Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

Overview

General Information

Sample URL:	https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a
Analysis ID:	1590417
Infos:

Errors URL not reachable

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 2680 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2360,i,16272791088535405586,17053543196037365283,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2276 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://webeoption.ru/.vin/112.png	Avira URL Cloud: Label: phishing
Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/css/main.css	Avira URL Cloud: Label: phishing
Source: https://precheckcar.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://precheckcar.com/wp-admin/assets/back.png	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'precheckcar.com' does not match the legitimate domain for Microsoft., The domain 'precheckcar.com' does not have any obvious connection to Microsoft, which is suspicious., The email address 'a15w2h@nxknp.com' does not appear to be associated with Microsoft, adding to the suspicion. DOM: 1.0.pages.csv

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: Number of links: 0

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,...

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: Title: Microsoft Office 365 does not match URL

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: <input type="password" .../> found

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: No favicon

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: No <meta name="author".. found

Source: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a HTTP/1.1Host: precheckcar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-admin/common/oauth2/v2.0/authorize/css/main.css HTTP/1.1Host: precheckcar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://precheckcar.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://precheckcar.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://precheckcar.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-admin/assets/back.png HTTP/1.1Host: precheckcar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: precheckcar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
Source: global traffic	HTTP traffic detected: GET /wp-admin/assets/back.png HTTP/1.1Host: precheckcar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: precheckcar.com
Source: global traffic	DNS traffic detected: DNS query: use.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net

Source: unknown

HTTP traffic detected: POST /wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a HTTP/1.1Host: precheckcar.comConnection: keep-aliveContent-Length: 44Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: https://precheckcar.comContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58aAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3

Source: chromecache_46.3.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: chromecache_46.3.dr	String found in binary or memory: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031be
Source: chromecache_46.3.dr	String found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.js
Source: chromecache_54.3.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_54.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_46.3.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Archivo
Source: chromecache_51.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
Source: chromecache_51.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rHmsJCQ.wo
Source: chromecache_51.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rXmsJCQ.wo
Source: chromecache_46.3.dr	String found in binary or memory: https://use.fontawesome.com/releases/v5.7.0/css/all.css
Source: chromecache_50.3.dr	String found in binary or memory: https://webeoption.ru/.vin/112.png

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: classification engine

Classification label: mal64.phis.win@17/22@16/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2360,i,16272791088535405586,17053543196037365283,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2360,i,16272791088535405586,17053543196037365283,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://webeoption.ru/.vin/112.png	100%	Avira URL Cloud	phishing
https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/css/main.css	100%	Avira URL Cloud	phishing
https://precheckcar.com/favicon.ico	100%	Avira URL Cloud	phishing
https://precheckcar.com/wp-admin/assets/back.png	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
code.jquery.com	151.101.194.137	true	false		high
sni1gl.wpc.omegacdn.net	152.199.21.175	true	false		high
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false		high
www.google.com	142.250.186.100	true	false		high
precheckcar.com	162.241.2.40	true	false		high
use.fontawesome.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a	true		unknown
https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/css/main.css	false	Avira URL Cloud: phishing	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg	false		high
https://precheckcar.com/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://precheckcar.com/wp-admin/assets/back.png	false	Avira URL Cloud: phishing	unknown
https://code.jquery.com/jquery-3.7.1.min.js	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://fontawesome.com	chromecache_54.3.dr	false		high
https://use.fontawesome.com/releases/v5.7.0/css/all.css	chromecache_46.3.dr	false		high
https://webeoption.ru/.vin/112.png	chromecache_50.3.dr	false	Avira URL Cloud: phishing	unknown
https://fontawesome.com/license/free	chromecache_54.3.dr	false		high
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031be	chromecache_46.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
162.241.2.40	precheckcar.com	United States		26337	OIS1US	false
151.101.130.137	unknown	United States		54113	FASTLYUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
152.199.21.175	sni1gl.wpc.omegacdn.net	United States		15133	EDGECASTUS	false
142.250.186.100	www.google.com	United States		15169	GOOGLEUS	false
151.101.194.137	code.jquery.com	United States		54113	FASTLYUS	false

Private

IP
192.168.2.6

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1590417
Start date and time:	2025-01-14 01:25:51 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 2m 23s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@17/22@16/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	URL browsing timeout or error

Errors

URL not reachable

Warnings

Exclude process from analysis (whitelisted): WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.185.174, 74.125.133.84, 142.250.186.46, 216.58.206.78, 172.217.18.14, 142.250.186.106, 172.67.142.245, 104.21.27.152, 142.250.185.227, 142.250.186.42, 142.250.186.74, 172.217.16.138, 142.250.185.202, 172.217.16.202, 142.250.186.170, 216.58.206.42, 142.250.181.234, 142.250.185.170, 142.250.185.234, 142.250.184.202, 142.250.186.138, 172.217.23.106, 172.217.18.10, 142.250.185.106, 199.232.214.172, 23.50.108.3, 142.250.184.206, 142.250.186.78, 142.250.185.110, 2.23.242.162, 13.107.246.45, 4.245.163.56
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, aadcdnoriginwus2.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, aadcdn.msauth.net, use.fontawesome.com.cdn.cloudflare.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, aadcdnoriginwus2.afd.azureedge.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://precheckcar.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: https://precheckcar.com
URL: https://precheckcar.com/wp-admin/common/oauth2/v2.... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a simple form validation and UI manipulation code. It does not exhibit any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. The script is primarily focused on handling user input, displaying error messages, and animating the visibility of different HTML elements. This behavior is consistent with typical user interface functionality and does not raise significant security concerns." }
$(document).ready(function() { $('input[name="ai"]').on('input', function() { if (!$(this).val()) { $('#error-ai').show(); } else { $('#error-ai').hide(); } }); $('button[id="next"]').click(function() { var ai = $('input[name="ai"]').val(); $('input[name="em"]').val(ai); $('#aich').html(ai); if (!ai) { $('#error-ai').show(); } else { $('#div1').animate({ left: 0, opacity: 'hide' }); $('#div3').animate({ left: 0, opacity: 'show' }); window.setTimeout(function() { $('#div3').animate({ left: 0, opacity: 'hide' }); $('#div2').animate({ left: 0, opacity: 'show' }); }, 1000); } }); });
URL: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Next", "text_input_field_labels": [ "a15w2h@nxknp.com" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'precheckcar.com' does not match the legitimate domain for Microsoft.", "The domain 'precheckcar.com' does not have any obvious connection to Microsoft, which is suspicious.", "The email address 'a15w2h@nxknp.com' does not appear to be associated with Microsoft, adding to the suspicion." ], "riskscore": 9} Google indexed: False
URL: precheckcar.com Brands: Microsoft Input Fields: a15w2h@nxknp.com

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 44

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	dropped
Size (bytes):	87533
Entropy (8bit):	5.262536918435756
Encrypted:	false
SSDEEP:	1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
MD5:	2C872DBE60F4BA70FB85356113D8B35E
SHA1:	EE48592D1FFF952FCF06CE0B666ED4785493AFDC
SHA-256:	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
SHA-512:	BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
Malicious:	false
Reputation:	low
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Chrome Cache Entry: 45

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	231
Entropy (8bit):	6.725074433303473
Encrypted:	false
SSDEEP:	6:6v/lhPZsRtsa9hC0bKDHv5Ef30XY4qMa3IE6Aleup:6v/76eAhbSHusYX4E3
MD5:	547988BAC5584B4608466D761E16F370
SHA1:	C11BB71049702528402A31027F200184910A7E23
SHA-256:	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
SHA-512:	C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
Malicious:	false
Reputation:	low
URL:	https://precheckcar.com/wp-admin/assets/back.png
Preview:	.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.\|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.

