.grhga.icu Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-12 00:46:13 UTC	934	IN	HTTP/1.1 200 OK Date: Sun, 12 Jan 2025 00:46:13 GMT Content-Type: image/png Content-Length: 48658 Connection: close Last-Modified: Sat, 16 Nov 2024 15:47:33 GMT ETag: "6738be95-be12" Expires: Mon, 10 Feb 2025 11:30:53 GMT Cache-Control: max-age=2592000 CF-Cache-Status: HIT Age: 47720 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFZ1kA0V%2FmF7suNORkDhNCKO%2F%2F8fUY4EZOXVuPveiZ1UkKbPUXPmsmMllnVNeNIJFewGTPYN5Jk66iSzdM0QR4Y1E12Pw1tCkmNd%2FkOhQu0wOQ598Dhxml7Ra1nCuRM8"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 900920d41cd343ed-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1592&min_rtt=1590&rtt_var=602&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2817&recv_bytes=931&delivery_rate=1810291&cwnd=210&unsent_bytes=0&cid=ed14648dec66a8c4&ts=164&x=0"
2025-01-12 00:46:13 UTC	435	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 03 02 02 08 08 08 08 08 08 08 0a 0a 0a 0a 0a 0b 0b 0b 0b 0b 0b 0c 0c 0c 0c 0c 0c 0c 0d 0d 0d 0d 0d 0d 0d 0d 0e 0e 0e 0e 0e 0e 0e 10 10 14 10 10 10 11 13 13 13 11 12 19 1e 17 13 20 13 15 17 16 01 03 04 04 06 05 06 0a 06 06 0a 0d 0d 0a 0d 0d 0e 10 0f 0f 0d 10 0f 0d 0d 0e 0d 10 0d 0d 0d 0e 0d 0d 0d 0d 0f 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d ff c0 00 11 08 01 82 02 ae 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 01 00 01 04 03 01 01 00 00 00 00 00 00 00 00 00 00 08 01 06 07 09 02 04 05 03 0a ff c4 00 65 10 00 02 01 03 02 02 05 06 05 09 10 0f 07 04 02 03 01 02 03 00 04 11 05 12 06 21 07 08 13 31 41 09 14 22 51 61 71 32 52 81 91 a1 15 23 42 Data Ascii: JFIF "e!1A"Qaq2R#B
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 0e 74 ae 85 ee b9 0c 7f a2 4b 1a 7d fb aa fe 33 5e 4c dd 24 e9 eb df 79 6f f2 4a 87 f1 13 5e b6 5f 43 ce d2 ea 5c b4 ab 49 ba 53 b1 f0 9f 7f ec 71 ca ff 00 90 86 be 12 74 af 6a 3b 96 e9 bd d6 97 18 f9 cc 60 7d 35 e9 53 9b e0 99 e5 d4 8a e6 8b d2 95 8f ae 7a 64 80 7e a3 3f ee 84 51 ff 00 1b 22 57 91 79 d6 06 04 ef 8d 57 f6 4b cb 35 fa 04 ec 7e 8a d8 ad ea 3e 11 67 87 5e 9a e6 8c b1 4a c1 17 dd 6a ad 13 be 5b 05 fb fb e5 3f c5 c6 ff 00 8e ad fb de b9 b6 4b ff 00 7b d3 c7 de bd c4 a7 f8 30 ad 6c 56 75 9f f0 b3 c7 9d 52 ea 49 7a a5 44 fb 9e ba f6 c7 e0 5d 23 7e c5 61 73 27 cd 97 5c fc d5 e6 5c 75 c8 27 e0 1b f7 fd 8f 4c db f4 c8 cd f8 ab 6a b0 ac ff 00 84 d6 ef 69 2e 64 c3 cd 33 50 9e eb ad b5 c1 f8 30 ea a7 de 2d 20 1f c2 8f 22 bc 4b be b5 17 67 fe ed 73 ff Data Ascii: tK}3^L$yoJ^_C\ISqtj;`}5Szd~?Q"WyWK5~>g^Jj[?K{0lVuRIzD]#~as'\\u'Lji.d3P0- "Kgs
