Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://rahimlak.github.io/instagram

Overview

General Information

Sample URL:	http://rahimlak.github.io/instagram
Analysis ID:	1590432
Infos:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish64

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Suspicious form URL found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 2724 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,1030447276630430454,4488334761136101846,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5720 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://rahimlak.github.io/instagram" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_64	Yara detected HtmlPhish_64	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://rahimlak.github.io/instagram

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://rahimlak.github.io/instagram	Avira URL Cloud: Label: phishing
Source: https://rahimlak.github.io/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://rahimlak.github.io/instagram/style.css	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://rahimlak.github.io/instagram/

Joe Sandbox AI: Score: 9 Reasons: The brand 'Instagram' is a well-known social media platform., The URL 'rahimlak.github.io' does not match the legitimate domain 'instagram.com'., The URL is hosted on 'github.io', which is a domain for GitHub Pages, not associated with Instagram., The presence of input fields for 'username' and 'password' on a non-legitimate domain is suspicious and indicative of a phishing attempt. DOM: 0.0.pages.csv

Yara detected HtmlPhish64

Source: Yara match

File source: 0.0.pages.csv, type: HTML

Source: https://rahimlak.github.io/instagram/

HTTP Parser: Number of links: 0

Source: https://rahimlak.github.io/instagram/

HTTP Parser: Title: Instagram does not match URL

Source: https://rahimlak.github.io/instagram/

HTTP Parser: Form action: login.php

Source: https://rahimlak.github.io/instagram/

HTTP Parser: <input type="password" .../> found

Source: https://rahimlak.github.io/instagram/	HTTP Parser: No favicon
Source: https://rahimlak.github.io/instagram/login.php	HTTP Parser: No favicon

Source: https://rahimlak.github.io/instagram/

HTTP Parser: No <meta name="author".. found

Source: https://rahimlak.github.io/instagram/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /instagram HTTP/1.1Host: rahimlak.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instagram/ HTTP/1.1Host: rahimlak.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instagram/style.css HTTP/1.1Host: rahimlak.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://rahimlak.github.io/instagram/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: rahimlak.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rahimlak.github.io/instagram/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instagram HTTP/1.1Host: rahimlak.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: rahimlak.github.io

Source: unknown

HTTP traffic detected: POST /instagram/login.php HTTP/1.1Host: rahimlak.github.ioConnection: keep-aliveContent-Length: 46Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: https://rahimlak.github.ioContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://rahimlak.github.io/instagram/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 9115Server: GitHub.comContent-Type: text/html; charset=utf-8permissions-policy: interest-cohort=()ETag: "6765c4ef-239b"Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'X-GitHub-Request-Id: B2B0:1F4AA2:39EF56:40074D:6785B29DAccept-Ranges: bytesAge: 0Date: Tue, 14 Jan 2025 00:41:02 GMTVia: 1.1 varnishX-Served-By: cache-ewr-kewr1740061-EWRX-Cache: MISSX-Cache-Hits: 0X-Timer: S1736815262.342270,VS0,VE11Vary: Accept-EncodingX-Fastly-Request-ID: 53083b1f7f2c5a55a60a0a79292fd894b0fd74f2

Source: chromecache_62.2.dr	String found in binary or memory: https://githubstatus.com
Source: chromecache_62.2.dr	String found in binary or memory: https://help.github.com/pages/
Source: chromecache_62.2.dr	String found in binary or memory: https://twitter.com/githubstatus

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712

Source: classification engine

Classification label: mal72.phis.win@17/16@6/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,1030447276630430454,4488334761136101846,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://rahimlak.github.io/instagram"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,1030447276630430454,4488334761136101846,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://rahimlak.github.io/instagram	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://rahimlak.github.io/instagram	100%	Avira URL Cloud	phishing
https://rahimlak.github.io/favicon.ico	100%	Avira URL Cloud	phishing
https://rahimlak.github.io/instagram/style.css	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
rahimlak.github.io	185.199.108.153	true	true		unknown
www.google.com	142.250.184.228	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://rahimlak.github.io/instagram/style.css	true	Avira URL Cloud: phishing	unknown
https://rahimlak.github.io/instagram/login.php	true		unknown
http://rahimlak.github.io/instagram	true		unknown
https://rahimlak.github.io/instagram	false	Avira URL Cloud: phishing	unknown
https://rahimlak.github.io/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://rahimlak.github.io/instagram/	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://githubstatus.com	chromecache_62.2.dr	false		high
https://help.github.com/pages/	chromecache_62.2.dr	false		high
https://twitter.com/githubstatus	chromecache_62.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved		unknown	unknown	false
185.199.108.153	rahimlak.github.io	Netherlands		54113	FASTLYUS	true
142.250.184.228	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.7
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1590432
Start date and time:	2025-01-14 01:40:01 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 2m 55s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://rahimlak.github.io/instagram
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.phis.win@17/16@6/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.110.84, 142.250.185.174, 142.250.186.174, 142.250.185.206, 142.250.185.74, 142.250.185.234, 172.217.18.106, 142.250.184.234, 142.250.186.170, 142.250.184.202, 216.58.206.74, 172.217.16.202, 142.250.181.234, 216.58.212.170, 216.58.206.42, 142.250.186.106, 142.250.186.138, 142.250.185.138, 172.217.18.10, 142.250.185.106, 199.232.210.172, 23.50.108.3, 142.250.186.46, 216.58.212.174, 142.250.186.78, 142.250.184.238, 216.58.206.67, 142.250.185.238, 216.58.206.46, 142.250.185.78, 184.28.90.27, 172.202.163.200, 13.107.246.45
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: http://rahimlak.github.io/instagram