Chrome Cache Entry: 46

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2201), with CRLF line terminators
Category:	downloaded
Size (bytes):	12980
Entropy (8bit):	4.664458760859829
Encrypted:	false
SSDEEP:	192:/IookfMvF7SjdvjIdD6ncY7HF2aBLB/vgk5S/wKev64/9rw3ovYM:QoFcF7yptFKevVuoAM
MD5:	A813808CF478E794200A18D8453C92C0
SHA1:	948B1CE96737D77AB99294BC3737EAEE84D2FA20
SHA-256:	1F9AC9EAE24E1E87EF5395DA34298318DDE8F913B5BE845FB3C2557B1168F6D8
SHA-512:	4D0019228FEF2A7C7AE6D4B1BF06CE33BC9016D8011AC955568DBDCD210DB321C1C53CEE62D43BA313B823685C9D615AC7C4DB90C4A56858CBA6BBD34FEFE5EE
Malicious:	false
Reputation:	low
URL:	https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a
Preview:	<!doctype html>..<html lang="en">....<head>.. Required meta tags -->.. <meta charset="utf-8">.. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">.. Bootstrap CSS -->.. <link href="https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap" rel="stylesheet">.. <link rel="stylesheet" href="./css/main.css">.. <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.0/css/all.css" integrity="sha384-lZN37f5QGtY3VHgisS14W3ExzMWZxybE1SJSEsQp9S+oqd12jhcu+A56Ebc1zFSJ" crossorigin="anonymous">.. <title>Microsoft Office 365</title>.. <script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"></script>.. <style type="text/css">.. .loader {.. /position: absolute;/.. /padding: 30px 0px;/.. width: 40px;.. /margin: -22px;/.. }.... .loader .circle {

Chrome Cache Entry: 47

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:	96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 48

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Category:	dropped
Size (bytes):	17174
Entropy (8bit):	2.9129715116732746
Encrypted:	false
SSDEEP:	24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
MD5:	12E3DAC858061D088023B2BD48E2FA96
SHA1:	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
SHA-256:	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
SHA-512:	C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
Malicious:	false
Reputation:	low
Preview:	..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

Chrome Cache Entry: 49

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	32
Entropy (8bit):	4.413909765557392
Encrypted:	false
SSDEEP:	3:HDEQjnmzth0tYY:djmBgYY
MD5:	B5387F1C4A43D883AC110BCDCDD354FD
SHA1:	7F61D93B882F6148F807195B69B9384B6EACF424
SHA-256:	BD305426D7BDA6F77B30213892F7D05625D7EC3EC4302F8F7BF0223C947D53E3
SHA-512:	27EC7903F6F9EE24A68A039742FF23CDE5399612E18D364ACCBDA9F026F0F2EF09A40E0E730795BCE72D089248A93339C90C1ED96A3563D0530B2CB5AA241FE5
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzQSEAlL9eJIeoTfTRIFDUOlq6USEAn-Bg3tgBiHphIFDUPzdjk=?alt=proto
Preview:	CgkKBw1DpaulGgAKCQoHDUPzdjkaAA==

Chrome Cache Entry: 50

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2544), with CRLF line terminators
Category:	downloaded
Size (bytes):	205606
Entropy (8bit):	4.8898192422706535
Encrypted:	false
SSDEEP:	1536:FEUg5JZG3w8SEYrfcZS788XM1drJB9TEhqt2w3cD51GHR3rXP4bJG3xc9a4xlL8s:3LA8SOI88QcPDIF4gYrfgYrt
MD5:	AAC8B69E537FE275BAFE0C1C8325B682
SHA1:	485680CB6C6E34259980F05A62691E67056CFBAD
SHA-256:	73F341381B5894426D299B1E30698D9ED297D05CDC6683C291E7F3B4C1F5003B
SHA-512:	0F87EF8F8E79F0F50D3BC567659E3DEF1D7490D47D89DC0827B26BD3C01AA7ECAA831B9917747FC3A02A9DBAA50C02A886D780195C2F55CDE81E8B8C9AFCBB8E
Malicious:	false
Reputation:	low
URL:	https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/css/main.css
Preview:	:root {.. --blue: #007bff;.. --indigo: #6610f2;.. --purple: #6f42c1;.. --pink: #e83e8c;.. --red: #dc3545;.. --orange: #fd7e14;.. --yellow: #ffc107;.. --green: #28a745;.. --teal: #20c997;.. --cyan: #17a2b8;.. --white: #fff;.. --gray: #6c757d;.. --gray-dark: #343a40;.. --primary: #007bff;.. --secondary: #6c757d;.. --success: #28a745;.. --info: #17a2b8;.. --warning: #ffc107;.. --danger: #dc3545;.. --light: #f8f9fa;.. --dark: #343a40;.. --breakpoint-xs: 0;.. --breakpoint-sm: 576px;.. --breakpoint-md: 768px;.. --breakpoint-lg: 992px;.. --breakpoint-xl: 1200px;.. --font-family-sans-serif: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";.. --font-family-monospace: SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace..}....*,..::after,..::before {.. box-sizing: border-box..}...

Chrome Cache Entry: 51

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1350
Entropy (8bit):	5.437574579461789
Encrypted:	false
SSDEEP:	24:81/nQOY7a4gwAZzhnQOY7a4g0tJc+u/rnQOY7a4gHwy96cGSSf7:coOEa4gvGOEa4gaJc+uUOEa4gHN0xD
MD5:	048827075038BB29A926100FAC103075
SHA1:	344B5CF6498867A1806DB0287F339B12C00F34B5
SHA-256:	88F23B85D81514D63DA43985D4E8BE67C1D4235E42768EBDC3783F88FB36C1E0
SHA-512:	CFFBB765A48E681EAF3D11CA60999C4886A2CD88CCFCA7B6260AECD880B17ED2764568418D6D4086049D6E0F296BAF33E8F8979017541877F0D96B1AF6A16C6E
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
Preview:	/* vietnamese /.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rHmsJCQ.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./ latin-ext /.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/archivonarrow/v30/tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6rXmsJCQ.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin */.@font-face {. font-family: 'Archivo Narrow';. font-style: normal;. font-weight

Chrome Cache Entry: 52

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Category:	downloaded
Size (bytes):	17174
Entropy (8bit):	2.9129715116732746
Encrypted:	false
SSDEEP:	24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
MD5:	12E3DAC858061D088023B2BD48E2FA96
SHA1:	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
SHA-256:	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
SHA-512:	C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Preview:	..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

Chrome Cache Entry: 53

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	231
Entropy (8bit):	6.725074433303473
Encrypted:	false
SSDEEP:	6:6v/lhPZsRtsa9hC0bKDHv5Ef30XY4qMa3IE6Aleup:6v/76eAhbSHusYX4E3
MD5:	547988BAC5584B4608466D761E16F370
SHA1:	C11BB71049702528402A31027F200184910A7E23
SHA-256:	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
SHA-512:	C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.\|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.

Chrome Cache Entry: 54

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (54456)
Category:	downloaded
Size (bytes):	54641
Entropy (8bit):	4.712564291864468
Encrypted:	false
SSDEEP:	768:SuV31Uz1RPq4NvvU63HJYkQCZ/WMQyjJKp7CzsGnQzU:SuczrC4NnzHSBCkgu7cs1w
MD5:	251D28BD755F5269A4531DF8A81D5664
SHA1:	C0F035B41B23C6E8FAB735F618AA3CFF0897B4F9
SHA-256:	AFDC6BF2DE981FFD7D370B76F44E7580572F197EFBE214B9CFA4005D189D8EAE
SHA-512:	8111F411C21C6011644139DBA4EF24D1696C0F6D31E55CE384E0353A0F3E65402170C502BDDF803C3DF9149C371B31C03F77BE98FDBC61C0C9C55AFBE399681F
Malicious:	false
Reputation:	low
URL:	https://use.fontawesome.com/releases/v5.7.0/css/all.css
Preview:	/!. Font Awesome Free 5.7.0 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-lef