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 98 1c 9b db 54 3e b8 ed 8c cd f8 72 ed 3f 2d 71 7e 9e 6e 47 2f aa f7 40 7a a2 b7 86 3f 9b 99 c5 60 5c d2 bb 7b 28 f4 39 76 e5 d4 cc d7 7d 36 48 df 0b 51 d5 1f ff 00 5d 50 7f 05 0f e3 af 12 eb a4 f8 db e1 3d f4 9f 7f 79 27 f4 76 d6 33 cd 50 d6 7b 38 ae 43 6e 5d 4b e6 6e 3c b7 3f f7 62 df 7f 71 3b ff 00 c4 ae a3 f1 e4 43 ba ce df e5 52 ff 00 96 4d 58 5a de a8 20 89 e5 6c 90 83 38 1d e7 d4 07 bc e0 56 28 9f 8e ef 72 b2 92 c9 1c 8e 51 08 8c 18 b7 0e f4 dc 46 58 8c f3 20 8a e2 b8 ba a7 41 a5 24 f3 dd bc e9 a3 42 75 b2 d3 f7 92 47 fb 64 38 f8 10 5b 27 ba 08 ff 00 e5 af 99 e9 46 eb c1 95 7e f5 15 7f 10 15 8f 78 6f 5a ed e3 0e 46 d6 07 6b 01 dd 91 e2 3d 87 be bd 5a ec a7 38 ce 2a 51 e0 ce 69 c5 c1 b8 be 25 cb 37 48 f7 a7 f5 77 f9 09 15 d0 9f 8b ee 4f 7c d2 1f dd Data Ascii: T>r?-q~nG/@z?`\{(9v}6HQ]P=y'v3P{8Cn]Kn<?bq;CRMXZ l8V(rQFX A$BuGd8['F~xoZFk=Z8*Qi%7HwO\|
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 0c 8a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 0a 52 94 02 94 a5 00 a5 29 40 29 4a 50 11 4b ad df 4d e6 d7 36 d0 65 a6 88 26 c4 1c f7 dd cf ca 01 8f 1e c8 1e d0 0f 8e 53 d5 50 db a6 ab 41 60 b0 69 aa 77 4c ab e7 17 d2 fd 94 d7 72 f3 7c b7 79 11 8f 41 41 f0 f7 d6 42 e1 4d 69 b5 9e 27 13 4b e9 43 15 cd d5 f1 07 98 2b 6c 0f 63 cb d4 18 44 07 ba b0 b7 4b fa a9 9f 53 bc 91 8e 7e bc c3 e4 5f 44 7e 2a fa 0d 9d ba a3 15 05 c5 25 9f 16 52 ee 6a ba 92 72 ea f7 78 22 cd 2d 54 aa 9a a5 4a e0 e3 15 43 4c d5 45 64 1c 6a 86 aa d5 4c d0 c3 3c ce 24 d2 fb 68 5e 31 c8 b0 e4 7d a0 e4 7d 22 ac ad 36 19 13 b2 86 64 95 e0 86 47 93 cd b6 b1 8d a4 70 01 60 c1 80 52 76 81 9c 77 0f 6d 64 29 27 03 c4 7c e2 ba Data Ascii: R)@)JPR)@)JPR)@)JPR)@)JPKM6e&SPA`iwLr\|yAABMi'KC+lcDKS~_D~*%Rjrx"-TJCLEdjL<$h^1}}"6dGp`Rvwmd)'\|
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 60 0e 40 96 23 14 6a fa c4 93 c8 d2 ca e5 dd f9 92 7f 10 f5 01 e0 07 21 5d ae 2b e2 59 2e e7 79 e4 3c d8 fa 2b e0 8b f6 28 3d 80 72 f6 9c 9f 1a f2 2b ea fa 66 9c ad 61 b5 2d f5 1f 17 d3 b9 77 23 e5 1a 9e a3 2b a9 ec c7 f7 6b 82 eb de fa b6 29 4a 54 e1 08 29 4a 50 c0 a5 54 0a bc 38 67 a2 6b eb ac 14 84 c6 87 f5 49 7d 05 c7 ac 02 37 1f 91 4d 73 d6 b8 a5 45 6d 54 92 4b bc e8 a5 42 a5 67 b3 4e 2d be e2 ce ab 9f 81 38 fa 6b 09 43 a1 dd 19 3f 5c 88 9f 45 c7 ac 7a 98 78 37 f3 55 ed c5 1d 03 79 ad 9c d7 06 e3 73 c3 19 91 94 26 10 aa 8c b0 07 39 ce 33 83 e3 ea 15 88 21 94 30 04 10 41 e6 08 ae 2a 75 ed b5 0a 72 8c 7d 28 f0 7b b1 fe 77 1d b5 28 5c d8 54 8c a5 e8 cb 8a fe ff 00 53 2e f1 be 9c f6 92 8e 29 d1 14 c9 95 5f ab 3a 7c 7f f7 fb 64 e4 d2 aa 0e 43 50 b3 5c 95 Data Ascii: `@#j!]+Y.y<+(=r+fa-w#+k)JT)JPT8gkI}7MsEmTKBgN-8kC?\Ezx7Uys&93!0A*ur}({w(\TS.)_:\|dCP\