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://rahimlak.github.io Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": true }
URL: http://rahimlak.github.io
URL: https://rahimlak.github.io/instagram/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": " ", "text_input_field_labels": [ " ", " " ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://rahimlak.github.io/instagram/login.php Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://rahimlak.github.io/instagram/ Model: Joe Sandbox AI	{ "brands": [ "Instagram" ] }
	{ "brands": [ "Instagram" ] }
URL: https://rahimlak.github.io/instagram/login.php Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://rahimlak.github.io/instagram/ Model: Joe Sandbox AI	```json{ "legit_domain": "instagram.com", "classification": "wellknown", "reasons": [ "The brand 'Instagram' is a well-known social media platform.", "The URL 'rahimlak.github.io' does not match the legitimate domain 'instagram.com'.", "The URL is hosted on 'github.io', which is a domain for GitHub Pages, not associated with Instagram.", "The presence of input fields for 'username' and 'password' on a non-legitimate domain is suspicious and indicative of a phishing attempt." ], "riskscore": 9} Google indexed: False
URL: rahimlak.github.io Brands: Instagram Input Fields: ,

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:40:54 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9733353374159894
Encrypted:	false
SSDEEP:	48:8JdITs4iVHYidAKZdA19ehwiZUklqeh0y+3:8UPi8ry
MD5:	851FFB2A29A7DCE00268188D10775224
SHA1:	B85E962269FF9692AB04037E781D9117F2F198BE
SHA-256:	AFEA6A4ABFF6986851803E924AAFDAB9A6906CE925C93C64BC8DB38F7201BD23
SHA-512:	9FD98985310645D07BC5FF4FABE753F4FD864D19AF2B4CA1EF6F67A808C3CF1E05E57820240673D3D8BA676F47A56AADAFD27E3BE66C8C4A57FBF2A5B0DEA043
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......=..f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:40:54 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.987017588896173
Encrypted:	false
SSDEEP:	48:8HhdITs4iVHYidAKZdA1weh/iZUkAQkqehby+2:8HMPiO9QKy
MD5:	BEAFF89722A06D76791BD7152E395E57
SHA1:	F74B4B77A3D10754C4E0502045D87DDF4985D52D
SHA-256:	4C13B05AC88BCC7B9DD5E1E3529CBE03E42ED3ACE483045564297343A24993AC
SHA-512:	590A56213D3D5E2D665D7D8472426902124A2A011A0A3D129A0B987C27379B2587DEA849BECF64015A33A77030F31A7FCE52A83C94FDBB8B48576B4A59FF610D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....(x3..f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.002632447389082
Encrypted:	false
SSDEEP:	48:8xhdITs4sHYidAKZdA14tseh7sFiZUkmgqeh7sBy+BX:8xMPln/y
MD5:	BAC3CDE4037E608AB0E134E74876A4EC
SHA1:	DC80A27EDDBA99FD7449F76A8DDE630F62289F9F
SHA-256:	A46CD3459E475F8AF38CF7546B970471ECCAC42E574E3A997ED1E4AF0C4E7DD1
SHA-512:	3D7F708B471DBC33912ED068AA8B1B50D409A4B918B974387A27B6066C21DF9ECC47B84895C393685D3077BE54C2CB1F643156A176ED6DC440EC1B2EC6251705
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:40:54 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9877892348640582
Encrypted:	false
SSDEEP:	48:8+dITs4iVHYidAKZdA1vehDiZUkwqehny+R:81PiVpy
MD5:	3F40DA20F0E26D06AB6A9E01E158FCAE
SHA1:	2A5D28B4AD46D5ED16260291A6B01ED2ABAD3850
SHA-256:	08BB9F3DED1B148368815B1A23F91742DAF7828D7AA644AB72388FC1001997A1
SHA-512:	13E0F68B528337466833564E525483FCA7F05E9280275FF458865F93CFF70B881319D34219F7BEDD5AC5867B4A56E0E6250E9739F6614042E643DA85EF3B9814
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.........f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:40:54 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9780952986742304
Encrypted:	false
SSDEEP:	48:8EdITs4iVHYidAKZdA1hehBiZUk1W1qehVy+C:8XPiF91y
MD5:	B9044C86A03D852DB013A2E8C373510B
SHA1:	0A9300070514E83EEB968D2BA4DB8005D1B63C41
SHA-256:	AD152D897D404D4A9AFA28B983E0961DA5FF5113F71E3B55D099739DA09D7DE9
SHA-512:	DFEEB4B37C675A831EE00A81D96604549662D96AEFAAFE016544A9F74BBA5DD455686C988897D8C9DD1EA504163291EFAF7642BBACBB51066A0EDC6D2D752D65
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....<8..f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 13 23:40:54 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.990014895857932
Encrypted:	false
SSDEEP:	48:8MdITs4iVHYidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb/y+yT+:8/PiZT/TbxWOvTb/y7T
MD5:	48E2B60FE1DB022A74BC55472CB2708C
SHA1:	AB3E015E1969DD6D33C9A0DBCB074B998D213E4C
SHA-256:	F740C2E0A4F71D25DCB306BC031B114A8472A7C6D6A8574D3557C8236B2F8877
SHA-512:	BCB647D646262B01D5EC796CC9FC0A8B277AD3DBA1060342A9F688D344BFA2C8E15878523CEA42C4E9BE9A72F9BF26BE9F21B3E206245330BE386F58C44DDFFC
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......"..f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............9;......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 59