Chrome Cache Entry: 55

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:	96:wO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDm9:wToSBjlevudl9nO
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	87533
Entropy (8bit):	5.262536918435756
Encrypted:	false
SSDEEP:	1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
MD5:	2C872DBE60F4BA70FB85356113D8B35E
SHA1:	EE48592D1FFF952FCF06CE0B666ED4785493AFDC
SHA-256:	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
SHA-512:	BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
Malicious:	false
Reputation:	low
URL:	https://code.jquery.com/jquery-3.7.1.min.js
Preview:	/! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:26:37.475298882 CET	49674	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:37.475400925 CET	49673	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:37.819047928 CET	49672	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:47.082602978 CET	49673	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:47.082679987 CET	49674	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:47.426913977 CET	49672	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:48.622632980 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:48.622672081 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:48.622809887 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:48.623049021 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:48.623059988 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.072252035 CET	443	49698	173.222.162.64	192.168.2.6
Jan 14, 2025 01:26:49.072344065 CET	49698	443	192.168.2.6	173.222.162.64
Jan 14, 2025 01:26:49.294794083 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.295357943 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:49.295372963 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.296924114 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.297589064 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:49.298154116 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:49.298242092 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.350620031 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:49.350626945 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:49.395164013 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:26:50.282618999 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.282669067 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.282725096 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.283056021 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.283090115 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.283135891 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.283297062 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.283308983 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.283526897 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.283541918 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.889978886 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.890523911 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.890558004 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.891448021 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.891860962 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.895849943 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.895903111 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.895915985 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.895930052 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.903661966 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.904098034 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.904119968 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.907689095 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.907776117 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.908104897 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.908269882 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.946646929 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.946676016 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.963274002 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:50.963296890 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:50.994780064 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.007623911 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.291008949 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291069984 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291090012 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291116953 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291141987 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.291167021 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291207075 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291234016 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.291351080 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.291358948 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.291553020 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.295279026 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.309567928 CET	49710	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.309587002 CET	443	49710	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.346782923 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.351248980 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.351274014 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.351387978 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.351635933 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.351644993 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.355320930 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:51.355353117 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:51.355530977 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:51.355748892 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:51.355762005 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:51.391324997 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.523794889 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.523861885 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.523884058 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.523905039 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.523921013 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.523991108 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.524046898 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.570489883 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.588723898 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.588757038 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.588814020 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.588834047 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.588861942 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.588861942 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.613679886 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.613711119 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.613746881 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.613768101 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.613794088 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.613812923 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.614777088 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.614795923 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.614830017 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.614847898 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.653985023 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.654014111 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.654059887 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.654104948 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.679474115 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.679560900 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.704039097 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.704121113 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.704737902 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.704808950 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.705394030 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.705461025 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.706232071 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.706307888 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.707182884 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.707241058 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.719417095 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.719496012 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.760765076 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.769741058 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.769812107 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.769855022 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.769911051 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.773730993 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.773799896 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.794646025 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.794727087 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.795208931 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.795279980 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.795528889 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.795593977 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.795643091 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.795717955 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.796391964 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.796458006 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.797056913 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.797126055 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.797293901 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.797364950 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.798402071 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.798444986 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.798472881 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.798486948 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.798516989 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.798537016 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.812345028 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.812577009 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.812589884 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.813627005 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.813682079 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.814706087 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.814867020 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.814871073 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.814892054 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.835345030 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835393906 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835424900 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.835462093 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835491896 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.835496902 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835510969 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.835530043 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835553885 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.835588932 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.835599899 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835679054 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.835727930 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.837234974 CET	49709	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:51.837268114 CET	443	49709	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:51.866641998 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.866656065 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911281109 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911330938 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.911339045 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911344051 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911389112 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.911400080 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911451101 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911485910 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911487103 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.911495924 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911534071 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.911539078 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911603928 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.911633968 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.911638021 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.912053108 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.912091017 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.912096024 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:51.956506014 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:51.956520081 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000088930 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000119925 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000150919 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.000150919 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000180960 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000190020 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.000207901 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.000256062 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000274897 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000291109 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000314951 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.000325918 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.000335932 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.001713037 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001722097 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001753092 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001770020 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.001776934 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001786947 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001805067 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001817942 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.001817942 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.001828909 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.001837015 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.001844883 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.043620110 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.086841106 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.086854935 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.086904049 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.086908102 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.086935997 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.086949110 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.086954117 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.086962938 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.086987019 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.087790012 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.087805986 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.087841034 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.087848902 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.087877989 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.088680029 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.088723898 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.088731050 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.088756084 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.088762045 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.088788986 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.092531919 CET	49719	443	192.168.2.6	151.101.194.137
Jan 14, 2025 01:26:52.092550039 CET	443	49719	151.101.194.137	192.168.2.6
Jan 14, 2025 01:26:52.110709906 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.110775948 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.110850096 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.111021042 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.111038923 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.119694948 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.119761944 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.119826078 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.120297909 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.120328903 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.173846006 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.174086094 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.174115896 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.175789118 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.175863028 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.176868916 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.176964045 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.177078962 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.177093983 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.225733042 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.428611040 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.428690910 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.428755999 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.428766966 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.428821087 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.431866884 CET	49720	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.431909084 CET	443	49720	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.445794106 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.445831060 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.445885897 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.452168941 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:52.452208042 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:52.586411953 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.589605093 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.589648962 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.591202974 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.591499090 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.591789007 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.591789007 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.591883898 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.632205963 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.632225990 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.677966118 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.692576885 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.692708015 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.692747116 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.692776918 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.692802906 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.692822933 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.692852020 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.693418980 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.693459988 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.693490028 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.693515062 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.693526983 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.693545103 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.694200993 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.694606066 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.694617033 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.709763050 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.709964991 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.709979057 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.731379032 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.731648922 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.731712103 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.732045889 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.732450008 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.732450008 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.732490063 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.732546091 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.758177042 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.773495913 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.783364058 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783438921 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783477068 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783510923 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783540964 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783541918 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.783567905 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.783598900 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.783632994 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.784017086 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784076929 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784111977 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784137964 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.784143925 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784157038 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784262896 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.784914017 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784961939 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.784987926 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.784998894 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.785522938 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.785532951 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.825777054 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.847803116 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847817898 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847883940 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847906113 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.847928047 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847955942 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847970963 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.847986937 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.848017931 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.848089933 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.874600887 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.874620914 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.874774933 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.874802113 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.874845982 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.874902964 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.874902964 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.875905037 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.875925064 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.875967026 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.875992060 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.876003981 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.876029968 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.876071930 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.877281904 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.877296925 CET	443	49727	151.101.130.137	192.168.2.6
Jan 14, 2025 01:26:52.877326965 CET	49727	443	192.168.2.6	151.101.130.137
Jan 14, 2025 01:26:52.974035025 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.974200010 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.975450039 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.975545883 CET	49728	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.975589991 CET	443	49728	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.981301069 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.981400013 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:52.982453108 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.984289885 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:52.984329939 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.248258114 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.248541117 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.248565912 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.249995947 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.250142097 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.250526905 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.250526905 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.250622988 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.301964998 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.301990032 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.304450035 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.304486036 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.304786921 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.304786921 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.304820061 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.364902973 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.511979103 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.512056112 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.512099028 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.512115002 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.512142897 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.512168884 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.512207031 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.513978004 CET	49732	443	192.168.2.6	152.199.21.175
Jan 14, 2025 01:26:53.513998032 CET	443	49732	152.199.21.175	192.168.2.6
Jan 14, 2025 01:26:53.569148064 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.569519997 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.569550037 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.570240974 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.570580006 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.570672989 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.570723057 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.611375093 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.820344925 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.820563078 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.820636034 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:53.941427946 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:53.988362074 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.141360998 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.141392946 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.142585039 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.142661095 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.200634003 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.200772047 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.208657026 CET	49739	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.208687067 CET	443	49739	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.220160007 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.220201969 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.275171041 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.415836096 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.416081905 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:54.416138887 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.417427063 CET	49740	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:26:54.417449951 CET	443	49740	162.241.2.40	192.168.2.6
Jan 14, 2025 01:26:59.193283081 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:59.193408012 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:26:59.193455935 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:27:00.772452116 CET	49706	443	192.168.2.6	142.250.186.100
Jan 14, 2025 01:27:00.772480965 CET	443	49706	142.250.186.100	192.168.2.6
Jan 14, 2025 01:27:18.457135916 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457237959 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:18.457273960 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457336903 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457372904 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:18.457458973 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457602024 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457628965 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:18.457734108 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:18.457760096 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.045891047 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.046188116 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:19.046253920 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.046667099 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.047034979 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:19.047112942 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.047264099 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:19.049659967 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.049938917 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:19.050003052 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.050502062 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.050817013 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:19.050909996 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.087368011 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:19.100553989 CET	49908	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:20.159888983 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:20.160048962 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:20.161082029 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:20.161149025 CET	443	49909	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:20.161201954 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:20.161240101 CET	49909	443	192.168.2.6	162.241.2.40
Jan 14, 2025 01:27:29.225613117 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:29.225795031 CET	443	49908	162.241.2.40	192.168.2.6
Jan 14, 2025 01:27:29.225997925 CET	49908	443	192.168.2.6	162.241.2.40