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: af 50 32 a8 8e 48 a5 ed 4c 67 31 7a 3b 42 02 76 21 2e 0e d2 86 40 64 f4 ae 06 4a 2c 61 40 c9 53 71 9d b2 c7 34 bd b2 94 80 91 31 5c bf 66 41 20 e4 28 27 00 83 cc 02 39 1e 7c 8e 39 e9 7c 57 04 ce f1 c6 fb 9d 06 58 6d 61 cb 38 3b 4b 00 1b 6b 7a 2d b7 3b 5b 91 c1 e5 58 b7 5d d2 de 06 ba 8a 38 2e a5 46 78 d3 38 8d d5 e1 22 4b 8d 91 83 6e eb b6 29 66 64 fa e6 e6 25 c6 4b 04 c0 b8 fa 2d d0 0c 4c ec d0 b4 78 8a 21 1e 4c 85 42 3a 86 75 1d a1 cf 68 5d 43 49 81 8d df 64 4e e0 00 e8 eb 5d 60 e0 8b 7e db 2d 42 75 8e 49 22 32 43 14 45 0b 44 ef 1b 90 5a 75 3b 55 a3 60 49 51 8c 73 c5 5d 9c 37 d2 25 bd c5 ac 57 64 f9 ba 4a e6 20 b3 b2 29 12 89 5a 1e cc 90 ec 85 8c 8a 42 ed 66 dd cb 19 cd 60 3d 5b a3 6b c5 ba b9 51 69 77 71 6b 35 c5 cb 3c 22 42 91 ed b8 d4 4c b3 3c 67 ce Data Ascii: P2HLg1z;Bv!.@dJ,a@Sq41\fA ('9\|9\|WXma8;Kkz-;[X]8.Fx8"Kn)fd%K-Lx!LB:uh]CIdN]`~-BuI"2CEDZu;U`IQs]7%WdJ )ZBf`=[kQiwqk5<"BL<g
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 9a e4 d5 4b 8d 87 c1 24 be a6 4c 8a 50 40 20 e4 1e 60 d6 5c e9 06 f6 4b bd 02 1d 4e 11 ba fb 44 99 2f a3 c7 c2 63 68 7f be 23 cf 7e 2e 6c da 44 3e d7 1e aa 8e 5a 0e b4 63 3b 4f 34 3f 3a fb 47 fe d5 26 3a b9 df 2c ab 77 6c d8 68 e5 8c 36 d3 cc 10 41 49 07 ca a5 45 76 eb 74 d5 4b 7e d7 9c 1a 7e c7 b9 a3 8f 44 9b a5 73 d9 f2 9a 6b db c5 12 0b 44 d5 52 78 62 9e 33 ba 39 a3 49 63 61 e2 92 28 75 3f 2a 91 5a d9 f2 c4 74 cf ab 69 52 e8 51 69 ba 85 dd 8a 4f 1d fc 93 0b 59 9e 13 23 44 d6 ab 19 66 8c ab 1d a2 47 c0 27 1c f3 8a 9b 3d 56 2e 4f d4 3b 48 18 92 d6 2d 75 a6 92 c7 24 fd 4e bb 9e c9 49 3e b6 48 15 be 5a c2 bd 7e ba 8b 5c 71 8b e9 92 5b df c3 66 d6 0b 74 8c 26 85 e4 59 16 e0 c2 d9 05 18 15 2a 61 c6 08 20 86 ef 18 af 98 4e 3b 32 6b bc fa 74 5e 52 66 a9 b8 6f Data Ascii: K$LP@ `\KND/ch#~.lD>Zc;O4?:G&:,wlh6AIEvtK~~DskDRxb39Ica(u?ZtiRQiOY#DfG'=V.O;H-u$NI>HZ~\q[ft&Ya N;2kt^Rfo
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: 57 68 6d a0 ed 50 38 89 95 41 92 49 90 1c 48 80 c6 11 81 5d c4 83 80 36 21 4a d3 7f 06 f9 6b 75 c4 9c 1b fd 2f 4b 9e db 23 72 5a 8b ab 69 82 e7 9e d9 25 b8 ba 42 40 f0 31 8c fa c5 6d 3f a0 9e 9b ec 78 87 4d b7 d5 34 f7 26 09 c1 05 1f 02 58 65 43 89 21 95 41 21 5d 1b 97 22 41 18 20 90 41 a0 32 0d 29 4a 02 0d f0 a3 7e 7d da 9f d7 1c 3d f3 94 48 4f f4 4d 5f 1d 4b 25 db 7d c4 b0 fa af 2d 26 fd f6 dc 8f e8 55 8f a5 ae cd 63 40 fb bd 3e f6 d8 fb e3 49 c6 3f dd d5 db d5 4a 5d 9c 43 c4 11 fd b2 db 4f 97 1e bd a6 64 27 e9 ab 5d cf a5 6d 3f e9 fb 15 bb 6d d5 a3 ed 25 b0 aa d5 2a b5 54 2c 82 94 a5 00 a5 29 40 29 4a 50 0a c6 3d 2c 70 15 e5 dc b6 d2 db c9 06 2d a4 b7 92 38 e5 8d d8 ac 8b 73 1c 92 4c 19 66 8d 73 d9 26 c0 a5 49 db bc 02 3b 4c 8c 9d 54 c5 01 89 f8 97 a3 Data Ascii: WhmP8AIH]6!Jku/K#rZi%B@1m?xM4&XeC!A!]"A A2)J~}=HOM_K%}-&Uc@>I?J]COd']m?m%*T,)@)JP=,p-8sLfs&I;LT
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: d2 f5 0d 45 c6 e5 b1 b3 b8 b9 db f1 cc 31 33 aa 7e ed 80 5f 96 be dd 16 fe 96 69 df b4 6d 3f 88 8e b1 7f 5e cb 07 93 84 38 81 13 e1 7d 4e 95 b9 7c 58 ca bb ff 00 01 4d 01 a2 3e 10 1f d9 17 10 c2 75 5b d5 b7 1a 9d fe fb eb d9 a4 54 58 a3 77 2f 33 ef 90 ec 52 b1 82 91 86 f4 41 d8 3b b9 56 da 6e fa be f4 56 d6 46 c8 4d a1 af d6 ca 0b a5 d4 a2 f3 b5 7d b8 12 f6 e6 7c 97 07 d2 c1 05 09 e5 b7 1c ab 4e 9d 10 f4 6f 26 b1 a9 d9 69 70 cb 14 32 df 4e b6 f1 c9 39 61 12 bb 83 b7 79 50 5b d2 20 28 c0 24 b1 03 c6 a6 d8 f2 2b 71 0f f9 4b 4a fc 2b 9f fa 14 04 3f e1 3e 26 6d 03 88 62 b9 b4 b8 0e 34 cd 4c f6 77 11 b0 65 9a 18 2e 0a 16 0c be 8b 47 3c 21 81 db c9 95 cf ae b7 39 e5 3d bc 12 70 35 f4 83 ba 46 b0 71 ee 69 e2 61 f8 ea 13 c1 e4 56 d7 f7 0d da 96 94 17 20 31 06 e4 Data Ascii: E13~_im?^8}N\|XM>u[TXw/3RA;VnVFM}\|No&ip2N9ayP[ ($+qKJ+?>&mb4Lwe.G<!9=p5FqiaV 1
2025-01-12 00:46:13 UTC	1369	IN	Data Raw: e4 7b 47 b7 86 ee 01 33 07 92 34 9b 78 31 33 85 5d dd 9b c6 e1 58 8d c5 36 e4 93 92 64 57 93 77 c9 fb a5 f1 1d 84 da be ae f3 c9 0a 5c bd b4 16 90 c9 d8 ab 18 d5 19 e4 9a 45 06 42 32 e1 51 11 93 b8 92 4e 40 16 af 96 43 fc 6d 8f fd 53 69 fc 75 d5 4d 5f 23 99 ff 00 b2 6f fe b4 bb fc 88 28 08 2f e5 31 ea 7b a7 70 b5 d6 9f 26 96 66 5b 4d 42 39 b3 04 d2 76 bd 94 b0 18 f3 d9 c8 46 f2 8e b2 03 87 2c 43 03 cf 04 01 25 fc 88 bc 47 23 5a 6b 96 85 89 8e 2b 8b 59 d1 49 e4 ad 2c 72 23 e3 d5 b8 44 99 f7 57 95 e5 c2 f8 1c 3d f7 d7 ff 00 8a da b8 f9 0f bb b8 87 df 61 f8 ae 68 0d a8 d2 94 a0 21 06 b6 bd 9e a9 c3 ed f1 35 1d 4e d8 fb 9a 5b 94 03 f8 62 bd ee 81 9f b3 e2 fb e4 ee ed b4 95 3f 2c 57 40 7f 4a bc 5e 95 c7 65 79 a7 b7 da 78 96 45 f9 26 9a 26 fa 44 95 ea 70 2b f6 Data Ascii: {G34x13]X6dWw\EB2QN@CmSiuM_#o(/1{p&f[MB9vF,C%G#Zk+YI,r#DW=ah!5N[b?,W@J^eyxE&&Dp+

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.6	49864	40.115.3.253	443

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:22 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 73 65 4c 75 36 7a 42 62 43 45 2b 30 6b 4e 4a 77 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 32 63 62 63 39 32 64 63 66 38 65 66 33 63 61 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: seLu6zBbCE+0kNJw.1Context: d2cbc92dcf8ef3ca
2025-01-12 00:46:22 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-12 00:46:22 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 73 65 4c 75 36 7a 42 62 43 45 2b 30 6b 4e 4a 77 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 32 63 62 63 39 32 64 63 66 38 65 66 33 63 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 51 32 6b 46 39 4c 73 64 6b 61 51 55 71 51 78 41 43 4a 6c 67 68 53 71 53 54 51 52 2b 4e 73 47 65 51 4f 4e 59 53 57 53 43 38 2b 61 65 6b 47 46 6d 35 47 39 45 42 78 32 72 6e 37 74 6f 53 58 4c 58 4d 31 33 35 57 38 6e 69 50 6d 44 68 2f 79 6d 49 62 74 62 74 67 7a 2b 47 48 66 62 4e 62 41 4b 7a 65 75 2f 39 41 68 54 4b 2f 38 4a 63 59 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: seLu6zBbCE+0kNJw.2Context: d2cbc92dcf8ef3ca<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAQ2kF9LsdkaQUqQxACJlghSqSTQR+NsGeQONYSWSC8+aekGFm5G9EBx2rn7toSXLXM135W8niPmDh/ymIbtbtgz+GHfbNbAKzeu/9AhTK/8JcY
2025-01-12 00:46:22 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 73 65 4c 75 36 7a 42 62 43 45 2b 30 6b 4e 4a 77 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 32 63 62 63 39 32 64 63 66 38 65 66 33 63 61 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: seLu6zBbCE+0kNJw.3Context: d2cbc92dcf8ef3ca<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-12 00:46:22 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-12 00:46:22 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 52 79 4e 57 69 73 37 4d 4a 45 53 53 45 6b 6c 30 2f 43 35 58 73 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: RyNWis7MJESSEkl0/C5XsA.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.6	50009	40.115.3.253	443

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:46:44 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4d 4b 2f 68 68 51 46 72 64 30 47 61 36 30 30 48 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 36 64 37 37 34 66 62 66 34 63 65 38 37 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: MK/hhQFrd0Ga600H.1Context: c46d774fbf4ce876
2025-01-12 00:46:44 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-12 00:46:44 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4d 4b 2f 68 68 51 46 72 64 30 47 61 36 30 30 48 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 36 64 37 37 34 66 62 66 34 63 65 38 37 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 51 32 6b 46 39 4c 73 64 6b 61 51 55 71 51 78 41 43 4a 6c 67 68 53 71 53 54 51 52 2b 4e 73 47 65 51 4f 4e 59 53 57 53 43 38 2b 61 65 6b 47 46 6d 35 47 39 45 42 78 32 72 6e 37 74 6f 53 58 4c 58 4d 31 33 35 57 38 6e 69 50 6d 44 68 2f 79 6d 49 62 74 62 74 67 7a 2b 47 48 66 62 4e 62 41 4b 7a 65 75 2f 39 41 68 54 4b 2f 38 4a 63 59 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: MK/hhQFrd0Ga600H.2Context: c46d774fbf4ce876<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAQ2kF9LsdkaQUqQxACJlghSqSTQR+NsGeQONYSWSC8+aekGFm5G9EBx2rn7toSXLXM135W8niPmDh/ymIbtbtgz+GHfbNbAKzeu/9AhTK/8JcY
2025-01-12 00:46:44 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4d 4b 2f 68 68 51 46 72 64 30 47 61 36 30 30 48 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 34 36 64 37 37 34 66 62 66 34 63 65 38 37 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: MK/hhQFrd0Ga600H.3Context: c46d774fbf4ce876<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-12 00:46:44 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-12 00:46:44 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 74 68 72 36 6b 42 54 49 36 6b 71 61 57 53 6a 52 56 49 39 47 67 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: thr6kBTI6kqaWSjRVI9Ggw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.6	50019	40.115.3.253	443

Timestamp	Bytes transferred	Direction	Data
2025-01-12 00:47:07 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4c 45 4b 35 55 71 46 79 49 45 43 58 71 43 4b 31 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 39 33 33 36 38 35 35 37 36 61 35 62 62 66 62 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: LEK5UqFyIECXqCK1.1Context: 9933685576a5bbfb
2025-01-12 00:47:07 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2025-01-12 00:47:07 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 4c 45 4b 35 55 71 46 79 49 45 43 58 71 43 4b 31 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 39 33 33 36 38 35 35 37 36 61 35 62 62 66 62 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 51 32 6b 46 39 4c 73 64 6b 61 51 55 71 51 78 41 43 4a 6c 67 68 53 71 53 54 51 52 2b 4e 73 47 65 51 4f 4e 59 53 57 53 43 38 2b 61 65 6b 47 46 6d 35 47 39 45 42 78 32 72 6e 37 74 6f 53 58 4c 58 4d 31 33 35 57 38 6e 69 50 6d 44 68 2f 79 6d 49 62 74 62 74 67 7a 2b 47 48 66 62 4e 62 41 4b 7a 65 75 2f 39 41 68 54 4b 2f 38 4a 63 59 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: LEK5UqFyIECXqCK1.2Context: 9933685576a5bbfb<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAQ2kF9LsdkaQUqQxACJlghSqSTQR+NsGeQONYSWSC8+aekGFm5G9EBx2rn7toSXLXM135W8niPmDh/ymIbtbtgz+GHfbNbAKzeu/9AhTK/8JcY
2025-01-12 00:47:07 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 4c 45 4b 35 55 71 46 79 49 45 43 58 71 43 4b 31 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 39 33 33 36 38 35 35 37 36 61 35 62 62 66 62 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: LEK5UqFyIECXqCK1.3Context: 9933685576a5bbfb<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2025-01-12 00:47:07 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2025-01-12 00:47:07 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 63 63 4d 69 4f 4b 45 76 58 45 4f 44 65 52 4e 76 64 71 6a 4a 7a 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: ccMiOKEvXEODeRNvdqjJzQ.0Payload parsing failed.

Target ID:	1
Start time:	19:45:52
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	3
Start time:	19:45:57
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2176,i,1418175317753013884,4419938951954758614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	4
Start time:	19:46:04
Start date:	11/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.grhga.icu/"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Source: https://www.grhga.icu/main.9a912c00d881695d0ddb.js	Avira URL Cloud: Label: phishing
Source: https://www.grhga.icu/site.webmanifest	Avira URL Cloud: Label: phishing
Source: https://www.grhga.icu/main.b563a1b1790456b66383.css	Avira URL Cloud: Label: phishing
Source: https://www.grhga.icu/compatTest.js	Avira URL Cloud: Label: phishing
Source: https://www.grhga.icu/icon-192x192.png	Avira URL Cloud: Label: phishing
Source: https://www.grhga.icu/favicon-32x32.png	Avira URL Cloud: Label: phishing

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.grhga.icuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.b563a1b1790456b66383.css HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.9a912c00d881695d0ddb.js HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compatTest.js HTTP/1.1Host: www.grhga.icuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site.webmanifest HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.grhga.icuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.grhga.icuConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.grhga.icu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icon-192x192.png HTTP/1.1Host: www.grhga.icuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.grhga.icu
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.grhga.icu/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Chrome Cache Entry: 54

Chrome Cache Entry: 55

Chrome Cache Entry: 56

Chrome Cache Entry: 57

Chrome Cache Entry: 58

Chrome Cache Entry: 59

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5052, Parent PID: 5928

General

Chronological Activities

Analysis Process: chrome.exePID: 3160, Parent PID: 5052

Windows Analysis Report
http://www.grhga.icu/