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	131
Entropy (8bit):	4.481204119376709
Encrypted:	false
SSDEEP:	3:qVvzLURODFkJEXR1Xbvx9FKEIHiHbBaWvFkJETbIlIWKBc4NGb:qFzLIeFAE3XLxWHiHkWvFAEYlIWKq4Qb
MD5:	9A67F98EBF567E0B2B3CDEB58BE2DA2D
SHA1:	36870E81E17D2A0AD49EAA5D208961F0290BA751
SHA-256:	DB9C83197AADFAF315C26741F15264DB83844A31372701A8465737D63508DF7F
SHA-512:	C82ADDD9AD18C1BC8C37C7CBBCA525DB0759DB12CC489C1E23286E39ECBCEBC6032675C445BF187730A83630AFF3F2CEECF3FCA0162084A60DC43D818C6964DB
Malicious:	false
Reputation:	low
URL:	https://rahimlak.github.io/instagram/login.php
Preview:	<html>.<head><title>405 Not Allowed</title></head>.<body bgcolor="white">.<center><h1>405 Not Allowed</h1></center>.</body>.</html>

Chrome Cache Entry: 60

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Category:	downloaded
Size (bytes):	521
Entropy (8bit):	4.92862316972451
Encrypted:	false
SSDEEP:	12:hPgkzZ+QLfdj6sVt1SI3qI9RtkWNIoJDEJDVayXmW95LKNqCvXBRPGb:hPfXNXJqARSUNENsylOMuk
MD5:	AE3F42A1E9695829DA3A95CF4BBE381E
SHA1:	2A614E24EE87DCE04B0642DB1DE36FF66C11CC04
SHA-256:	00A57F16DFA07F454A6D1E35087B935343B6C42FED49864628ACCCF0E7F07952
SHA-512:	850A01BA979CC1DBB2091DA4F0664F43FC56DCE4FF0DEE15AAA844BEB7B0F3638CCAE5C59159250E3FFEB48DB510AC40D27DEE09EAD43FFC5D88A0E0FFA96789
Malicious:	false
Reputation:	low
URL:	https://rahimlak.github.io/instagram/
Preview:	<!DOCTYPE html>..<html>..<head>.. <title>Instagram</title>.. <link rel="stylesheet" href="style.css">..</head>..<body>.. <div class="container">.. <h1>Instagram</h1>.. <form action="login.php" method="post">.. <input type="text" name="username" placeholder="... ........">.. <input type="password" name="password" placeholder=".... ......">.. <button type="submit">..... ......</button>.. </form>.. </div>..</body>..</html>

Chrome Cache Entry: 61

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	847
Entropy (8bit):	4.834043995643426
Encrypted:	false
SSDEEP:	12:UxAm86FAyKx5U8Awl7IH1+G1/X+rrnAYcJiHkRR0WjfIGL7IO+8jtZkRR0Wu8wjP:UN1Ja8HCw2C3ybH1o/
MD5:	01D7797D11F51B74D5DB58CEC4B099A5
SHA1:	DE1DB157FF498282A09058969E04D881171E0EA5
SHA-256:	D88738BB746571527ED2981940321F653AE6C7A270C8DEAD170D7EAB5BFCC4F2
SHA-512:	B685F33A2567CC701BFF65E37D0EAA143CAD9EBBD07ABF0C69CCEDA32D77D3C939AECC15F4636484BB8D9036A45DA0C74431838D1CFB2B565CAB0DDE8796627D
Malicious:	false
Reputation:	low
URL:	https://rahimlak.github.io/instagram/style.css
Preview:	body {.. font-family: Arial, sans-serif;.. background-color: #f2f2f2;..}.....container {.. width: 300px;.. margin: 50px auto;.. background-color: #fff;.. padding: 20px;.. border: 1px solid #ddd;.. border-radius: 10px;.. box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);..}....h1 {.. text-align: center;.. margin-bottom: 20px;..}....form {.. margin-top: 20px;..}....input[type="text"], input[type="password"] {.. width: 100%;.. height: 40px;.. margin-bottom: 20px;.. padding: 10px;.. border: 1px solid #ccc;.. border-radius: 5px;..}....button[type="submit"] {.. width: 100%;.. height: 40px;.. background-color: #4CAF50;.. color: #fff;.. padding: 10px;.. border: none;.. border-radius: 5px;.. cursor: pointer;..}....button[type="submit"]:hover {.. background-color: #3e8e41;..}