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:26:44.592437029 CET	53	63830	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:44.617330074 CET	53	64191	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:45.617733002 CET	53	55291	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:48.614979982 CET	53578	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:48.614979982 CET	52003	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:48.621635914 CET	53	52003	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:48.621717930 CET	53	53578	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:49.968208075 CET	59560	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:49.968671083 CET	53197	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:50.274523020 CET	53	59560	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:50.282079935 CET	53	53197	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:51.340691090 CET	57213	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.341078043 CET	51819	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.341078043 CET	62211	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.342066050 CET	49548	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.342066050 CET	63082	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.345951080 CET	56535	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:51.347388029 CET	53	62445	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:51.348119974 CET	53	62211	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:51.348737001 CET	53	63082	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:51.348747015 CET	53	49548	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:51.353691101 CET	53	56535	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.103341103 CET	63773	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:52.103471994 CET	50718	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:52.110097885 CET	53	63773	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.110398054 CET	53	50718	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.426079035 CET	53	54169	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.435972929 CET	52841	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:52.436182976 CET	57424	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:52.442871094 CET	53	52841	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.443516016 CET	53	57424	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:52.982517958 CET	59858	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:52.982964993 CET	64804	53	192.168.2.6	1.1.1.1
Jan 14, 2025 01:26:53.287575960 CET	53	64804	1.1.1.1	192.168.2.6
Jan 14, 2025 01:26:53.302860022 CET	53	59858	1.1.1.1	192.168.2.6
Jan 14, 2025 01:27:02.653918028 CET	53	62596	1.1.1.1	192.168.2.6
Jan 14, 2025 01:27:21.513607025 CET	53	55184	1.1.1.1	192.168.2.6

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 14, 2025 01:26:51.368594885 CET	192.168.2.6	1.1.1.1	c2de	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 14, 2025 01:26:48.614979982 CET	192.168.2.6	1.1.1.1	0x4c93	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:48.614979982 CET	192.168.2.6	1.1.1.1	0x6236	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 14, 2025 01:26:49.968208075 CET	192.168.2.6	1.1.1.1	0x4e9a	Standard query (0)	precheckcar.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:49.968671083 CET	192.168.2.6	1.1.1.1	0x3d17	Standard query (0)	precheckcar.com	65	IN (0x0001)	false
Jan 14, 2025 01:26:51.340691090 CET	192.168.2.6	1.1.1.1	0x2509	Standard query (0)	use.fontawesome.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.341078043 CET	192.168.2.6	1.1.1.1	0x6ae	Standard query (0)	use.fontawesome.com	65	IN (0x0001)	false
Jan 14, 2025 01:26:51.341078043 CET	192.168.2.6	1.1.1.1	0xa5bf	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.342066050 CET	192.168.2.6	1.1.1.1	0x89dc	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 14, 2025 01:26:51.342066050 CET	192.168.2.6	1.1.1.1	0xad99	Standard query (0)	aadcdn.msftauth.net	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.345951080 CET	192.168.2.6	1.1.1.1	0xb2ec	Standard query (0)	aadcdn.msftauth.net	65	IN (0x0001)	false
Jan 14, 2025 01:26:52.103341103 CET	192.168.2.6	1.1.1.1	0xd37b	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.103471994 CET	192.168.2.6	1.1.1.1	0xa9d	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 14, 2025 01:26:52.435972929 CET	192.168.2.6	1.1.1.1	0x7aff	Standard query (0)	aadcdn.msftauth.net	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.436182976 CET	192.168.2.6	1.1.1.1	0xde25	Standard query (0)	aadcdn.msftauth.net	65	IN (0x0001)	false
Jan 14, 2025 01:26:52.982517958 CET	192.168.2.6	1.1.1.1	0x72f8	Standard query (0)	precheckcar.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.982964993 CET	192.168.2.6	1.1.1.1	0x44	Standard query (0)	precheckcar.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 14, 2025 01:26:48.621635914 CET	1.1.1.1	192.168.2.6	0x6236	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 14, 2025 01:26:48.621717930 CET	1.1.1.1	192.168.2.6	0x4c93	No error (0)	www.google.com		142.250.186.100	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:50.274523020 CET	1.1.1.1	192.168.2.6	0x4e9a	No error (0)	precheckcar.com		162.241.2.40	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.347229004 CET	1.1.1.1	192.168.2.6	0x2509	No error (0)	use.fontawesome.com	use.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.347748995 CET	1.1.1.1	192.168.2.6	0x6ae	No error (0)	use.fontawesome.com	use.fontawesome.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348119974 CET	1.1.1.1	192.168.2.6	0xa5bf	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348119974 CET	1.1.1.1	192.168.2.6	0xa5bf	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348119974 CET	1.1.1.1	192.168.2.6	0xa5bf	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348119974 CET	1.1.1.1	192.168.2.6	0xa5bf	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348737001 CET	1.1.1.1	192.168.2.6	0xad99	No error (0)	aadcdn.msftauth.net	scdn38e6f.wpc.9be8f.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348737001 CET	1.1.1.1	192.168.2.6	0xad99	No error (0)	scdn38e6f.wpc.9be8f.omegacdn.net	sni1gl.wpc.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.348737001 CET	1.1.1.1	192.168.2.6	0xad99	No error (0)	sni1gl.wpc.omegacdn.net		152.199.21.175	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.353533030 CET	1.1.1.1	192.168.2.6	0x4f4f	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	s-part-0017.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.353533030 CET	1.1.1.1	192.168.2.6	0x4f4f	No error (0)	s-part-0017.t-0009.t-msedge.net		13.107.246.45	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:51.353691101 CET	1.1.1.1	192.168.2.6	0xb2ec	No error (0)	aadcdn.msftauth.net	scdn38e6f.wpc.9be8f.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:51.353691101 CET	1.1.1.1	192.168.2.6	0xb2ec	No error (0)	scdn38e6f.wpc.9be8f.omegacdn.net	sni1gl.wpc.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:52.110097885 CET	1.1.1.1	192.168.2.6	0xd37b	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.110097885 CET	1.1.1.1	192.168.2.6	0xd37b	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.110097885 CET	1.1.1.1	192.168.2.6	0xd37b	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.110097885 CET	1.1.1.1	192.168.2.6	0xd37b	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.126763105 CET	1.1.1.1	192.168.2.6	0x2cf6	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	s-part-0017.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:52.126763105 CET	1.1.1.1	192.168.2.6	0x2cf6	No error (0)	s-part-0017.t-0009.t-msedge.net		13.107.246.45	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.442871094 CET	1.1.1.1	192.168.2.6	0x7aff	No error (0)	aadcdn.msftauth.net	scdn38e6f.wpc.9be8f.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:52.442871094 CET	1.1.1.1	192.168.2.6	0x7aff	No error (0)	scdn38e6f.wpc.9be8f.omegacdn.net	sni1gl.wpc.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:52.442871094 CET	1.1.1.1	192.168.2.6	0x7aff	No error (0)	sni1gl.wpc.omegacdn.net		152.199.21.175	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:26:52.443516016 CET	1.1.1.1	192.168.2.6	0xde25	No error (0)	aadcdn.msftauth.net	scdn38e6f.wpc.9be8f.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:52.443516016 CET	1.1.1.1	192.168.2.6	0xde25	No error (0)	scdn38e6f.wpc.9be8f.omegacdn.net	sni1gl.wpc.omegacdn.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 14, 2025 01:26:53.302860022 CET	1.1.1.1	192.168.2.6	0x72f8	No error (0)	precheckcar.com		162.241.2.40	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

precheckcar.com

https:

code.jquery.com

aadcdn.msftauth.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49710	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:50 UTC	744	OUT	GET /wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a HTTP/1.1 Host: precheckcar.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:26:51 UTC	272	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 00:26:51 GMT Server: Apache Set-Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3; path=/ Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2025-01-14 00:26:51 UTC	7920	IN	Data Raw: 32 64 38 65 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 21 2d 2d 20 52 65 71 75 69 72 65 64 20 6d 65 74 61 20 74 61 67 73 20 2d 2d 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0d 0a 20 20 20 20 3c 21 2d 2d 20 42 6f 6f 74 73 74 72 61 70 20 43 53 53 20 2d 2d 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f Data Ascii: 2d8e<!doctype html><html lang="en"><head> ... Required meta tags --> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> ... Bootstrap CSS --> <link href="https:/
2025-01-14 00:26:51 UTC	3748	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 72 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 72 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 61 64 65 72 20 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 6c 65 22 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 6c 65 22 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: <br> <br> <div class="loader "> <div class="circle"></div> <div class="circle"></div>
2025-01-14 00:26:51 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2025-01-14 00:26:51 UTC	1330	IN	Data Raw: 35 32 36 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 24 28 27 69 6e 70 75 74 5b 6e 61 6d 65 3d 22 61 69 22 5d 27 29 2e 6f 6e 28 27 69 6e 70 75 74 27 2c 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 21 24 28 74 68 69 73 29 2e 76 61 6c 28 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 27 23 65 72 72 6f 72 2d 61 69 27 29 2e 73 68 6f 77 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 27 23 65 72 72 6f 72 2d 61 69 27 29 2e 68 69 64 65 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 3b 0d Data Ascii: 526 $('input[name="ai"]').on('input', function() { if (!$(this).val()) { $('#error-ai').show(); } else { $('#error-ai').hide(); } });

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49709	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:51 UTC	717	OUT	GET /wp-admin/common/oauth2/v2.0/authorize/css/main.css HTTP/1.1 Host: precheckcar.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
2025-01-14 00:26:51 UTC	256	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 00:26:51 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 09 Jan 2025 07:17:28 GMT Accept-Ranges: bytes Content-Length: 205606 Vary: Accept-Encoding Content-Type: text/css
2025-01-14 00:26:51 UTC	7936	IN	Data Raw: 3a 72 6f 6f 74 20 7b 0d 0a 20 20 20 20 2d 2d 62 6c 75 65 3a 20 23 30 30 37 62 66 66 3b 0d 0a 20 20 20 20 2d 2d 69 6e 64 69 67 6f 3a 20 23 36 36 31 30 66 32 3b 0d 0a 20 20 20 20 2d 2d 70 75 72 70 6c 65 3a 20 23 36 66 34 32 63 31 3b 0d 0a 20 20 20 20 2d 2d 70 69 6e 6b 3a 20 23 65 38 33 65 38 63 3b 0d 0a 20 20 20 20 2d 2d 72 65 64 3a 20 23 64 63 33 35 34 35 3b 0d 0a 20 20 20 20 2d 2d 6f 72 61 6e 67 65 3a 20 23 66 64 37 65 31 34 3b 0d 0a 20 20 20 20 2d 2d 79 65 6c 6c 6f 77 3a 20 23 66 66 63 31 30 37 3b 0d 0a 20 20 20 20 2d 2d 67 72 65 65 6e 3a 20 23 32 38 61 37 34 35 3b 0d 0a 20 20 20 20 2d 2d 74 65 61 6c 3a 20 23 32 30 63 39 39 37 3b 0d 0a 20 20 20 20 2d 2d 63 79 61 6e 3a 20 23 31 37 61 32 62 38 3b 0d 0a 20 20 20 20 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 3b Data Ascii: :root { --blue: #007bff; --indigo: #6610f2; --purple: #6f42c1; --pink: #e83e8c; --red: #dc3545; --orange: #fd7e14; --yellow: #ffc107; --green: #28a745; --teal: #20c997; --cyan: #17a2b8; --white: #fff;
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 2d 62 75 74 74 6f 6e 20 7b 0d 0a 20 20 20 20 68 65 69 67 68 74 3a 20 61 75 74 6f 0d 0a 7d 0d 0a 0d 0a 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 20 7b 0d 0a 20 20 20 20 6f 75 74 6c 69 6e 65 2d 6f 66 66 73 65 74 3a 20 2d 32 70 78 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 63 61 6e 63 65 6c 2d 62 75 74 74 6f 6e 2c 0d 0a 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 61 72 63 68 2d 64 65 63 6f 72 61 74 69 6f 6e 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 3a 3a 2d 77 65 62 6b 69 74 2d 66 69 6c 65 2d 75 70 Data Ascii: -button { height: auto}[type=search] { outline-offset: -2px; -webkit-appearance: none}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration { -webkit-appearance: none}::-webkit-file-up
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 20 31 31 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 31 30 3b 0d 0a 20 20 20 20 6f 72 64 65 72 3a 20 31 30 0d 0a 7d 0d 0a 0d 0a 2e 6f 72 64 65 72 2d 31 31 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 20 31 32 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 31 31 3b 0d 0a 20 20 20 20 6f 72 64 65 72 3a 20 31 31 0d 0a 7d 0d 0a 0d 0a 2e 6f 72 64 65 72 2d 31 32 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 20 31 33 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 31 32 3b 0d 0a 20 20 20 20 6f 72 64 65 72 Data Ascii: -webkit-box-ordinal-group: 11; -ms-flex-order: 10; order: 10}.order-11 { -webkit-box-ordinal-group: 12; -ms-flex-order: 11; order: 11}.order-12 { -webkit-box-ordinal-group: 13; -ms-flex-order: 12; order
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 20 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 32 3b 0d 0a 20 20 20 20 20 20 20 20 6f 72 64 65 72 3a 20 32 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2e 6f 72 64 65 72 2d 6d 64 2d 33 20 7b 0d 0a 20 20 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 20 34 3b 0d 0a 20 20 20 20 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 33 3b 0d 0a 20 20 20 20 20 20 20 20 6f 72 64 65 72 3a 20 33 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2e 6f 72 64 65 72 2d 6d 64 2d 34 20 7b 0d 0a 20 20 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 20 35 3b 0d 0a 20 20 20 20 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 20 34 3b 0d 0a 20 20 20 20 Data Ascii: -ms-flex-order: 2; order: 2 } .order-md-3 { -webkit-box-ordinal-group: 4; -ms-flex-order: 3; order: 3 } .order-md-4 { -webkit-box-ordinal-group: 5; -ms-flex-order: 4;
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 36 36 36 36 36 37 25 3b 0d 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 36 36 2e 36 36 36 36 36 37 25 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2e 63 6f 6c 2d 78 6c 2d 39 20 7b 0d 0a 20 20 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 20 30 3b 0d 0a 20 20 20 20 20 20 20 20 2d 6d 73 2d 66 6c 65 78 3a 20 30 20 30 20 37 35 25 3b 0d 0a 20 20 20 20 20 20 20 20 66 6c 65 78 3a 20 30 20 30 20 37 35 25 3b 0d 0a 20 20 20 20 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 37 35 25 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2e 63 6f 6c 2d 78 6c 2d 31 30 20 7b 0d 0a 20 20 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 20 30 3b 0d 0a 20 20 20 20 20 20 20 20 2d 6d 73 2d 66 6c 65 78 3a 20 30 20 30 20 38 33 2e Data Ascii: 666667%; max-width: 66.666667% } .col-xl-9 { -webkit-box-flex: 0; -ms-flex: 0 0 75%; flex: 0 0 75%; max-width: 75% } .col-xl-10 { -webkit-box-flex: 0; -ms-flex: 0 0 83.
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 7b 0d 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 3a 20 30 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 31 31 39 39 2e 39 38 70 78 29 20 7b 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 2d 78 6c 20 7b 0d 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0d 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 2d 78 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 6f 76 65 72 66 6c 6f 77 2d 73 63 72 6f 6c 6c 69 6e 67 3a 20 74 6f 75 63 68 3b 0d 0a 20 20 20 20 20 20 20 20 2d 6d 73 2d 6f 76 65 72 66 6c 6f 77 2d 73 74 79 6c 65 3a 20 2d Data Ascii: able-bordered { border: 0 }}@media (max-width:1199.98px) { .table-responsive-xl { display: block; width: 100%; overflow-x: auto; -webkit-overflow-scrolling: touch; -ms-overflow-style: -
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 6e 74 72 6f 6c 2d 6c 61 62 65 6c 2c 0d 0a 2e 77 61 73 2d 76 61 6c 69 64 61 74 65 64 20 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 3a 76 61 6c 69 64 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 38 61 37 34 35 0d 0a 7d 0d 0a 0d 0a 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 2e 69 73 2d 76 61 6c 69 64 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 3a 3a 62 65 66 6f 72 65 2c 0d 0a 2e 77 61 73 2d 76 61 6c 69 64 61 74 65 64 20 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 3a 76 61 6c 69 64 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 3a 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 Data Ascii: ntrol-label,.was-validated .custom-control-input:valid~.custom-control-label { color: #28a745}.custom-control-input.is-valid~.custom-control-label::before,.was-validated .custom-control-input:valid~.custom-control-label::before { backg
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 0d 0a 7d 0d 0a 0d 0a 2e 62 74 6e 2e 66 6f 63 75 73 2c 0d 0a 2e 62 74 6e 3a 66 6f 63 75 73 20 7b 0d 0a 20 20 20 20 6f 75 74 6c 69 6e 65 3a 20 30 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 20 2e 32 72 65 6d 20 72 67 62 61 28 30 2c 20 31 32 33 2c 20 32 35 35 2c 20 2e 32 35 29 0d 0a 7d 0d 0a 0d 0a 2e 62 74 6e 2e 64 69 73 61 62 6c 65 64 2c 0d 0a 2e 62 74 6e 3a 64 69 73 61 62 6c 65 64 20 7b 0d 0a 20 20 20 20 6f 70 61 63 69 74 79 3a 20 2e 36 35 0d 0a 7d 0d 0a 0d 0a 2e 62 74 6e 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 20 7b 0d 0a 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 0d 0a 7d 0d 0a 0d 0a 2e 62 74 6e 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 Data Ascii: }.btn.focus,.btn:focus { outline: 0; box-shadow: 0 0 0 .2rem rgba(0, 123, 255, .25)}.btn.disabled,.btn:disabled { opacity: .65}.btn:not(:disabled):not(.disabled) { cursor: pointer}.btn:not(:disabled):not(.di
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 74 6f 67 67 6c 65 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 30 30 37 62 66 66 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 30 30 37 62 66 66 0d 0a 7d 0d 0a 0d 0a 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 0d 0a 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 0d 0a 2e 73 68 6f 77 3e 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 2e 64 72 6f 70 Data Ascii: toggle { color: #fff; background-color: #007bff; border-color: #007bff}.btn-outline-primary:not(:disabled):not(.disabled).active:focus,.btn-outline-primary:not(:disabled):not(.disabled):active:focus,.show>.btn-outline-primary.drop
2025-01-14 00:26:51 UTC	8000	IN	Data Raw: 63 6b 2c 0d 0a 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2e 62 74 6e 2d 62 6c 6f 63 6b 2c 0d 0a 69 6e 70 75 74 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 2e 62 74 6e 2d 62 6c 6f 63 6b 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 0d 0a 7d 0d 0a 0d 0a 2e 66 61 64 65 20 7b 0d 0a 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 3b 0d 0a 20 20 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 6f 70 61 63 69 74 79 20 2e 31 35 73 20 6c 69 6e 65 61 72 0d 0a 7d 0d 0a 0d 0a 2e 66 61 64 65 2e 73 68 6f 77 20 7b 0d 0a 20 20 20 20 6f 70 61 63 69 74 79 3a 20 31 0d 0a 7d 0d 0a 0d 0a 2e 63 6f 6c 6c 61 70 73 65 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 2e 63 6f 6c 6c 61 70 73 65 2e 73 68 6f 77 20 7b 0d 0a 20 20 20 20 64 69 73 70 Data Ascii: ck,input[type=reset].btn-block,input[type=submit].btn-block { width: 100%}.fade { opacity: 0; transition: opacity .15s linear}.fade.show { opacity: 1}.collapse { display: none}.collapse.show { disp

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49719	151.101.194.137	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:51 UTC	563	OUT	GET /jquery-3.7.1.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://precheckcar.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://precheckcar.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:26:51 UTC	613	IN	HTTP/1.1 200 OK Connection: close Content-Length: 87533 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-155ed" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Tue, 14 Jan 2025 00:26:51 GMT Age: 1873198 X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740048-EWR X-Cache: HIT, HIT X-Cache-Hits: 1516, 1 X-Timer: S1736814412.867686,VS0,VE1 Vary: Accept-Encoding
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 Data Ascii: /! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 63 65 2e 66 6e 3d 63 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 6a 71 75 65 72 79 3a 74 2c 63 6f 6e 73 74 72 75 63 74 6f 72 3a 63 65 2c 6c 65 6e 67 74 68 3a 30 2c 74 6f 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e Data Ascii: ==t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 22 2b 28 74 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2e 72 65 70 6c 61 63 65 28 2f 5c 44 2f 67 2c 22 22 29 2c 69 73 52 65 61 64 79 3a 21 30 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 65 29 7d 2c 6e 6f 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 69 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 75 65 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 Data Ascii: "+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==i.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=ue.call(t,"constructor")&&t.constructor
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 74 75 72 6e 20 67 28 61 29 7d 2c 67 75 69 64 3a 31 2c 73 75 70 70 6f 72 74 3a 6c 65 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 63 65 2e 66 6e 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 6f 65 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 29 2c 63 65 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 20 53 79 6d 62 6f 6c 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 6e 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 74 2b 22 5d 22 5d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 3b 76 61 72 20 70 65 3d 6f 65 2e Data Ascii: turn g(a)},guid:1,support:le}),"function"==typeof Symbol&&(ce.fn[Symbol.iterator]=oe[Symbol.iterator]),ce.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var pe=oe.
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 2c 22 2b 67 65 2b 22 2a 22 29 2c 6d 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 28 5b 3e 2b 7e 5d 7c 22 2b 67 65 2b 22 29 22 2b 67 65 2b 22 2a 22 29 2c 78 3d 6e 65 77 20 52 65 67 45 78 70 28 67 65 2b 22 7c 3e 22 29 2c 6a 3d 6e 65 77 20 52 65 67 45 78 70 28 67 29 2c 41 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 74 2b 22 24 22 29 2c 44 3d 7b 49 44 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 23 28 22 2b 74 2b 22 29 22 29 2c 43 4c 41 53 53 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 2e 28 22 2b 74 2b 22 29 22 29 2c 54 41 47 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 74 2b 22 7c 5b 2a 5d 29 22 29 2c 41 54 54 52 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 70 29 2c 50 53 45 55 44 4f Data Ascii: gExp("^"+ge+","+ge+""),m=new RegExp("^"+ge+"([>+~]\|"+ge+")"+ge+""),x=new RegExp(ge+"\|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"\|[*])"),ATTR:new RegExp("^"+p),PSEUDO
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 26 28 75 3d 4c 2e 65 78 65 63 28 74 29 29 29 69 66 28 69 3d 75 5b 31 5d 29 7b 69 66 28 39 3d 3d 3d 70 29 7b 69 66 28 21 28 61 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 20 69 66 28 66 26 26 28 61 3d 66 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 61 29 26 26 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 7b 69 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75 Data Ascii: &(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 65 29 3d 3d 3d 74 3a 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 3a 22 6c 61 62 65 6c 22 69 6e 20 65 26 26 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 58 28 61 29 7b 72 65 74 75 72 6e 20 46 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 2b 6f 2c 46 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 Data Ascii: e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByT
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 3b 69 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 65 29 2c 72 3d 30 3b 77 68 69 6c 65 28 6f 3d 69 5b 72 2b 2b 5d 29 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 7d 72 65 74 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 Data Ascii: ((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTa
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 6c 65 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 3d 54 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 65 29 3f 2d 31 3a 74 3d 3d 3d 54 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 74 29 3f 31 3a 6f 3f 73 65 2e 63 61 6c 6c 28 6f 2c 65 29 2d 73 65 2e 63 61 6c 6c 28 6f 2c 74 29 3a 30 3a 34 26 Data Ascii: =(e.ownerDocument\|\|e)==(t.ownerDocument\|\|t)?e.compareDocumentPosition(t):1)\|\|!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T\|\|e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T\|\|t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&
2025-01-14 00:26:51 UTC	1378	IN	Data Raw: 72 3a 7b 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 65 5b 33 5d 3d 28 65 5b 33 5d 7c 7c 65 5b 34 5d 7c 7c 65 5b 35 5d 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 22 7e 3d 22 3d 3d 3d 65 5b 32 5d 26 26 28 65 5b 33 5d 3d 22 20 22 2b 65 5b 33 5d 2b 22 20 22 29 2c 65 2e 73 6c 69 63 65 28 30 2c 34 29 7d 2c 43 48 49 4c 44 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 6e 74 68 22 3d 3d 3d 65 5b 31 5d 2e 73 6c 69 63 65 28 30 2c 33 29 3f 28 65 5b 33 5d 7c 7c 49 2e 65 72 72 6f 72 28 65 5b 30 5d 29 2c 65 5b 34 5d 3d 2b 28 65 5b 34 5d 3f 65 5b 35 5d 2b 28 65 5b 36 5d 7c Data Ascii: r:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]\|\|e[4]\|\|e[5]\|\|"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]\|\|I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49720	152.199.21.175	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:52 UTC	655	OUT	GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1 Host: aadcdn.msftauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://precheckcar.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:26:52 UTC	738	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Age: 25555535 Cache-Control: public, max-age=31536000 Content-MD5: nzaLxFgP7ZB3dfMcaybWzw== Content-Type: image/svg+xml Date: Tue, 14 Jan 2025 00:26:52 GMT Etag: 0x8DB5C3F495F4B8C Last-Modified: Wed, 24 May 2023 10:11:48 GMT Server: ECAcc (lhc/7892) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 002cd9d5-201e-00e1-69ad-7d6453000000 x-ms-version: 2009-09-19 Content-Length: 3651 Connection: close
2025-01-14 00:26:52 UTC	3651	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49727	151.101.130.137	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:52 UTC	358	OUT	GET /jquery-3.7.1.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:26:52 UTC	613	IN	HTTP/1.1 200 OK Connection: close Content-Length: 87533 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-155ed" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Tue, 14 Jan 2025 00:26:52 GMT Age: 1873199 X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740067-EWR X-Cache: HIT, HIT X-Cache-Hits: 1516, 6 X-Timer: S1736814413.647937,VS0,VE0 Vary: Accept-Encoding
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 Data Ascii: /! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 63 65 2e 66 6e 3d 63 65 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 6a 71 75 65 72 79 3a 74 2c 63 6f 6e 73 74 72 75 63 74 6f 72 3a 63 65 2c 6c 65 6e 67 74 68 3a 30 2c 74 6f 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 61 65 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 63 65 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e Data Ascii: ==t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 22 2b 28 74 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2e 72 65 70 6c 61 63 65 28 2f 5c 44 2f 67 2c 22 22 29 2c 69 73 52 65 61 64 79 3a 21 30 2c 65 72 72 6f 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 65 29 7d 2c 6e 6f 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 69 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 75 65 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 Data Ascii: "+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e\|\|"[object Object]"!==i.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=ue.call(t,"constructor")&&t.constructor
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 74 75 72 6e 20 67 28 61 29 7d 2c 67 75 69 64 3a 31 2c 73 75 70 70 6f 72 74 3a 6c 65 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 63 65 2e 66 6e 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 6f 65 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 29 2c 63 65 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 20 53 79 6d 62 6f 6c 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 6e 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 74 2b 22 5d 22 5d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 3b 76 61 72 20 70 65 3d 6f 65 2e Data Ascii: turn g(a)},guid:1,support:le}),"function"==typeof Symbol&&(ce.fn[Symbol.iterator]=oe[Symbol.iterator]),ce.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var pe=oe.
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 2c 22 2b 67 65 2b 22 2a 22 29 2c 6d 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 67 65 2b 22 2a 28 5b 3e 2b 7e 5d 7c 22 2b 67 65 2b 22 29 22 2b 67 65 2b 22 2a 22 29 2c 78 3d 6e 65 77 20 52 65 67 45 78 70 28 67 65 2b 22 7c 3e 22 29 2c 6a 3d 6e 65 77 20 52 65 67 45 78 70 28 67 29 2c 41 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 74 2b 22 24 22 29 2c 44 3d 7b 49 44 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 23 28 22 2b 74 2b 22 29 22 29 2c 43 4c 41 53 53 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 5c 5c 2e 28 22 2b 74 2b 22 29 22 29 2c 54 41 47 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 74 2b 22 7c 5b 2a 5d 29 22 29 2c 41 54 54 52 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 70 29 2c 50 53 45 55 44 4f Data Ascii: gExp("^"+ge+","+ge+""),m=new RegExp("^"+ge+"([>+~]\|"+ge+")"+ge+""),x=new RegExp(ge+"\|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"\|[*])"),ATTR:new RegExp("^"+p),PSEUDO
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 26 28 75 3d 4c 2e 65 78 65 63 28 74 29 29 29 69 66 28 69 3d 75 5b 31 5d 29 7b 69 66 28 39 3d 3d 3d 70 29 7b 69 66 28 21 28 61 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 29 72 65 74 75 72 6e 20 6e 3b 69 66 28 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 20 69 66 28 66 26 26 28 61 3d 66 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 69 29 29 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 65 2c 61 29 26 26 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6b 2e 63 61 6c 6c 28 6e 2c 61 29 2c 6e 7d 65 6c 73 65 7b 69 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 6b 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75 Data Ascii: &(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 65 29 3d 3d 3d 74 3a 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 3a 22 6c 61 62 65 6c 22 69 6e 20 65 26 26 65 2e 64 69 73 61 62 6c 65 64 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 58 28 61 29 7b 72 65 74 75 72 6e 20 46 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 2b 6f 2c 46 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 55 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 Data Ascii: e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByT
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 3b 69 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 4e 61 6d 65 28 65 29 2c 72 3d 30 3b 77 68 69 6c 65 28 6f 3d 69 5b 72 2b 2b 5d 29 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 29 26 26 6e 2e 76 61 6c 75 65 3d 3d 3d 65 29 72 65 74 75 72 6e 5b 6f 5d 7d 72 65 74 75 72 6e 5b 5d 7d 7d 29 2c 62 2e 66 69 6e 64 2e 54 41 47 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3f 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 Data Ascii: ((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTa
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 6c 65 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 3d 54 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 65 29 3f 2d 31 3a 74 3d 3d 3d 54 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 79 65 26 26 49 2e 63 6f 6e 74 61 69 6e 73 28 79 65 2c 74 29 3f 31 3a 6f 3f 73 65 2e 63 61 6c 6c 28 6f 2c 65 29 2d 73 65 2e 63 61 6c 6c 28 6f 2c 74 29 3a 30 3a 34 26 Data Ascii: =(e.ownerDocument\|\|e)==(t.ownerDocument\|\|t)?e.compareDocumentPosition(t):1)\|\|!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T\|\|e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T\|\|t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&
2025-01-14 00:26:52 UTC	1378	IN	Data Raw: 72 3a 7b 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 65 5b 33 5d 3d 28 65 5b 33 5d 7c 7c 65 5b 34 5d 7c 7c 65 5b 35 5d 7c 7c 22 22 29 2e 72 65 70 6c 61 63 65 28 4f 2c 50 29 2c 22 7e 3d 22 3d 3d 3d 65 5b 32 5d 26 26 28 65 5b 33 5d 3d 22 20 22 2b 65 5b 33 5d 2b 22 20 22 29 2c 65 2e 73 6c 69 63 65 28 30 2c 34 29 7d 2c 43 48 49 4c 44 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 31 5d 3d 65 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 22 6e 74 68 22 3d 3d 3d 65 5b 31 5d 2e 73 6c 69 63 65 28 30 2c 33 29 3f 28 65 5b 33 5d 7c 7c 49 2e 65 72 72 6f 72 28 65 5b 30 5d 29 2c 65 5b 34 5d 3d 2b 28 65 5b 34 5d 3f 65 5b 35 5d 2b 28 65 5b 36 5d 7c Data Ascii: r:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]\|\|e[4]\|\|e[5]\|\|"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]\|\|I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49728	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:52 UTC	737	OUT	GET /wp-admin/assets/back.png HTTP/1.1 Host: precheckcar.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
2025-01-14 00:26:52 UTC	231	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 00:26:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 20 Mar 2023 11:20:18 GMT Accept-Ranges: bytes Content-Length: 231 Content-Type: image/png
2025-01-14 00:26:52 UTC	231	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 a1 49 44 41 54 48 4b ed 93 b1 0d 02 31 10 04 e7 5a a0 0c aa b8 12 a8 80 9c 2e 20 23 24 23 a5 94 2d e1 cb 20 24 24 33 b2 f4 48 1f 80 cf bc 71 80 78 a7 3e ed 78 c7 b6 d1 79 59 e7 7c 16 40 68 f8 8f 14 b9 fb 05 18 24 9d 42 2f 93 81 2a 45 63 f8 0a d8 4a ba 7d 15 d0 12 9e 0f 52 6c d0 1a 5e 04 8c e1 1b e0 0c dc 23 2d 92 0e af 66 de 36 70 f7 63 4a 69 67 66 b5 80 fd 47 80 3c 9c 21 c0 7a ce e5 3e 61 e1 2b 6a 85 84 80 d6 26 55 80 09 e4 da e5 a3 45 2f a8 b4 5f dd 60 2e 64 01 84 e6 7e 5f d1 03 bf ca 37 19 0c 18 34 60 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRw=sRGBIDATHK1Z. #$#- $$3Hqx>xyY\|@h$B/*EcJ}Rl^#-f6pcJigfG<!z>a+j&UE/_`.d~_74`IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49732	152.199.21.175	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:53 UTC	420	OUT	GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1 Host: aadcdn.msftauth.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:26:53 UTC	738	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Age: 25555536 Cache-Control: public, max-age=31536000 Content-MD5: nzaLxFgP7ZB3dfMcaybWzw== Content-Type: image/svg+xml Date: Tue, 14 Jan 2025 00:26:53 GMT Etag: 0x8DB5C3F495F4B8C Last-Modified: Wed, 24 May 2023 10:11:48 GMT Server: ECAcc (lhc/7892) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 002cd9d5-201e-00e1-69ad-7d6453000000 x-ms-version: 2009-09-19 Content-Length: 3651 Connection: close
2025-01-14 00:26:53 UTC	3651	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 31 30 38 22 20 68 65 69 67 68 74 3d 22 32 34 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 30 38 20 32 34 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 70 61 74 68 20 64 3d 22 4d 34 34 2e 38 33 36 2c 34 2e 36 56 31 38 2e 34 68 2d 32 2e 34 56 37 2e 35 38 33 48 34 32 2e 34 4c 33 38 2e 31 31 39 2c 31 38 2e 34 48 33 36 2e 35 33 31 4c 33 32 2e 31 34 32 2c 37 2e 35 38 33 68 2d 2e 30 32 39 56 31 38 2e 34 48 32 39 2e 39 56 34 2e 36 68 33 2e 34 33 36 4c 33 37 2e 33 2c 31 34 2e 38 33 68 2e 30 35 38 4c 34 31 2e 35 34 35 2c 34 2e 36 5a 6d 32 2c 31 2e 30 34 39 61 31 2e 32 36 38 2c 31 2e 32 36 38 2c 30 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49739	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:53 UTC	724	OUT	GET /favicon.ico HTTP/1.1 Host: precheckcar.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
2025-01-14 00:26:53 UTC	195	IN	HTTP/1.1 500 Internal Server Error Date: Tue, 14 Jan 2025 00:26:53 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=utf-8

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49740	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:26:54 UTC	415	OUT	GET /wp-admin/assets/back.png HTTP/1.1 Host: precheckcar.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
2025-01-14 00:26:54 UTC	231	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 00:26:54 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Mon, 20 Mar 2023 11:20:18 GMT Accept-Ranges: bytes Content-Length: 231 Content-Type: image/png
2025-01-14 00:26:54 UTC	231	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 18 00 00 00 18 08 06 00 00 00 e0 77 3d f8 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 a1 49 44 41 54 48 4b ed 93 b1 0d 02 31 10 04 e7 5a a0 0c aa b8 12 a8 80 9c 2e 20 23 24 23 a5 94 2d e1 cb 20 24 24 33 b2 f4 48 1f 80 cf bc 71 80 78 a7 3e ed 78 c7 b6 d1 79 59 e7 7c 16 40 68 f8 8f 14 b9 fb 05 18 24 9d 42 2f 93 81 2a 45 63 f8 0a d8 4a ba 7d 15 d0 12 9e 0f 52 6c d0 1a 5e 04 8c e1 1b e0 0c dc 23 2d 92 0e af 66 de 36 70 f7 63 4a 69 67 66 b5 80 fd 47 80 3c 9c 21 c0 7a ce e5 3e 61 e1 2b 6a 85 84 80 d6 26 55 80 09 e4 da e5 a3 45 2f a8 b4 5f dd 60 2e 64 01 84 e6 7e 5f d1 03 bf ca 37 19 0c 18 34 60 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRw=sRGBIDATHK1Z. #$#- $$3Hqx>xyY\|@h$B/*EcJ}Rl^#-f6pcJigfG<!z>a+j&UE/_`.d~_74`IENDB`

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49909	162.241.2.40	443	5336	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:27:19 UTC	1053	OUT	POST /wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a HTTP/1.1 Host: precheckcar.com Connection: keep-alive Content-Length: 44 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://precheckcar.com Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=6192daae722371962e0f1d92f94744e3
2025-01-14 00:27:19 UTC	44	OUT	Data Raw: 65 6d 3d 61 31 35 77 32 68 25 34 30 6e 78 6b 6e 70 2e 63 6f 6d 26 70 77 3d 61 25 33 46 76 6c 63 76 6a 64 25 32 35 25 33 41 4d 61 6f Data Ascii: em=a15w2h%40nxknp.com&pw=a%3Fvlcvjd%25%3AMao
2025-01-14 00:27:20 UTC	195	IN	HTTP/1.1 500 Internal Server Error Date: Tue, 14 Jan 2025 00:27:19 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Content-Length: 0 Content-Type: text/html; charset=UTF-8

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2680, Parent PID: 6664

General

Target ID:	1
Start time:	19:26:38
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5336, Parent PID: 2680

General

Target ID:	3
Start time:	19:26:42
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2360,i,16272791088535405586,17053543196037365283,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2276, Parent PID: 6664

General

Target ID:	4
Start time:	19:26:48
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://precheckcar.com/wp-admin/common/oauth2/v2.0/authorize/?client_id=f01f3e6e-ddd5-44393-8b7f-1e5d6348b58a"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly