Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://informed.deliveryekg.top/us/

Overview

General Information

Sample URL:https://informed.deliveryekg.top/us/
Analysis ID:1589681
Infos:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected BlockedWebSite
AI detected suspicious URL
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

  • System is w10x64
  • chrome.exe (PID: 3668 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2176,i,3058531963423764916,11242451892783558647,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3496 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://informed.deliveryekg.top/us/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
SourceRuleDescriptionAuthorStrings
dropped/chromecache_61JoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security
    SourceRuleDescriptionAuthorStrings
    1.0.pages.csvJoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security
      1.1.pages.csvJoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security
        No Sigma rule has matched
        No Suricata rule has matched

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Source: https://informed.deliveryekg.top/us/Avira URL Cloud: detection malicious, Label: phishing
        Source: https://informed.deliveryekg.top/favicon.icoAvira URL Cloud: Label: phishing
        Source: https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.cssAvira URL Cloud: Label: phishing
        Source: https://informed.deliveryekg.top/cdn-cgi/images/icon-exclamation.png?1376755637Avira URL Cloud: Label: phishing

        Phishing

        barindex
        Source: Yara matchFile source: 1.0.pages.csv, type: HTML
        Source: Yara matchFile source: 1.1.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_61, type: DROPPED
        Source: URLJoe Sandbox AI: AI detected Brand spoofing attempt in URL: https://informed.deliveryekg.top
        Source: URLJoe Sandbox AI: AI detected Typosquatting in URL: https://informed.deliveryekg.top
        Source: https://informed.deliveryekg.top/us/HTTP Parser: No favicon
        Source: https://informed.deliveryekg.top/us/HTTP Parser: No favicon
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /us/ HTTP/1.1Host: informed.deliveryekg.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/styles/cf.errors.css HTTP/1.1Host: informed.deliveryekg.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://informed.deliveryekg.top/us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: informed.deliveryekg.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: informed.deliveryekg.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://informed.deliveryekg.top/us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: informed.deliveryekg.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: informed.deliveryekg.topConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficDNS traffic detected: DNS query: www.google.com
        Source: global trafficDNS traffic detected: DNS query: informed.deliveryekg.top
        Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
        Source: unknownHTTP traffic detected: POST /report/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 399Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 13 Jan 2025 00:06:45 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 901124681e5942b5-EWR
        Source: chromecache_61.2.drString found in binary or memory: https://www.cloudflare.com/5xx-error-landing
        Source: chromecache_61.2.drString found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/
        Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
        Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
        Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
        Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
        Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
        Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
        Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
        Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
        Source: classification engineClassification label: mal68.phis.win@16/16@9/7
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2176,i,3058531963423764916,11242451892783558647,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://informed.deliveryekg.top/us/"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2176,i,3058531963423764916,11242451892783558647,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Window RecorderWindow detected: More than 3 window changes detected
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
        Browser Extensions
        1
        Process Injection
        1
        Masquerading
        OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
        Encrypted Channel
        Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/Job1
        Registry Run Keys / Startup Folder
        1
        Registry Run Keys / Startup Folder
        1
        Process Injection
        LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
        Non-Application Layer Protocol
        Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
        Application Layer Protocol
        Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
        Ingress Tool Transfer
        Traffic DuplicationData Destruction
        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand
        SourceDetectionScannerLabelLink
        https://informed.deliveryekg.top/us/100%Avira URL Cloudphishing
        No Antivirus matches
        No Antivirus matches
        No Antivirus matches
        SourceDetectionScannerLabelLink
        https://informed.deliveryekg.top/favicon.ico100%Avira URL Cloudphishing
        https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.css100%Avira URL Cloudphishing
        https://informed.deliveryekg.top/cdn-cgi/images/icon-exclamation.png?1376755637100%Avira URL Cloudphishing
        NameIPActiveMaliciousAntivirus DetectionReputation
        bg.microsoft.map.fastly.net
        199.232.210.172
        truefalse
          high
          a.nel.cloudflare.com
          35.190.80.1
          truefalse
            high
            informed.deliveryekg.top
            172.67.193.147
            truetrue
              unknown
              edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
              217.20.57.34
              truefalse
                high
                s-part-0017.t-0009.t-msedge.net
                13.107.246.45
                truefalse
                  high
                  www.google.com
                  142.250.185.132
                  truefalse
                    high
                    fp2e7a.wpc.phicdn.net
                    192.229.221.95
                    truefalse
                      high
                      NameMaliciousAntivirus DetectionReputation
                      https://informed.deliveryekg.top/us/true
                        unknown
                        https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.cssfalse
                        • Avira URL Cloud: phishing
                        unknown
                        https://a.nel.cloudflare.com/report/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3Dfalse
                          high
                          https://informed.deliveryekg.top/cdn-cgi/images/icon-exclamation.png?1376755637false
                          • Avira URL Cloud: phishing
                          unknown
                          https://informed.deliveryekg.top/favicon.icofalse
                          • Avira URL Cloud: phishing
                          unknown
                          NameSourceMaliciousAntivirus DetectionReputation
                          https://www.cloudflare.com/learning/access-management/phishing-attack/chromecache_61.2.drfalse
                            high
                            https://www.cloudflare.com/5xx-error-landingchromecache_61.2.drfalse
                              high
                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs
                              IPDomainCountryFlagASNASN NameMalicious
                              172.67.193.147
                              informed.deliveryekg.topUnited States
                              13335CLOUDFLARENETUStrue
                              239.255.255.250
                              unknownReserved
                              unknownunknownfalse
                              142.250.185.132
                              www.google.comUnited States
                              15169GOOGLEUSfalse
                              35.190.80.1
                              a.nel.cloudflare.comUnited States
                              15169GOOGLEUSfalse
                              104.21.41.205
                              unknownUnited States
                              13335CLOUDFLARENETUSfalse
                              IP
                              192.168.2.4
                              192.168.2.5
                              Joe Sandbox version:42.0.0 Malachite
                              Analysis ID:1589681
                              Start date and time:2025-01-13 01:05:43 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 16s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:https://informed.deliveryekg.top/us/
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:7
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal68.phis.win@16/16@9/7
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0
                              • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.186.131, 216.58.206.78, 142.251.5.84, 142.250.184.238, 142.250.185.238, 172.217.18.14, 20.12.23.50, 199.232.210.172, 192.229.221.95, 20.242.39.171, 142.250.186.78, 142.250.186.46, 142.250.184.206, 142.250.186.174, 142.250.185.206, 142.250.184.227, 172.217.16.206, 34.104.35.123, 216.58.212.174, 217.20.57.34, 184.28.90.27, 13.107.246.45
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, ocsp.digicert.com, edgedl.me.gvt1.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtSetInformationFile calls found.
                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • VT rate limit hit for: https://informed.deliveryekg.top/us/
                              No simulations
                              No context
                              No context
                              No context
                              No context
                              No context
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Jan 12 23:06:39 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.965909372811486
                              Encrypted:false
                              SSDEEP:48:8+dRTZdoHXYUidAKZdA19ehwiZUklqehay+3:88Tu9y
                              MD5:BD3D2946A7A6CC952C4FBCAC67559316
                              SHA1:917CF35240592F68093E064CBCEB04B1B214FAC8
                              SHA-256:8F2640C54B7D9894906B10D351CD73275485AEB8DC8172FC7248BD939A4060AE
                              SHA-512:B6D36DE62C7395BB7933C716ABD50D521297D734CAA675CF32DCFD94403F107784285314E204F9E2019356B6AE055DAB30DBF5BC8A712A27D4D4D9F629D94A44
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.....B..Oe..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V-Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Jan 12 23:06:38 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2679
                              Entropy (8bit):3.978659182942722
                              Encrypted:false
                              SSDEEP:48:8+dRTZdoHXYUidAKZdA1weh/iZUkAQkqehty+2:88Ts9Qgy
                              MD5:5BDECA69C7705D3467C9F1EE5CAE73B8
                              SHA1:5C0D90F129489EC851670ACB230D3F12DF85B515
                              SHA-256:5EFFD4F708B615571E1766BDEC82A948EC0F0603EF559F95DB173B2F5155731B
                              SHA-512:D56E56B81ED10FAD1609A15A4C07B5E7BA15BFC79266353C83DDAC01A390B53B80B6A5B66B33C1F60539F311A74769A74DF2EF7F6F8B023941536F9008C9F51D
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....CV|.Oe..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V-Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2693
                              Entropy (8bit):3.997883702431887
                              Encrypted:false
                              SSDEEP:48:8xedRTZdsHXYUidAKZdA14tseh7sFiZUkmgqeh7sDy+BX:8xcTAnxy
                              MD5:FF71D1482B885B727B55B79B194FBA01
                              SHA1:D4B2AAB7FD72573EAF5AE64AC113D21959FF4B8C
                              SHA-256:93D7D3F2734282FC66C78A3CD257DB9C23B083EDC58EC84221DA68C10B6B8795
                              SHA-512:E740D23211F0A9830BCA4CD40EE35EDFCED6ECB4B969B74716C76FD0C188FF3B4B377245AE14867B222E4EEF58B906594EACEE8F7EE34CD762D47A1BA7DC545D
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Jan 12 23:06:38 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2681
                              Entropy (8bit):3.979206772092949
                              Encrypted:false
                              SSDEEP:48:8edRTZdoHXYUidAKZdA1vehDiZUkwqehpy+R:8cTX7y
                              MD5:9F46AED9A2B19E5D21223005B4C3B966
                              SHA1:A061A3D31657DA0A538EE6BCF30BEF62076B496F
                              SHA-256:96E7D4DB28AB745B46FF5CD7997342FB18C9741E2B140063B8106991B49B0AAB
                              SHA-512:4BBCCC0814A150AA2FE791B4087E5A22C68DADB69912E7A639B931FC0E814758D62B89B5E04DF544BA3146A45530DEDDA5BFF324887482AB92FEA5FCAD1E8421
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....!/u.Oe..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V-Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Jan 12 23:06:38 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2681
                              Entropy (8bit):3.9693763072442243
                              Encrypted:false
                              SSDEEP:48:8fdRTZdoHXYUidAKZdA1hehBiZUk1W1qehHy+C:8HTn9ny
                              MD5:4232469051CACDB7938D26C8B2B78055
                              SHA1:569CAD2FE256B4559A48A995C78B5112FDB7ECE0
                              SHA-256:41525B6CB8AFDA8B9F96A2BDF1284E026383C6C735D97FF719551A85FD525BB1
                              SHA-512:8302CA48B0B9879B3CDED42EE7B04F774EAD3FECB571A44EB1A29F32ED9F3200738004902F63E8AC60557767F81B6FF61294B179B0B3AEABB5DBE0273E40CDE5
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,........Oe..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V-Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Jan 12 23:06:38 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2683
                              Entropy (8bit):3.977886480722495
                              Encrypted:false
                              SSDEEP:48:8CdRTZdoHXYUidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbxy+yT+:8YTvT/TbxWOvTbxy7T
                              MD5:825F2B6AA6E1AF8A9E6E1EA6DC4A2C5C
                              SHA1:F11A78B81F75F259434CE55D06CE7BAA7D4D03B8
                              SHA-256:534FD78331D7FD4FB992165E0B586ED07CB1AAA91A6A8AE3C91CEB39B8796747
                              SHA-512:11A20DB6305EAB815B8C00F8FF600A0549F707B51CFFD4631CC06C75BB78D7C4300AD22852D4CD4F090EB2E642DCFCDE6EF1F9B3728D6ABC6121C320E810A9EE
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,......k.Oe..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I-Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V-Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V-Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V-Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V-Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                              Category:downloaded
                              Size (bytes):32038
                              Entropy (8bit):3.7586031096610943
                              Encrypted:false
                              SSDEEP:192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn
                              MD5:3F0F72ED57A54B97CDA500BCF0545EFB
                              SHA1:2F252619C18E729D98E16B96D37CD7CD567B38EB
                              SHA-256:67FBE8EF9020E5C776AADF6801A1FEF8DC563E2E4DC9DDC740AF8010C0C38943
                              SHA-512:EA68C54A3CA39A47555A41AE5FC3723F1E7C06B3AD1776EE7082FFBFF48277D2B4EE7CA1753165C2DCCDF7012EB0CBE29CDBDE21DC05373A07CF18E23DE37E54
                              Malicious:false
                              Reputation:low
                              URL:https://informed.deliveryekg.top/favicon.ico
                              Preview:............ .h...F... .... .........00.... ..%..V...@@.... .(B...:..(....... ..... .....@...................e21.f32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qe21.f32Qf32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Q...Q.....US.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Q.\[Q.............|z.m<;.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Qf32Qf32.uGG..................RP.f32.f32.f32.f32.f32.f32.f32.f32Qf32Qf32.f32.f32.xKJ..................vu.k98.f32.f32.f32.f32.f32Qf32Qf32.f32.f32.g43......^].....................{NL.f32.f32.f32Qf32Qf32.f32.f32..\[.............ts..ww...............k98.f32Qf32Qf32.f32.f32...........................................f32Qf32Qf32.f32.g43.....................................rq....f32Qh65Qh65.h65.j87..YY..[[..[[..[[..\[..]]..oo...........vu.f32Q...Q.........................................mk.g43.f32.f32.f32Q...Q........................`^.p?=.f32.f32.f32.f32.f32.f32.f32Q..Q.....ml.rB@.g43.f32.f32.f32.f32.f32.f32.f32.f32.f32.f3
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):452
                              Entropy (8bit):7.0936408308765495
                              Encrypted:false
                              SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
                              MD5:C33DE66281E933259772399D10A6AFE8
                              SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
                              SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
                              SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
                              Malicious:false
                              Reputation:low
                              URL:https://informed.deliveryekg.top/cdn-cgi/images/icon-exclamation.png?1376755637
                              Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (394)
                              Category:downloaded
                              Size (bytes):4548
                              Entropy (8bit):5.04358738660408
                              Encrypted:false
                              SSDEEP:96:1j9jwIjYjUDK/D5DMF+BOiUAts18ZLmmJrR89PaQxJbGD:1j9jhjYjIK/Vo+trhZ6mJre9ieJGD
                              MD5:86E20FECB432CECA60C88AA7DEC79341
                              SHA1:D3EE4EDD072916EAADC6EC55EF2B3602477775F5
                              SHA-256:068F8A74015FFB17154561A3F3F70994D486068D472F6943DF6C9B2DBFBB5172
                              SHA-512:F6F84EEFCE7C6D09B9E41668B72B196631D37562DF8A1C1E83C5DE2A03DFB8212F1F44CF2607FCEE14D4575C2382C04ACA5FAC23D1B377DBD37E7885D082325E
                              Malicious:false
                              Reputation:low
                              URL:https://informed.deliveryekg.top/us/
                              Preview:<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Suspected phishing site | Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                              Category:dropped
                              Size (bytes):32038
                              Entropy (8bit):3.7586031096610943
                              Encrypted:false
                              SSDEEP:192:cfRys3/ZtSs9axogZeLpoCaAVbZ5iDJ6j5+qDxZ7cnPgW5LnM:cr68dcgWJn
                              MD5:3F0F72ED57A54B97CDA500BCF0545EFB
                              SHA1:2F252619C18E729D98E16B96D37CD7CD567B38EB
                              SHA-256:67FBE8EF9020E5C776AADF6801A1FEF8DC563E2E4DC9DDC740AF8010C0C38943
                              SHA-512:EA68C54A3CA39A47555A41AE5FC3723F1E7C06B3AD1776EE7082FFBFF48277D2B4EE7CA1753165C2DCCDF7012EB0CBE29CDBDE21DC05373A07CF18E23DE37E54
                              Malicious:false
                              Reputation:low
                              Preview:............ .h...F... .... .........00.... ..%..V...@@.... .(B...:..(....... ..... .....@...................e21.f32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qe21.f32Qf32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Q...Q.....US.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Q.\[Q.............|z.m<;.f32.f32.f32.f32.f32.f32.f32.f32.f32.f32Qf32Qf32.uGG..................RP.f32.f32.f32.f32.f32.f32.f32.f32Qf32Qf32.f32.f32.xKJ..................vu.k98.f32.f32.f32.f32.f32Qf32Qf32.f32.f32.g43......^].....................{NL.f32.f32.f32Qf32Qf32.f32.f32..\[.............ts..ww...............k98.f32Qf32Qf32.f32.f32...........................................f32Qf32Qf32.f32.g43.....................................rq....f32Qh65Qh65.h65.j87..YY..[[..[[..[[..\[..]]..oo...........vu.f32Q...Q.........................................mk.g43.f32.f32.f32Q...Q........................`^.p?=.f32.f32.f32.f32.f32.f32.f32Q..Q.....ml.rB@.g43.f32.f32.f32.f32.f32.f32.f32.f32.f32.f3
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):452
                              Entropy (8bit):7.0936408308765495
                              Encrypted:false
                              SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
                              MD5:C33DE66281E933259772399D10A6AFE8
                              SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
                              SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
                              SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (24050)
                              Category:downloaded
                              Size (bytes):24051
                              Entropy (8bit):4.941039417164537
                              Encrypted:false
                              SSDEEP:192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk
                              MD5:5E8C69A459A691B5D1B9BE442332C87D
                              SHA1:F24DD1AD7C9080575D92A9A9A2C42620725EF836
                              SHA-256:84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091
                              SHA-512:6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42
                              Malicious:false
                              Reputation:low
                              URL:https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.css
                              Preview:#cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapper del,#cf-wrapper details,#cf-wrapper dfn,#cf-wrapper div,#cf-wrapper dl,#cf-wrapper dt,#cf-wrapper em,#cf-wrapper embed,#cf-wrapper fieldset,#cf-wrapper figcaption,#cf-wrapper figure,#cf-wrapper footer,#cf-wrapper form,#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3,#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper header,#cf-wrapper hgroup,#cf-wrapper html,#cf-wrapper i,#cf-wrapper iframe,#cf-wrapper img,#cf-wrapper label,#cf-wrapper legend,#cf-wrapper li,#cf-wrapper mark,#cf-wrapper menu,#cf-wrapper nav,#cf-wrapper object,#cf-wrapper ol,#cf-wrapper output,#cf-wrapper p,#cf-wrapper pre,#cf-wrapper s,#cf-wrapper samp,#cf-wrapper section,#cf-wrapper small,#cf-wrapper span,#cf-wrapper strike,#cf-wrapper strong,#cf-wrapper sub,#cf-w
                              No static file info
                              TimestampSource PortDest PortSource IPDest IP
                              Jan 13, 2025 01:06:31.257452965 CET49674443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:31.257452965 CET49675443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:31.382369041 CET49673443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:40.871460915 CET49675443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:40.871465921 CET49674443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:40.996493101 CET49673443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:42.104495049 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.104532957 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.104604006 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.105444908 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.105460882 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.634135962 CET4434970323.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:42.634315014 CET49703443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:42.768039942 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.781709909 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.781729937 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.782819986 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.782887936 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.827330112 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.827686071 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.879462957 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:42.879471064 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:42.926351070 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:44.175795078 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.175838947 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.175915956 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.176851988 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.176867008 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.177627087 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.177668095 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.177907944 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.178355932 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.178371906 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.698410988 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.698749065 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.698766947 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.699949026 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.700000048 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.700057983 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.700176954 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:44.700191975 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.701407909 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:44.701478958 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.189394951 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.189394951 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.189526081 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.189779997 CET44349714172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.189852953 CET49714443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190107107 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190151930 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.190215111 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190356016 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190382004 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190429926 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190653086 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190684080 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.190774918 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190849066 CET44349713172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.190911055 CET49713443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190929890 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.190943003 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.191251040 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.191267967 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.655916929 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.660541058 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.708836079 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.708838940 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.717962027 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.717974901 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.718194008 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.718211889 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.719189882 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.719257116 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.719861031 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.719880104 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.719918966 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.720371962 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.720449924 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.721441031 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.721477032 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.721487999 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.721540928 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.762053967 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.762058973 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.762079000 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.808775902 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.824125051 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.824166059 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.824196100 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.824220896 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.824295998 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.824321032 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.824321032 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.824359894 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.841454983 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:45.841494083 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:45.841553926 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:45.841810942 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:45.841831923 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:45.947608948 CET49717443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.947632074 CET44349717172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:45.949199915 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:45.995327950 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047749996 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047813892 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047853947 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047894955 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047918081 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.047933102 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.047954082 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.048289061 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.048485041 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.048497915 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.048685074 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.048731089 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.048731089 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.048747063 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.048832893 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.048840046 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.052388906 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.052505016 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.052512884 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.093030930 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.134444952 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134543896 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134598017 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134663105 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.134680033 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134788990 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134848118 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.134866953 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134905100 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.134955883 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.134957075 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.143017054 CET49716443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.143039942 CET44349716172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.167038918 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.167092085 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.167429924 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.171722889 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.171742916 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.319974899 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.320404053 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.320417881 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.322088957 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.322208881 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.325917006 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.326014996 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.326376915 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.326397896 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.373100042 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.450022936 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.450126886 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.450277090 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.450771093 CET49718443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.450790882 CET4434971835.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.451463938 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.451510906 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.451581001 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.451848984 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.451864958 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.624779940 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.625071049 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.625102997 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.626137972 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.626216888 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.626678944 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.626703024 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.626746893 CET44349719172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.626786947 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.626823902 CET49719443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.627120018 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.627163887 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.627226114 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.627541065 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:46.627557039 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:46.910536051 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.910818100 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.910837889 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.912138939 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.912492990 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.912575006 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:46.912753105 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:46.955331087 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:47.038556099 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:47.038729906 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:47.038801908 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:47.038872004 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:47.038887978 CET4434972135.190.80.1192.168.2.5
                              Jan 13, 2025 01:06:47.038906097 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:47.038945913 CET49721443192.168.2.535.190.80.1
                              Jan 13, 2025 01:06:47.092391968 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.092674971 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.092694044 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.093040943 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.093542099 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.093617916 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.093704939 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.135329008 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.136157990 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.237976074 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.238061905 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.238176107 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.244766951 CET49722443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.244787931 CET44349722172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.257675886 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.257738113 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.257908106 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.258163929 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.258178949 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.737976074 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.738267899 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.738281965 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.742423058 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.742491961 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743009090 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743029118 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743083000 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743112087 CET44349723172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.743344069 CET49723443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743360996 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743455887 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:47.743541956 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743727922 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:47.743760109 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.202313900 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.202615976 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.202622890 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.204065084 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.204149961 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.204555988 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.204638004 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.204704046 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.204709053 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.245739937 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.330756903 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.330823898 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.330864906 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.330879927 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.330914974 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.330959082 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.330965042 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.330974102 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.331027985 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.331033945 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.331207991 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.331273079 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.331279039 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.335468054 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.335513115 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.335534096 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.335561037 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.335601091 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.335609913 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.386358023 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.412350893 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.412398100 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.412484884 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.413078070 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.413099051 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.417499065 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417584896 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417625904 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417645931 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.417675018 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417721987 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417735100 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.417748928 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417819023 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.417824030 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417890072 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417937994 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.417978048 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.418001890 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.418009996 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.418056011 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.418062925 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.418137074 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.418143988 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.418159962 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.418226004 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.420670033 CET49724443192.168.2.5172.67.193.147
                              Jan 13, 2025 01:06:48.420695066 CET44349724172.67.193.147192.168.2.5
                              Jan 13, 2025 01:06:48.431824923 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.431871891 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.431952953 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.432543039 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.432559967 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.869002104 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.869326115 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.869347095 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.870327950 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.870399952 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.870939970 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.870985031 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871005058 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.871058941 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871069908 CET44349725104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.871098995 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871115923 CET49725443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871572971 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871597052 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.871680021 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871961117 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.871974945 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.893311024 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.893699884 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.893716097 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.897475958 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.897558928 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898235083 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898255110 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898313046 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898423910 CET44349726104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.898492098 CET49726443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898735046 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.898780107 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:48.898848057 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.899193048 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:48.899207115 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.356086969 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.356394053 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.356412888 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.357543945 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.357626915 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.358321905 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.358416080 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.358863115 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.358871937 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.359747887 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.360438108 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.360447884 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.362358093 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.362418890 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.370429993 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.370543003 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.370984077 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.370992899 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.403259039 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.418905973 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.499064922 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.499243021 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.499304056 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.500643969 CET49727443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.500659943 CET44349727104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.505595922 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.505717993 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.505772114 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.505783081 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.505852938 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.505907059 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.505912066 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506004095 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506068945 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.506074905 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506172895 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506266117 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506318092 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.506324053 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.506366968 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.506371021 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.559498072 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.559514999 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.592928886 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.592988968 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.592998981 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593074083 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593146086 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593194008 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.593199968 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593239069 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.593256950 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593409061 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593455076 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.593461037 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.593976021 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594052076 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594115019 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.594120979 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594156981 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.594161987 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594321966 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594463110 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:49.594520092 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.594934940 CET49728443192.168.2.5104.21.41.205
                              Jan 13, 2025 01:06:49.594947100 CET44349728104.21.41.205192.168.2.5
                              Jan 13, 2025 01:06:52.704016924 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:52.704106092 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:06:52.704164982 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:53.539427996 CET49703443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:53.539510965 CET49703443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:53.539833069 CET49740443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:53.539860964 CET4434974023.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:53.540220022 CET49740443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:53.544369936 CET4434970323.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:53.544401884 CET4434970323.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:53.544995070 CET49740443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:53.545005083 CET4434974023.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:54.127515078 CET4434974023.1.237.91192.168.2.5
                              Jan 13, 2025 01:06:54.127597094 CET49740443192.168.2.523.1.237.91
                              Jan 13, 2025 01:06:54.670886040 CET49711443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:06:54.670927048 CET44349711142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:13.278517962 CET4434974023.1.237.91192.168.2.5
                              Jan 13, 2025 01:07:13.278635979 CET49740443192.168.2.523.1.237.91
                              Jan 13, 2025 01:07:42.144764900 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:42.144793034 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.145020008 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:42.145905018 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:42.145919085 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.794131041 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.794536114 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:42.794555902 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.794929981 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.795424938 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:42.795619011 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:42.840224981 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:52.700525999 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:52.700606108 CET44350003142.250.185.132192.168.2.5
                              Jan 13, 2025 01:07:52.700697899 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:54.657716990 CET50003443192.168.2.5142.250.185.132
                              Jan 13, 2025 01:07:54.657741070 CET44350003142.250.185.132192.168.2.5
                              TimestampSource PortDest PortSource IPDest IP
                              Jan 13, 2025 01:06:37.935070038 CET53620241.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:37.996901989 CET53545921.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:38.984216928 CET53522841.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:42.094737053 CET6304053192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:42.095021963 CET6104753192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:42.101639986 CET53630401.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:42.101768970 CET53610471.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:43.583050966 CET5543153192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:43.583235979 CET6134353192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:43.903456926 CET53613431.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:44.175136089 CET53554311.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:45.834038019 CET6551853192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:45.834305048 CET5181653192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:45.840606928 CET53655181.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:45.840928078 CET53518161.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:47.265126944 CET6415453192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:47.265233994 CET6099153192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:47.643913984 CET53609911.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:48.277492046 CET6161053192.168.2.51.1.1.1
                              Jan 13, 2025 01:06:48.411338091 CET53641541.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:48.832309008 CET53616101.1.1.1192.168.2.5
                              Jan 13, 2025 01:06:56.333234072 CET53524271.1.1.1192.168.2.5
                              Jan 13, 2025 01:07:15.192214012 CET53641911.1.1.1192.168.2.5
                              Jan 13, 2025 01:07:37.538863897 CET53555541.1.1.1192.168.2.5
                              Jan 13, 2025 01:07:38.067162991 CET53582981.1.1.1192.168.2.5
                              TimestampSource IPDest IPChecksumCodeType
                              Jan 13, 2025 01:06:48.832386971 CET192.168.2.51.1.1.1c20f(Port unreachable)Destination Unreachable
                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Jan 13, 2025 01:06:42.094737053 CET192.168.2.51.1.1.10x39acStandard query (0)www.google.comA (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:42.095021963 CET192.168.2.51.1.1.10x72b1Standard query (0)www.google.com65IN (0x0001)false
                              Jan 13, 2025 01:06:43.583050966 CET192.168.2.51.1.1.10x6803Standard query (0)informed.deliveryekg.topA (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:43.583235979 CET192.168.2.51.1.1.10x4fe4Standard query (0)informed.deliveryekg.top65IN (0x0001)false
                              Jan 13, 2025 01:06:45.834038019 CET192.168.2.51.1.1.10xccb5Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:45.834305048 CET192.168.2.51.1.1.10xe511Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                              Jan 13, 2025 01:06:47.265126944 CET192.168.2.51.1.1.10xca3eStandard query (0)informed.deliveryekg.topA (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:47.265233994 CET192.168.2.51.1.1.10xe5d7Standard query (0)informed.deliveryekg.top65IN (0x0001)false
                              Jan 13, 2025 01:06:48.277492046 CET192.168.2.51.1.1.10x2e15Standard query (0)informed.deliveryekg.topA (IP address)IN (0x0001)false
                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Jan 13, 2025 01:06:42.101639986 CET1.1.1.1192.168.2.50x39acNo error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:42.101768970 CET1.1.1.1192.168.2.50x72b1No error (0)www.google.com65IN (0x0001)false
                              Jan 13, 2025 01:06:43.903456926 CET1.1.1.1192.168.2.50x4fe4No error (0)informed.deliveryekg.top65IN (0x0001)false
                              Jan 13, 2025 01:06:44.175136089 CET1.1.1.1192.168.2.50x6803No error (0)informed.deliveryekg.top172.67.193.147A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:44.175136089 CET1.1.1.1192.168.2.50x6803No error (0)informed.deliveryekg.top104.21.41.205A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:45.840606928 CET1.1.1.1192.168.2.50xccb5No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:47.643913984 CET1.1.1.1192.168.2.50xe5d7No error (0)informed.deliveryekg.top65IN (0x0001)false
                              Jan 13, 2025 01:06:48.411338091 CET1.1.1.1192.168.2.50xca3eNo error (0)informed.deliveryekg.top104.21.41.205A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:48.411338091 CET1.1.1.1192.168.2.50xca3eNo error (0)informed.deliveryekg.top172.67.193.147A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:48.832309008 CET1.1.1.1192.168.2.50x2e15No error (0)informed.deliveryekg.top172.67.193.147A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:48.832309008 CET1.1.1.1192.168.2.50x2e15No error (0)informed.deliveryekg.top104.21.41.205A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:52.264512062 CET1.1.1.1192.168.2.50xaa74No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:52.264512062 CET1.1.1.1192.168.2.50xaa74No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:52.274575949 CET1.1.1.1192.168.2.50x13a4No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                              Jan 13, 2025 01:06:52.274575949 CET1.1.1.1192.168.2.50x13a4No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:06:52.852863073 CET1.1.1.1192.168.2.50xe84eNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Jan 13, 2025 01:06:52.852863073 CET1.1.1.1192.168.2.50xe84eNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:05.707365036 CET1.1.1.1192.168.2.50x27dNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Jan 13, 2025 01:07:05.707365036 CET1.1.1.1192.168.2.50x27dNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:30.270237923 CET1.1.1.1192.168.2.50x70a9No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Jan 13, 2025 01:07:30.270237923 CET1.1.1.1192.168.2.50x70a9No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:50.710889101 CET1.1.1.1192.168.2.50x8ef8No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Jan 13, 2025 01:07:50.710889101 CET1.1.1.1192.168.2.50x8ef8No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.34A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com84.201.210.23A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.35A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.20A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.36A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.18A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com84.201.210.39A (IP address)IN (0x0001)false
                              Jan 13, 2025 01:07:54.187828064 CET1.1.1.1192.168.2.50xe642No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.19A (IP address)IN (0x0001)false
                              • informed.deliveryekg.top
                              • https:
                              • a.nel.cloudflare.com
                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.549717172.67.193.1474435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:45 UTC670OUTGET /us/ HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:45 UTC570INHTTP/1.1 403 Forbidden
                              Date: Mon, 13 Jan 2025 00:06:45 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              X-Frame-Options: SAMEORIGIN
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 901124681e5942b5-EWR
                              2025-01-13 00:06:45 UTC799INData Raw: 31 31 63 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20
                              Data Ascii: 11c4<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
                              2025-01-13 00:06:45 UTC1369INData Raw: 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67
                              Data Ascii: f="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.g
                              2025-01-13 00:06:45 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 30 34 30 34 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 6f 72 64 65 72 3a 20 30 3b 22 3e 4c 65 61 72 6e 20 4d 6f 72 65 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii: <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a>
                              2025-01-13 00:06:45 UTC1019INData Raw: 72 65 76 65 61 6c 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 2d 62 74 6e 22 3e 43 6c 69 63 6b 20 74 6f 20 72 65 76 65 61 6c 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 22 3e 38 2e 34 36 2e 31 32 33 2e 31 38 39 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22
                              Data Ascii: reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button> <span class="hidden" id="cf-footer-ip">8.46.123.189</span> <span class="cf-footer-separator sm:hidden">&bull;</span> </span> <span class="cf-footer-item sm:block sm:mb-1"
                              2025-01-13 00:06:45 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.549716172.67.193.1474435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:45 UTC578OUTGET /cdn-cgi/styles/cf.errors.css HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://informed.deliveryekg.top/us/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:46 UTC411INHTTP/1.1 200 OK
                              Date: Mon, 13 Jan 2025 00:06:46 GMT
                              Content-Type: text/css
                              Content-Length: 24051
                              Connection: close
                              Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT
                              ETag: "677d3acc-5df3"
                              Server: cloudflare
                              CF-RAY: 901124698c42c425-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Mon, 13 Jan 2025 02:06:46 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2025-01-13 00:06:46 UTC958INData Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70
                              Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
                              2025-01-13 00:06:46 UTC1369INData Raw: 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 61 62 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 66 6f 6f 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 65 61 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f
                              Data Ascii: e,#cf-wrapper strong,#cf-wrapper sub,#cf-wrapper summary,#cf-wrapper sup,#cf-wrapper table,#cf-wrapper tbody,#cf-wrapper td,#cf-wrapper tfoot,#cf-wrapper th,#cf-wrapper thead,#cf-wrapper tr,#cf-wrapper tt,#cf-wrapper u,#cf-wrapper ul{margin:0;padding:0;bo
                              2025-01-13 00:06:46 UTC1369INData Raw: 31 2e 35 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 6e 6f 72 6d 61 6c 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 36 2c 31 33 39 2c 33 31 2c 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 65 6d
                              Data Ascii: 1.5!important;text-decoration:none!important;letter-spacing:normal;-webkit-tap-highlight-color:rgba(246,139,31,.3);-webkit-font-smoothing:antialiased}#cf-wrapper .cf-section,#cf-wrapper section{background:0 0;display:block;margin-bottom:2em;margin-top:2em
                              2025-01-13 00:06:46 UTC1369INData Raw: 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 77 6f 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 32 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69
                              Data Ascii: ld(2n),#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.four>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.two>.cf-column:nth-child(2n){padding-left:22.5px;padding-right:0}#cf-wrapper .cf-columns.cols-2>.cf-column:nth-chi
                              2025-01-13 00:06:46 UTC1369INData Raw: 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 31 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73
                              Data Ascii: ),#cf-wrapper .cf-columns.four>.cf-column:nth-child(odd){clear:none}#cf-wrapper .cf-columns.cols-4>.cf-column:first-child,#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+1),#cf-wrapper .cf-columns.four>.cf-column:first-child,#cf-wrapper .cf-columns
                              2025-01-13 00:06:46 UTC1369INData Raw: 30 3b 70 61 64 64 69 6e 67 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 7d 23 63 66 2d 77 72 61 70 70 65
                              Data Ascii: 0;padding:0}#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3{font-weight:400}#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper strong{font-weight:600}#cf-wrapper h1{font-size:36px;line-height:1.2}#cf-wrapper h2{font-size:30px;line-height:1.3}#cf-wrappe
                              2025-01-13 00:06:46 UTC1369INData Raw: 68 32 2b 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 6f 6c 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 63 6f 6c
                              Data Ascii: h2+h4,#cf-wrapper h2+h5,#cf-wrapper h2+h6,#cf-wrapper h3+h5,#cf-wrapper h3+h6,#cf-wrapper h3+p,#cf-wrapper h4+p,#cf-wrapper h5+ol,#cf-wrapper h5+p,#cf-wrapper h5+ul{margin-top:.5em}#cf-wrapper .cf-btn{background-color:transparent;border:1px solid #999;col
                              2025-01-13 00:06:46 UTC1369INData Raw: 3a 23 36 32 61 31 64 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 31 36 33 39 35 39 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 68 6f 76 65 72 2c 23
                              Data Ascii: :#62a1d8;border:1px solid #163959;color:#fff}#cf-wrapper .cf-btn-danger,#cf-wrapper .cf-btn-error,#cf-wrapper .cf-btn-important{background-color:#bd2426;border-color:transparent;color:#fff}#cf-wrapper .cf-btn-danger:hover,#cf-wrapper .cf-btn-error:hover,#
                              2025-01-13 00:06:46 UTC1369INData Raw: 61 63 65 3a 6e 6f 77 72 61 70 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 34 30 34 30 34 30 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 36 36 36 37 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 34 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 21 69 6d 70 6f 72 74 61 6e
                              Data Ascii: ace:nowrap}#cf-wrapper input,#cf-wrapper select,#cf-wrapper textarea{background:#fff!important;border:1px solid #999!important;color:#404040!important;font-size:.86667em!important;line-height:1.24!important;margin:0 0 1em!important;max-width:100%!importan
                              2025-01-13 00:06:46 UTC1369INData Raw: 3a 23 34 30 34 30 34 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 3a 37 2e 35 70 78 20 31 35 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 3a 65 6d 70 74 79 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 20 2e 63 66 2d 63 6c 6f 73 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 2e 37 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 70 61 64 64 69 6e
                              Data Ascii: :#404040;font-size:13px;padding:7.5px 15px;position:relative;vertical-align:middle;border-radius:2px}#cf-wrapper .cf-alert:empty{display:none}#cf-wrapper .cf-alert .cf-close{border:1px solid transparent;color:inherit;font-size:18.75px;line-height:1;paddin


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.54971835.190.80.14435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:46 UTC561OUTOPTIONS /report/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3D HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Origin: https://informed.deliveryekg.top
                              Access-Control-Request-Method: POST
                              Access-Control-Request-Headers: content-type
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:46 UTC336INHTTP/1.1 200 OK
                              Content-Length: 0
                              access-control-max-age: 86400
                              access-control-allow-methods: POST, OPTIONS
                              access-control-allow-origin: *
                              access-control-allow-headers: content-length, content-type
                              date: Mon, 13 Jan 2025 00:06:46 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.54972135.190.80.14435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:46 UTC494OUTPOST /report/v4?s=8M78bRC42rRflw3d8BEeexs3gO%2F1a%2FYavEkmAvKY9AnnBwV6CZV3OO7n7MhtiGc3p1YAfN7l%2FtQ5uf44or7AmN5VvWiFQn%2FGyrjdqtkCNJb7ro9o4MkJv8aZ6Es7oD9wst%2BgFdqIwHuu1Nc%3D HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Content-Length: 399
                              Content-Type: application/reports+json
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:46 UTC399OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 32 32 33 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 31 39 33 2e 31 34 37 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 69 6e 66 6f 72 6d 65 64 2e 64 65 6c 69 76
                              Data Ascii: [{"age":0,"body":{"elapsed_time":2235,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.193.147","status_code":403,"type":"http.error"},"type":"network-error","url":"https://informed.deliv
                              2025-01-13 00:06:47 UTC168INHTTP/1.1 200 OK
                              Content-Length: 0
                              date: Mon, 13 Jan 2025 00:06:46 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.549722172.67.193.1474435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:47 UTC667OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://informed.deliveryekg.top/cdn-cgi/styles/cf.errors.css
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:47 UTC409INHTTP/1.1 200 OK
                              Date: Mon, 13 Jan 2025 00:06:47 GMT
                              Content-Type: image/png
                              Content-Length: 452
                              Connection: close
                              Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT
                              ETag: "677d3acc-1c4"
                              Server: cloudflare
                              CF-RAY: 90112470db400c8e-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Mon, 13 Jan 2025 02:06:47 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2025-01-13 00:06:47 UTC452INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65
                              Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.549724172.67.193.1474435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:48 UTC607OUTGET /favicon.ico HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://informed.deliveryekg.top/us/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:48 UTC971INHTTP/1.1 200 OK
                              Date: Mon, 13 Jan 2025 00:06:48 GMT
                              Content-Type: image/vnd.microsoft.icon
                              Content-Length: 32038
                              Connection: close
                              Access-Control-Allow-Origin: *
                              Cache-Control: public, max-age=86400
                              Last-Modified: Mon, 15 Jul 2024 08:24:14 GMT
                              ETag: W/"7d26-190b57e07b0"
                              CF-Cache-Status: HIT
                              Age: 15089
                              Accept-Ranges: bytes
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUQCEUOXlrRjHnIZpvaY763QFZoCnum6lPUO0vW9fMGu5W%2Frq8Lf8tbjIrAiZ5VGCCeN3dPopuEczcY11X7L84HpGR%2BmxruJ9dWUe%2Bq5bAYFOikyN7cja9ZYVAzmAThpT5%2FLP5gIIvwCZ8c%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 90112477bd64c439-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1634&min_rtt=1627&rtt_var=624&sent=3&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1185&delivery_rate=1733966&cwnd=207&unsent_bytes=0&cid=28b8e81dbf46c73a&ts=137&x=0"
                              2025-01-13 00:06:48 UTC398INData Raw: 00 00 01 00 04 00 10 10 00 00 00 00 20 00 68 04 00 00 46 00 00 00 20 20 00 00 00 00 20 00 a8 10 00 00 ae 04 00 00 30 30 00 00 00 00 20 00 a8 25 00 00 56 15 00 00 40 40 00 00 00 00 20 00 28 42 00 00 fe 3a 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 65 32 31 1b 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 65 32 31 1b 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 e4 da d8 51 be a7 a5 ff 81 55 53 ff 66 33 32 ff 66
                              Data Ascii: hF 00 %V@@ (B:( @e21f32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qe21f32Qf32f32f32f32f32f32f32f32f32f32f32f32f32f32f32QQUSf32f
                              2025-01-13 00:06:48 UTC1369INData Raw: 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 78 4b 4a ff bf aa aa ff f8 f6 f6 ff fd fc fc ff d8 c9 c7 ff 9a 76 75 ff 6b 39 38 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 67 34 33 ff ab 8f 8e ff 86 5e 5d ff b6 9d 9d ff f0 eb eb ff ff ff ff ff ef e9 e9 ff b6 9b 9a ff 7b 4e 4c ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 85 5c 5b ff fe fd fd ff f7 f5 f5 ff c9 b7 b6 ff 97 74 73 ff 99 77 77 ff c7 b4 b4 ff f1 ed ed ff fb f9 f9 ff cd bb b9 ff 6b 39 38 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff b4 9b 9b ff ff ff ff ff ff ff ff ff ff ff ff
                              Data Ascii: f32f32f32f32f32f32f32f32Qf32Qf32f32f32xKJvuk98f32f32f32f32f32Qf32Qf32f32f32g43^]{NLf32f32f32Qf32Qf32f32f32\[tswwk98f32Qf32Qf32f32f32
                              2025-01-13 00:06:48 UTC1369INData Raw: 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 fe fd fd a1 fe fd fd ff f1 eb ea ff bb a1 9f ff 7d 4e 4b ff 68 36 34 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 a4 86 85 a1 da ce ce ff fb fa fa ff
                              Data Ascii: 32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32}NKh64f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32
                              2025-01-13 00:06:48 UTC1369INData Raw: a7 ff 84 59 56 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 66 33 32 a1 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff ba a3 a2 ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe ff f7 f4 f4 ff d4 c6 c6 ff a0 81 80 ff 72 43 42 ff 6b 39 38 ff 7b 4f 4e ff a7 8a 8a ff d2 c4 c3 ff f7 f4 f4 ff ff ff ff ff ff ff ff ff fe fe fe ff f0 ea e9 ff 7c 4e 4c ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 66 33 32 a1 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 6b 39 38 ff e6 dd dd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fb fa fa ff db cf cf ff b1 98 97 ff 8d 68 67 ff 74 45 44 ff 72 43 42 ff 8c 65 65 ff c5 b2 b1 ff c9
                              Data Ascii: YVf32f32f32f32f32f32f32f32f32f32f32rCBk98{ON|NLf32f32f32f32f32f32f32f32f32k98hgtEDrCBee
                              2025-01-13 00:06:48 UTC1369INData Raw: ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 fd fd fd a1 fb fa fa ff f2 ed ec ff ce b9 b6 ff b2 97 95 ff 8c 61 5e ff 73 42 3f ff 6a 38 37 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 95 6f 6c a1 79 48 45 ff 67 34 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33
                              Data Ascii: f32f32f32f32f32f32f32f32f32f32f32f32f32f32a^sB?j87f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32olyHEg42f32f32f32f32f32f32f32f32f32f32f32f32f3
                              2025-01-13 00:06:48 UTC1369INData Raw: ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 32 e3 65 32 31 f1 66 33 31 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 65 32 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 65 32 32 f1 65 32 32 f1 66 33 32 e3 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 65 32 32 f1 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32
                              Data Ascii: f32e21f31f32f32f32f32f32e22e22e22f32e22e22f32e22e22f32e22f32f31f31f31f32f31f31f31f31f32f31f31f31f31f31f31e21f31f31f31f31f31e22e22f32e22f32f32e21e22f32f32f32f32f32f32
                              2025-01-13 00:06:48 UTC1369INData Raw: e3 e2 ff fe fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff fb f9 f9 ff ca b3 af ff a0 7d 7b ff 75 42 3f ff 67 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 65 32 32 ff 65 32 31 ff 66 33 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 6a 39 38 f1 83 5a 59 ff c1 ac ac ff f6 f3 f2 ff fe fe fe ff ff ff ff ff fe fe fe ff fe fe fe ff f9 f6 f6 ff dd cf cd ff b6 99 95 ff 77 44 41 ff 68 35 34 ff 66 33 32 ff 66 33 32 ff 65 32 32 ff 66 33 32 ff
                              Data Ascii: }{uB?g32f32f32f32f32f32f32f32f32f32e21f31e21e21f31f32e21f32f32e21e21e22e21f31f31e21f32e21f31f31f32f31f31f31j98ZYwDAh54f32f32e22f32
                              2025-01-13 00:06:48 UTC1369INData Raw: 31 ff 65 32 31 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 6d 3d 3c ff 9a 79 78 ff cf bf be ff fa f8 f8 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fc fa fa ff d3 c0 bd ff ac 8d 8a ff 79 47 44 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 32 f1 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 66 33 32 ff 66 34 33 ff 6f 3f 3e ff 92 6d 6c ff d3 c5 c4 ff f3 ef ef ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe ff ff
                              Data Ascii: 1e21e21e21f31m=<yxyGDf32f31f32f31f31f32e21e21f31e21f32f31f32e21f31f32f31f32f32f32e21f32f32e22e21f32f32e21e21f32f43o?>ml
                              2025-01-13 00:06:48 UTC1369INData Raw: ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff f0 eb eb ff d9 cd cd ff af 95 95 ff 80 55 54 ff 67 34 33 ff 66 33 32 ff 68 36 35 ff 7a 4e 4d ff 8f 69 69 ff b3 99 98 ff d9 cd cc ff fb fa fa ff fe fe fe ff fe fe fe ff ff ff ff ff fe fe fe ff fe fe fe ff f4 ef ee ff 94 6c 69 ff 66 33 32 ff 65 32 31 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 31 f1 66 33 32 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 65 32 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 91 6d 6c ff f8 f5 f5 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e8 e1 e0 ff be a8 a8 ff 97 75 74 ff 84 5b
                              Data Ascii: UTg43f32h65zNMiilif32e21f31f31f32f32f32e21f32e21e22f32f32f32mlut[
                              2025-01-13 00:06:48 UTC1369INData Raw: bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff b9 a1 a1 ff ca b9 b9 ff bc a7 a7 ff bc a7 a7 ff bc a7 a7 ff c3 af ae ff d1 c2 c2 ff ed e7 e7 ff fe fe fe ff e5 da d9 ff 6d 39 36 ff 65 32 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 31 f1 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 6f 3f 3e ff a0 80 7f ff fe fe fe ff fe fe fe ff ff ff ff
                              Data Ascii: m96e21f31e21f32e21f32f31f32f31f31e21f32f31f32f32e21f32f32f32f32f32f32f31f31f32f31f32e21f32e21f31f32o?>


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.549727104.21.41.2054435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:49 UTC394OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:49 UTC409INHTTP/1.1 200 OK
                              Date: Mon, 13 Jan 2025 00:06:49 GMT
                              Content-Type: image/png
                              Content-Length: 452
                              Connection: close
                              Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT
                              ETag: "677d3acc-1c4"
                              Server: cloudflare
                              CF-RAY: 9011247f08a3efa5-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Mon, 13 Jan 2025 02:06:49 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2025-01-13 00:06:49 UTC452INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65
                              Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.549728104.21.41.2054435892C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-13 00:06:49 UTC359OUTGET /favicon.ico HTTP/1.1
                              Host: informed.deliveryekg.top
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-13 00:06:49 UTC973INHTTP/1.1 200 OK
                              Date: Mon, 13 Jan 2025 00:06:49 GMT
                              Content-Type: image/vnd.microsoft.icon
                              Content-Length: 32038
                              Connection: close
                              Access-Control-Allow-Origin: *
                              Cache-Control: public, max-age=86400
                              Last-Modified: Mon, 15 Jul 2024 08:24:14 GMT
                              ETag: W/"7d26-190b57e07b0"
                              CF-Cache-Status: HIT
                              Age: 15090
                              Accept-Ranges: bytes
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28jEhRHXjM7EjTTN9ewp5qBKbzqjtdjOrasslggTK2MqXgpC9PIxmBLlkC3rwBUWC5GAmXWbCHDpHdyiNo0jDnaduS2Ymb%2BRw%2B4fDTBufxE%2BboXCou2YxD%2F%2BgsuatMOb1SGqnPvpdFixkj0%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 9011247f0c7ac481-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=2225&min_rtt=1661&rtt_var=1026&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=937&delivery_rate=1757977&cwnd=236&unsent_bytes=0&cid=61363a3a466897fc&ts=153&x=0"
                              2025-01-13 00:06:49 UTC396INData Raw: 00 00 01 00 04 00 10 10 00 00 00 00 20 00 68 04 00 00 46 00 00 00 20 20 00 00 00 00 20 00 a8 10 00 00 ae 04 00 00 30 30 00 00 00 00 20 00 a8 25 00 00 56 15 00 00 40 40 00 00 00 00 20 00 28 42 00 00 fe 3a 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 65 32 31 1b 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 66 33 32 51 65 32 31 1b 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 e4 da d8 51 be a7 a5 ff 81 55 53 ff 66 33 32 ff 66
                              Data Ascii: hF 00 %V@@ (B:( @e21f32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qf32Qe21f32Qf32f32f32f32f32f32f32f32f32f32f32f32f32f32f32QQUSf32f
                              2025-01-13 00:06:49 UTC1369INData Raw: 50 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 78 4b 4a ff bf aa aa ff f8 f6 f6 ff fd fc fc ff d8 c9 c7 ff 9a 76 75 ff 6b 39 38 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 67 34 33 ff ab 8f 8e ff 86 5e 5d ff b6 9d 9d ff f0 eb eb ff ff ff ff ff ef e9 e9 ff b6 9b 9a ff 7b 4e 4c ff 66 33 32 ff 66 33 32 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff 85 5c 5b ff fe fd fd ff f7 f5 f5 ff c9 b7 b6 ff 97 74 73 ff 99 77 77 ff c7 b4 b4 ff f1 ed ed ff fb f9 f9 ff cd bb b9 ff 6b 39 38 ff 66 33 32 51 66 33 32 51 66 33 32 ff 66 33 32 ff 66 33 32 ff b4 9b 9b ff ff ff ff ff ff ff ff ff ff
                              Data Ascii: Pf32f32f32f32f32f32f32f32Qf32Qf32f32f32xKJvuk98f32f32f32f32f32Qf32Qf32f32f32g43^]{NLf32f32f32Qf32Qf32f32f32\[tswwk98f32Qf32Qf32f32f32
                              2025-01-13 00:06:49 UTC1369INData Raw: ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 fe fd fd a1 fe fd fd ff f1 eb ea ff bb a1 9f ff 7d 4e 4b ff 68 36 34 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 a4 86 85 a1 da ce ce ff fb fa
                              Data Ascii: f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32}NKh64f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32
                              2025-01-13 00:06:49 UTC1369INData Raw: c2 aa a7 ff 84 59 56 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 66 33 32 a1 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff ba a3 a2 ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe ff f7 f4 f4 ff d4 c6 c6 ff a0 81 80 ff 72 43 42 ff 6b 39 38 ff 7b 4f 4e ff a7 8a 8a ff d2 c4 c3 ff f7 f4 f4 ff ff ff ff ff ff ff ff ff fe fe fe ff f0 ea e9 ff 7c 4e 4c ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 66 33 32 a1 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 6b 39 38 ff e6 dd dd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fb fa fa ff db cf cf ff b1 98 97 ff 8d 68 67 ff 74 45 44 ff 72 43 42 ff 8c 65 65 ff c5 b2 b1
                              Data Ascii: YVf32f32f32f32f32f32f32f32f32f32f32rCBk98{ON|NLf32f32f32f32f32f32f32f32f32k98hgtEDrCBee
                              2025-01-13 00:06:49 UTC1369INData Raw: 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 fd fd fd a1 fb fa fa ff f2 ed ec ff ce b9 b6 ff b2 97 95 ff 8c 61 5e ff 73 42 3f ff 6a 38 37 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 a1 ff ff ff 01 ff ff ff 01 95 6f 6c a1 79 48 45 ff 67 34 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff
                              Data Ascii: 32f32f32f32f32f32f32f32f32f32f32f32f32f32f32a^sB?j87f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32f32olyHEg42f32f32f32f32f32f32f32f32f32f32f32f32
                              2025-01-13 00:06:49 UTC1369INData Raw: ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 32 e3 65 32 31 f1 66 33 31 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 65 32 32 f1 66 33 32 f1 65 32 32 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 32 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 65 32 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 66 33 31 f1 65 32 32 f1 65 32 32 f1 66 33 32 e3 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 65 32 32 f1 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66
                              Data Ascii: f32e21f31f32f32f32f32f32e22e22e22f32e22e22f32e22e22f32e22f32f31f31f31f32f31f31f31f31f32f31f31f31f31f31f31e21f31f31f31f31f31e22e22f32e22f32f32e21e22f32f32f32f32f32f
                              2025-01-13 00:06:49 UTC1369INData Raw: f1 e9 e3 e2 ff fe fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff fb f9 f9 ff ca b3 af ff a0 7d 7b ff 75 42 3f ff 67 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 65 32 32 ff 65 32 31 ff 66 33 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 6a 39 38 f1 83 5a 59 ff c1 ac ac ff f6 f3 f2 ff fe fe fe ff ff ff ff ff fe fe fe ff fe fe fe ff f9 f6 f6 ff dd cf cd ff b6 99 95 ff 77 44 41 ff 68 35 34 ff 66 33 32 ff 66 33 32 ff 65 32 32 ff 66 33
                              Data Ascii: }{uB?g32f32f32f32f32f32f32f32f32f32e21f31e21e21f31f32e21f32f32e21e21e22e21f31f31e21f32e21f31f31f32f31f31f31j98ZYwDAh54f32f32e22f3
                              2025-01-13 00:06:49 UTC1369INData Raw: 66 33 31 ff 65 32 31 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 6d 3d 3c ff 9a 79 78 ff cf bf be ff fa f8 f8 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fc fa fa ff d3 c0 bd ff ac 8d 8a ff 79 47 44 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 32 f1 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 65 32 31 ff 66 33 32 ff 66 34 33 ff 6f 3f 3e ff 92 6d 6c ff d3 c5 c4 ff f3 ef ef ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff fe fe fe
                              Data Ascii: f31e21e21e21f31m=<yxyGDf32f31f32f31f31f32e21e21f31e21f32f31f32e21f31f32f31f32f32f32e21f32f32e22e21f32f32e21e21f32f43o?>ml
                              2025-01-13 00:06:49 UTC1369INData Raw: fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff fe fe fe ff f0 eb eb ff d9 cd cd ff af 95 95 ff 80 55 54 ff 67 34 33 ff 66 33 32 ff 68 36 35 ff 7a 4e 4d ff 8f 69 69 ff b3 99 98 ff d9 cd cc ff fb fa fa ff fe fe fe ff fe fe fe ff ff ff ff ff fe fe fe ff fe fe fe ff f4 ef ee ff 94 6c 69 ff 66 33 32 ff 65 32 31 ff 66 33 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 31 f1 66 33 32 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 65 32 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 91 6d 6c ff f8 f5 f5 ff ff ff ff ff fe fe fe ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e8 e1 e0 ff be a8 a8 ff 97 75 74 ff
                              Data Ascii: UTg43f32h65zNMiilif32e21f31f31f32f32f32e21f32e21e22f32f32f32mlut
                              2025-01-13 00:06:49 UTC1369INData Raw: a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff bb a4 a4 ff b9 a1 a1 ff ca b9 b9 ff bc a7 a7 ff bc a7 a7 ff bc a7 a7 ff c3 af ae ff d1 c2 c2 ff ed e7 e7 ff fe fe fe ff e5 da d9 ff 6d 39 36 ff 65 32 31 f1 ff ff ff 01 ff ff ff 01 ff ff ff 01 ff ff ff 01 66 33 31 f1 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 65 32 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 32 ff 66 33 31 ff 66 33 31 ff 66 33 32 ff 66 33 31 ff 66 33 32 ff 65 32 31 ff 66 33 32 ff 65 32 31 ff 66 33 31 ff 66 33 32 ff 6f 3f 3e ff a0 80 7f ff fe fe fe ff fe fe fe ff ff
                              Data Ascii: m96e21f31e21f32e21f32f31f32f31f31e21f32f31f32f32e21f32f32f32f32f32f32f31f31f32f31f32e21f32e21f31f32o?>


                              Click to jump to process

                              Click to jump to process

                              Click to jump to process

                              Target ID:0
                              Start time:19:06:32
                              Start date:12/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:2
                              Start time:19:06:36
                              Start date:12/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 --field-trial-handle=2176,i,3058531963423764916,11242451892783558647,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:3
                              Start time:19:06:42
                              Start date:12/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://informed.deliveryekg.top/us/"
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              No disassembly