Chrome Cache Entry: 62

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3909)
Category:	downloaded
Size (bytes):	9115
Entropy (8bit):	6.0587900718391925
Encrypted:	false
SSDEEP:	192:Ywnb1iC9OA9XXMa9kukrALQDUnulGVopLAGCALQD6vnglET31iCLL3d:7B8H3DUulGmmv3D6vglETliCfN
MD5:	1EB970CE5A18BEC7165F016DF8238566
SHA1:	9EFD1514AF80FE14DB4ED28E9BC53975B9EE089C
SHA-256:	70D613E3ACFBA24FD2876FCBACAF639E1E111EF4D54BAF70761C47673F37D6A3
SHA-512:	21B4D800CC282CA452F7394E95D5382340AC3481A002C21DA681005A44F18EA6CF43959990CD715B4657F180E0E96D6087FE724F3200E909F9FD70EBCD5511BD
Malicious:	false
Reputation:	low
URL:	https://rahimlak.github.io/favicon.ico
Preview:	<!DOCTYPE html>.<html>. <head>. <meta http-equiv="Content-type" content="text/html; charset=utf-8">. <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'">. <title>Site not found · GitHub Pages</title>. <style type="text/css" media="screen">. body {. background-color: #f1f1f1;. margin: 0;. font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;. }.. .container { margin: 50px auto 40px auto; width: 600px; text-align: center; }.. a { color: #4183c4; text-decoration: none; }. a:hover { text-decoration: underline; }.. h1 { width: 800px; position:relative; left: -100px; letter-spacing: -1px; line-height: 60px; font-size: 60px; font-weight: 100; margin: 0px 0 50px 0; text-shadow: 0 1px 0 #fff; }. p { color: rgba(0, 0, 0, 0.5); margin: 20px 0; line-height: 1.6; }.. ul { list-style: none; margin: 25px 0; padding: 0; }. li { d

Chrome Cache Entry: 63

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.066108939837481
Encrypted:	false
SSDEEP:	3:GMyoSt:jFSt
MD5:	96B191AE794C2C78387B3F4F9BB7A251
SHA1:	F974547DF0ADFFB7E80699552C6BCE3E709343A6
SHA-256:	CE76758AEEF2CAF12021AFB5257D0CA4E9E5C20015C2C85D68BB27FA6B1AFB28
SHA-512:	07EE1CFDBD53C1046FA4F44FF7C83F4456CDAA099299816B451D114E3EEAAD4BE8F0CD0FC09F0E838418BCBB5E50547E806E8E080B8E3421D0DB26FF4C15D412
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwn9jQSVDpn5HBIFDeeNQA4SBQ3OQUx6?alt=proto
Preview:	ChIKBw3njUAOGgAKBw3OQUx6GgA=

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:40:46.631759882 CET	49674	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:46.631772041 CET	49675	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:46.741219044 CET	49673	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:56.242527962 CET	49674	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:56.242542028 CET	49675	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:56.351859093 CET	49673	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:58.042021990 CET	443	49703	23.1.237.91	192.168.2.5
Jan 14, 2025 01:40:58.042182922 CET	49703	443	192.168.2.5	23.1.237.91
Jan 14, 2025 01:40:58.259287119 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.259335995 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.259434938 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.259737015 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.259746075 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.900852919 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.902049065 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.902062893 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.903103113 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.903152943 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.905064106 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.905123949 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.945058107 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:58.945067883 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:40:58.991951942 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:40:59.151071072 CET	49714	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.151412964 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.155833006 CET	80	49714	185.199.108.153	192.168.2.5
Jan 14, 2025 01:40:59.155905962 CET	49714	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.156075954 CET	49714	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.156171083 CET	80	49715	185.199.108.153	192.168.2.5
Jan 14, 2025 01:40:59.156208038 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.160828114 CET	80	49714	185.199.108.153	192.168.2.5
Jan 14, 2025 01:40:59.630882025 CET	80	49714	185.199.108.153	192.168.2.5
Jan 14, 2025 01:40:59.680322886 CET	49714	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.858716965 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.858778000 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:40:59.858849049 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.859116077 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:40:59.859126091 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.156739950 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.161634922 CET	80	49715	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.161736965 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.344197989 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.344546080 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.344568968 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.346124887 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.346185923 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.351878881 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.351970911 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.352109909 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.352121115 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.402203083 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.461186886 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.461607933 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.461879015 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.462276936 CET	49716	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.462290049 CET	443	49716	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.465708971 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.465734959 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.465794086 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.466124058 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.466134071 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.930056095 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.931866884 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.931880951 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.932424068 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.933234930 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.933300018 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:00.933583021 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:00.979321957 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.049135923 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.050066948 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.050124884 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.050719976 CET	49718	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.050734043 CET	443	49718	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.096683979 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.096734047 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.096872091 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.097280025 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.097300053 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.561563015 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.562141895 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.562175989 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.562540054 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.562963009 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.563028097 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.563246012 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.603332043 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.686328888 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.686429024 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.686496019 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.688000917 CET	49719	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.688020945 CET	443	49719	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.721543074 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.721585989 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:01.721645117 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.721926928 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:01.721940041 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.196903944 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.243158102 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.267951965 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.268003941 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.269206047 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.284539938 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.284753084 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.287925005 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.335333109 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397476912 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397608995 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397695065 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397747040 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.397770882 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397809982 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.397815943 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397901058 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.397970915 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.398026943 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.398035049 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.398066998 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.400073051 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:02.400136948 CET	443	49721	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:02.400249004 CET	49721	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:08.869656086 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:08.869720936 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:08.869904995 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:10.123544931 CET	49712	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:10.123564005 CET	443	49712	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:14.771320105 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.771338940 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:14.771410942 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.771642923 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.771656990 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:14.774023056 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.774044991 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:14.774100065 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.776210070 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:14.776222944 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.240667105 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.240971088 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.240984917 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.242088079 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.243334055 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.244172096 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.244318962 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.244332075 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.244343996 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.244466066 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.245248079 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.245414972 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.245878935 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.245946884 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.290328979 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.290342093 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.291332006 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.335166931 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.345961094 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.346246958 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:15.346303940 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.372419119 CET	49760	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:15.372431993 CET	443	49760	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:44.633012056 CET	49714	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:44.638566971 CET	80	49714	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:45.164261103 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:41:45.169182062 CET	80	49715	185.199.108.153	192.168.2.5
Jan 14, 2025 01:41:58.305782080 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:58.305834055 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.305919886 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:58.306233883 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:58.306246996 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.936697006 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.937118053 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:58.937144041 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.937472105 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.938014984 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:41:58.938111067 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:41:58.992182970 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:42:00.304224968 CET	49759	443	192.168.2.5	185.199.108.153
Jan 14, 2025 01:42:00.304258108 CET	443	49759	185.199.108.153	192.168.2.5
Jan 14, 2025 01:42:02.118580103 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:42:02.123811960 CET	80	49715	185.199.108.153	192.168.2.5
Jan 14, 2025 01:42:02.123929024 CET	49715	80	192.168.2.5	185.199.108.153
Jan 14, 2025 01:42:08.849229097 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:42:08.849284887 CET	443	49997	142.250.184.228	192.168.2.5
Jan 14, 2025 01:42:08.849385023 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:42:10.118925095 CET	49997	443	192.168.2.5	142.250.184.228
Jan 14, 2025 01:42:10.118947983 CET	443	49997	142.250.184.228	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 14, 2025 01:40:53.947628975 CET	53	63141	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:53.960675955 CET	53	52616	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:55.118976116 CET	53	50671	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:58.246654034 CET	59021	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:58.247033119 CET	65307	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:58.253489017 CET	53	59021	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:58.253643990 CET	53	65307	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:59.135536909 CET	56698	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:59.138931990 CET	60310	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:59.145672083 CET	53	56698	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:59.148025036 CET	53	60310	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:59.849548101 CET	65028	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:59.849735022 CET	56932	53	192.168.2.5	1.1.1.1
Jan 14, 2025 01:40:59.857903957 CET	53	56932	1.1.1.1	192.168.2.5
Jan 14, 2025 01:40:59.858143091 CET	53	65028	1.1.1.1	192.168.2.5
Jan 14, 2025 01:41:01.126164913 CET	53	62683	1.1.1.1	192.168.2.5
Jan 14, 2025 01:41:12.208888054 CET	53	59776	1.1.1.1	192.168.2.5
Jan 14, 2025 01:41:31.109850883 CET	53	51701	1.1.1.1	192.168.2.5
Jan 14, 2025 01:41:53.548618078 CET	53	51556	1.1.1.1	192.168.2.5
Jan 14, 2025 01:41:54.094558954 CET	53	62386	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 14, 2025 01:40:58.246654034 CET	192.168.2.5	1.1.1.1	0x4e74	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:58.247033119 CET	192.168.2.5	1.1.1.1	0x6319	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 14, 2025 01:40:59.135536909 CET	192.168.2.5	1.1.1.1	0x13f2	Standard query (0)	rahimlak.github.io	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.138931990 CET	192.168.2.5	1.1.1.1	0x4da9	Standard query (0)	rahimlak.github.io	65	IN (0x0001)	false
Jan 14, 2025 01:40:59.849548101 CET	192.168.2.5	1.1.1.1	0x66ba	Standard query (0)	rahimlak.github.io	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.849735022 CET	192.168.2.5	1.1.1.1	0x3a5e	Standard query (0)	rahimlak.github.io	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 14, 2025 01:40:58.253489017 CET	1.1.1.1	192.168.2.5	0x4e74	No error (0)	www.google.com		142.250.184.228	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:58.253643990 CET	1.1.1.1	192.168.2.5	0x6319	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 14, 2025 01:40:59.145672083 CET	1.1.1.1	192.168.2.5	0x13f2	No error (0)	rahimlak.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.145672083 CET	1.1.1.1	192.168.2.5	0x13f2	No error (0)	rahimlak.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.145672083 CET	1.1.1.1	192.168.2.5	0x13f2	No error (0)	rahimlak.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.145672083 CET	1.1.1.1	192.168.2.5	0x13f2	No error (0)	rahimlak.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.858143091 CET	1.1.1.1	192.168.2.5	0x66ba	No error (0)	rahimlak.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.858143091 CET	1.1.1.1	192.168.2.5	0x66ba	No error (0)	rahimlak.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.858143091 CET	1.1.1.1	192.168.2.5	0x66ba	No error (0)	rahimlak.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Jan 14, 2025 01:40:59.858143091 CET	1.1.1.1	192.168.2.5	0x66ba	No error (0)	rahimlak.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

rahimlak.github.io

https:

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49714	185.199.108.153	80	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 14, 2025 01:40:59.156075954 CET	442	OUT	GET /instagram HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 14, 2025 01:40:59.630882025 CET	712	IN	HTTP/1.1 301 Moved Permanently Connection: keep-alive Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://rahimlak.github.io/instagram X-GitHub-Request-Id: 842B:220028:3A13AA:402B0C:6785B29B Accept-Ranges: bytes Age: 0 Date: Tue, 14 Jan 2025 00:40:59 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740042-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815260.575596,VS0,VE16 Vary: Accept-Encoding X-Fastly-Request-ID: 2f7135b76ffa865c1cc4b31243d20b6b40cd2dde Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Jan 14, 2025 01:41:44.633012056 CET	6	OUT	Data Raw: 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49715	185.199.108.153	80	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 14, 2025 01:41:45.164261103 CET	6	OUT	Data Raw: 00 Data Ascii:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49716	185.199.108.153	443	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:41:00 UTC	670	OUT	GET /instagram HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:41:00 UTC	546	IN	HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 162 Server: GitHub.com Content-Type: text/html permissions-policy: interest-cohort=() Location: https://rahimlak.github.io/instagram/ X-GitHub-Request-Id: D8A1:102B62:397155:3F88B7:6785B29B Accept-Ranges: bytes Age: 0 Date: Tue, 14 Jan 2025 00:41:00 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740038-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815260.405988,VS0,VE12 Vary: Accept-Encoding X-Fastly-Request-ID: 325694587c2865a5c9042f43410000c07f83a5d0
2025-01-14 00:41:00 UTC	162	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49718	185.199.108.153	443	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:41:00 UTC	671	OUT	GET /instagram/ HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:41:01 UTC	731	IN	HTTP/1.1 200 OK Connection: close Content-Length: 521 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sun, 12 Jan 2025 14:32:02 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6783d262-209" expires: Tue, 14 Jan 2025 00:51:00 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: B68D:35DBF7:35DD93:3BC140:6785B29C Accept-Ranges: bytes Age: 0 Date: Tue, 14 Jan 2025 00:41:01 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890034-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815261.987807,VS0,VE17 Vary: Accept-Encoding X-Fastly-Request-ID: 530f59ed170024faf40fa7f7a511db9acffc53f2
2025-01-14 00:41:01 UTC	521	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 49 6e 73 74 61 67 72 61 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 74 79 6c 65 2e 63 73 73 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 68 31 3e 49 6e 73 74 61 67 72 61 6d 3c 2f 68 31 3e 0d 0a 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 Data Ascii: <!DOCTYPE html><html><head> <title>Instagram</title> <link rel="stylesheet" href="style.css"></head><body> <div class="container"> <h1>Instagram</h1> <form action="login.php" method="post"> <input type

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49719	185.199.108.153	443	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:41:01 UTC	564	OUT	GET /instagram/style.css HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://rahimlak.github.io/instagram/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:41:01 UTC	730	IN	HTTP/1.1 200 OK Connection: close Content-Length: 847 Server: GitHub.com Content-Type: text/css; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sun, 12 Jan 2025 14:32:02 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "6783d262-34f" expires: Tue, 14 Jan 2025 00:51:01 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 2B73:272F4E:336645:394956:6785B29D Accept-Ranges: bytes Age: 0 Date: Tue, 14 Jan 2025 00:41:01 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890067-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815262.620429,VS0,VE27 Vary: Accept-Encoding X-Fastly-Request-ID: 86b428680255d40a8f30990b56b96630a6250598
2025-01-14 00:41:01 UTC	847	IN	Data Raw: 62 6f 64 79 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 32 66 32 66 32 3b 0d 0a 7d 0d 0a 0d 0a 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 33 30 30 70 78 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 35 30 70 78 20 61 75 74 6f 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 32 30 70 78 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 30 70 78 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 Data Ascii: body { font-family: Arial, sans-serif; background-color: #f2f2f2;}.container { width: 300px; margin: 50px auto; background-color: #fff; padding: 20px; border: 1px solid #ddd; border-radius: 10px; box-shad

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49721	185.199.108.153	443	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:41:02 UTC	602	OUT	GET /favicon.ico HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://rahimlak.github.io/instagram/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:41:02 UTC	635	IN	HTTP/1.1 404 Not Found Connection: close Content-Length: 9115 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() ETag: "6765c4ef-239b" Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' X-GitHub-Request-Id: B2B0:1F4AA2:39EF56:40074D:6785B29D Accept-Ranges: bytes Age: 0 Date: Tue, 14 Jan 2025 00:41:02 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740061-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815262.342270,VS0,VE11 Vary: Accept-Encoding X-Fastly-Request-ID: 53083b1f7f2c5a55a60a0a79292fd894b0fd74f2
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 20 69 6d 67 2d 73 72 63 20 64 61 74 61 3a 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'"> <title>S
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 20 32 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 31 39 32 64 70 69 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 32 64 70 70 78 29 20 7b 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 31 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 32 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 20 7d 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 23 73 75 Data Ascii: ice-pixel-ratio: 2), only screen and ( min-resolution: 192dpi), only screen and ( min-resolution: 2dppx) { .logo-img-1x { display: none; } .logo-img-2x { display: inline-block; } } #su
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 78 34 4f 6e 68 74 63 47 31 6c 64 47 45 67 65 47 31 73 62 6e 4d 36 65 44 30 69 59 57 52 76 59 6d 55 36 62 6e 4d 36 62 57 56 30 59 53 38 69 49 48 67 36 65 47 31 77 64 47 73 39 49 6b 46 6b 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 Data Ascii: x4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvb
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 45 39 46 4e 72 67 77 42 43 4c 69 72 4d 46 56 39 4f 6b 68 35 65 66 6c 46 68 38 50 52 35 6e 4b 35 6e 44 61 62 72 52 32 42 4e 4a 6c 4b 4f 30 54 33 35 2b 4c 69 34 6e 34 2b 2f 4a 2b 2f 4a 51 43 78 68 6d 75 35 68 33 75 4a 6f 58 4e 48 50 62 6d 57 5a 41 48 4d 73 68 57 42 38 6c 35 2f 69 70 71 61 6d 6d 61 41 66 30 7a 50 44 44 78 31 4f 4e 56 33 76 75 72 64 69 64 71 77 41 51 4c 2b 70 45 63 38 73 4c 63 41 65 31 43 43 76 51 33 59 48 78 49 57 38 50 6c 38 35 78 53 57 4e 43 31 68 41 44 44 49 76 30 72 49 45 2f 6f 34 4a 30 6b 33 6b 77 77 34 78 53 6c 77 49 68 63 71 33 45 46 46 4f 6d 37 4b 4e 2f 68 55 47 4f 51 6b 74 30 43 46 61 35 57 70 4e 4a 6c 4d 76 78 42 45 7a 2f 49 56 51 41 78 67 2f 5a 52 5a 6c 39 77 69 48 41 36 33 79 44 59 69 65 4d 37 44 6e 4c 50 35 43 69 41 47 73 43 37 Data Ascii: E9FNrgwBCLirMFV9Okh5eflFh8PR5nK5nDabrR2BNJlKO0T35+Li4n4+/J+/JQCxhmu5h3uJoXNHPbmWZAHMshWB8l5/ipqammaAf0zPDDx1ONV3vurdidqwAQL+pEc8sLcAe1CCvQ3YHxIW8Pl85xSWNC1hADDIv0rIE/o4J0k3kww4xSlwIhcq3EFFOm7KN/hUGOQkt0CFa5WpNJlMvxBEz/IVQAxg/ZRZl9wiHA63yDYieM7DnLP5CiAGsC7
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 69 42 79 5a 47 59 36 59 57 4a 76 64 58 51 39 49 69 49 67 65 47 31 73 62 6e 4d 36 65 47 31 77 50 53 4a 6f 64 48 52 77 4f 69 38 76 62 6e 4d 75 59 57 52 76 59 6d 55 75 59 32 39 74 4c 33 68 Data Ascii: b2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3h
2025-01-14 00:41:02 UTC	1378	IN	Data Raw: 74 34 32 66 2b 4d 70 30 79 55 54 56 51 62 64 57 73 41 48 56 73 69 6b 64 69 48 6b 48 61 50 78 63 51 58 51 75 66 58 67 55 42 67 4d 52 78 6d 65 39 55 30 41 41 78 66 48 34 76 46 76 6a 4d 37 65 46 36 55 6b 62 4a 53 35 71 6f 51 77 45 51 47 41 35 37 41 63 35 4a 6c 6c 46 79 55 56 5a 5a 35 63 6b 55 45 67 4d 56 78 73 4b 32 6a 6c 53 59 7a 49 2b 51 58 4a 73 69 79 6a 7a 4e 45 41 4a 79 4a 41 7a 62 2f 4b 51 61 34 31 6a 4a 4b 4c 38 70 4f 44 4d 51 69 54 45 41 79 6d 58 77 35 6e 38 2f 50 30 49 6a 44 33 62 68 37 52 67 6f 67 35 39 61 61 6e 78 69 49 52 54 56 76 56 2f 6f 6a 30 74 6e 48 63 61 2f 57 4d 72 56 77 4f 44 77 42 33 72 61 54 47 78 7a 6b 42 67 2f 67 6e 5a 56 61 70 46 56 36 32 57 79 32 6e 35 41 4f 37 30 48 4d 2f 35 77 62 4a 30 51 6e 58 79 51 53 61 56 50 44 49 75 4e 5a 7a Data Ascii: t42f+Mp0yUTVQbdWsAHVsikdiHkHaPxcQXQufXgUBgMRxme9U0AAxfH4vFvjM7eF6UkbJS5qoQwEQGA57Ac5JllFyUVZZ5ckUEgMVxsK2jlSYzI+QXJsiyjzNEAJyJAzb/KQa41jJKL8pODMQiTEAymXw5n8/P0IjD3bh7Rgog59aanxiIRTVvV/oj0tnHca/WMrVwODwB3raTGxzkBg/gnZVapFV62Wy2n5AO70HM/5wbJ0QnXyQSaVPDIuNZz
2025-01-14 00:41:02 UTC	847	IN	Data Raw: 36 73 64 34 32 39 54 55 4e 45 63 6d 55 64 63 2b 50 52 61 4c 48 63 76 6e 38 37 64 58 57 34 75 67 7a 64 73 61 47 78 75 66 4c 39 34 4e 46 76 39 7a 69 31 4a 37 47 56 62 68 6c 76 62 32 64 6e 61 4a 33 53 56 72 78 66 63 2b 6e 32 2b 4e 54 73 5a 37 2f 48 37 2f 4d 72 33 67 35 58 64 53 49 48 79 4a 53 48 31 50 5a 2b 37 66 54 6f 79 6c 32 2b 45 72 71 69 6c 67 5a 34 4e 61 4c 59 42 39 67 6f 56 47 61 48 6a 52 39 33 48 76 31 5a 72 55 34 58 44 73 46 54 32 30 6b 48 33 50 4f 62 7a 62 57 6b 30 43 67 47 31 6a 61 63 56 49 55 6e 41 51 62 39 46 2b 56 65 78 79 4c 4d 7a 6b 70 63 4c 76 30 49 4a 56 37 41 48 51 49 4f 43 41 55 59 48 78 37 76 35 71 67 53 63 6d 59 48 74 54 71 53 41 79 5a 4c 45 4a 54 4b 32 32 42 69 65 34 69 71 33 78 73 71 70 6d 34 53 41 66 39 48 71 39 61 32 44 6e 4a 34 75 Data Ascii: 6sd429TUNEcmUdc+PRaLHcvn87dXW4ugzdsaGxufL94NFv9zi1J7GVbhlvb2dnaJ3SVrxfc+n2+NTsZ7/H7/Mr3g5XdSIHyJSH1PZ+7fToyl2+ErqilgZ4NaLYB9goVGaHjR93Hv1ZrU4XDsFT20kH3PObzbWk0CgG1jacVIUnAQb9F+VexyLMzkpcLv0IJV7AHQIOCAUYHx7v5qgScmYHtTqSAyZLEJTK22Bie4iq3xsqpm4SAf9Hq9a2DnJ4u

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49760	185.199.108.153	443	4428	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 00:41:15 UTC	867	OUT	POST /instagram/login.php HTTP/1.1 Host: rahimlak.github.io Connection: keep-alive Content-Length: 46 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://rahimlak.github.io Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://rahimlak.github.io/instagram/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 00:41:15 UTC	46	OUT	Data Raw: 75 73 65 72 6e 61 6d 65 3d 26 70 61 73 73 77 6f 72 64 3d 25 32 43 7a 79 6c 25 32 35 34 50 25 37 44 43 31 25 32 42 69 66 33 42 25 37 42 6f Data Ascii: username=&password=%2Czyl%254P%7DC1%2Bif3B%7Bo
2025-01-14 00:41:15 UTC	357	IN	HTTP/1.1 405 Method Not Allowed Connection: close Content-Length: 131 Server: Varnish Retry-After: 0 Accept-Ranges: bytes Date: Tue, 14 Jan 2025 00:41:15 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740054-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1736815275.303656,VS0,VE0 X-Fastly-Request-ID: c50084eee0b99fe4ee143d83bb250de40e3c5f37
2025-01-14 00:41:15 UTC	131	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>405 Not Allowed</title></head><body bgcolor="white"><center><h1>405 Not Allowed</h1></center></body></html>

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2724, Parent PID: 5460

General

Target ID:	0
Start time:	19:40:48
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4428, Parent PID: 2724

General

Target ID:	2
Start time:	19:40:51
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2056,i,1030447276630430454,4488334761136101846,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5720, Parent PID: 5460

General

Target ID:	3
Start time:	19:40:57
Start date:	13/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://rahimlak.github.io/instagram"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly