Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=

Overview

General Information

Sample URL:https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
Analysis ID:1591469
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

  • System is w10x64
  • chrome.exe (PID: 3948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1884,i,7230682522980469484,15994161189670794245,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=Avira URL Cloud: detection malicious, Label: phishing
Source: https://cdn.trytraffics.com/favicon.icoAvira URL Cloud: Label: phishing
Source: https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM= HTTP/1.1Host: cdn.trytraffics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cdn.trytraffics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cdn.trytraffics.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknownHTTP traffic detected: POST /report/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuw HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 535Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 15 Jan 2025 00:12:51 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuw"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 9021a8159ee6ac72-YYZalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=13822&min_rtt=13820&rtt_var=5186&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1280&delivery_rate=211028&cwnd=32&unsent_bytes=0&cid=b7d2a80948811f56&ts=1211&x=0"
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: classification engineClassification label: mal56.win@16/10@6/6
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1884,i,7230682522980469484,15994161189670794245,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM="
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1884,i,7230682522980469484,15994161189670794245,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=100%Avira URL Cloudphishing
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://cdn.trytraffics.com/favicon.ico100%Avira URL Cloudphishing
NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    high
    cdn.trytraffics.com
    188.114.96.3
    truefalse
      unknown
      www.google.com
      216.58.206.68
      truefalse
        high
        NameMaliciousAntivirus DetectionReputation
        https://cdn.trytraffics.com/favicon.icofalse
        • Avira URL Cloud: phishing
        unknown
        https://a.nel.cloudflare.com/report/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuwfalse
          high
          https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=true
            unknown
            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs
            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            unknownReserved
            unknownunknownfalse
            188.114.96.3
            cdn.trytraffics.comEuropean Union
            13335CLOUDFLARENETUSfalse
            35.190.80.1
            a.nel.cloudflare.comUnited States
            15169GOOGLEUSfalse
            216.58.206.68
            www.google.comUnited States
            15169GOOGLEUSfalse
            IP
            192.168.2.6
            192.168.2.5
            Joe Sandbox version:42.0.0 Malachite
            Analysis ID:1591469
            Start date and time:2025-01-15 01:11:50 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 58s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:7
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal56.win@16/10@6/6
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 216.58.212.163, 172.217.18.14, 64.233.166.84, 216.58.206.46, 199.232.214.172, 2.17.190.73, 142.250.184.206, 142.250.186.78, 142.250.184.238, 142.250.186.142, 216.58.212.174, 216.58.206.35, 142.250.186.46, 2.23.242.162, 20.12.23.50, 13.107.246.45
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • VT rate limit hit for: https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
            No simulations
            No context
            No context
            No context
            No context
            No context
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 23:12:44 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.9776350937036877
            Encrypted:false
            SSDEEP:48:80dZcT5AWqHjidAKZdA19ehwiZUklqehOy+3:8WcNN2Vy
            MD5:64B85F3BE7E6AA8B93C08A665EAEFB6C
            SHA1:3694C52250E9210532DD9D37619D9938BEDCDD63
            SHA-256:76FECE9C575351D393A4D23FE03820FA1544923A504C8496CFF32EE4B7FC277C
            SHA-512:63D13113A07A8169C11C2A501CC2D6F086C18A5974221730F5D156DC49576E15778CBEB22A4C0ECEA3358F90090277CAA57CF70F47A93030A5BA6EE498775FBC
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....u(3.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 23:12:44 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.9925501903562606
            Encrypted:false
            SSDEEP:48:8DdZcT5AWqHjidAKZdA1weh/iZUkAQkqehFy+2:8XcNNU9QMy
            MD5:E4D84D12569DF34CD0A6AC00D0C900FE
            SHA1:E8D92CB0E446F1DF65F01585C9EF3044A25E4E9A
            SHA-256:91CB2EE0194FFEBACB486BA73C14BD86F0412F47DE3731C1813A643EBB2DE4C6
            SHA-512:2DD89A22ADD98F82C3EE534F04C8D628A572BFB164B71D4BF6728F9AD9144A7D4DD3AB619F44E207B767B367849CE168FACDDB6CB4D4EE47B8374B183BCC55DD
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....G..3.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2693
            Entropy (8bit):4.006290751173486
            Encrypted:false
            SSDEEP:48:8xvdZcT5AWsHjidAKZdA14tseh7sFiZUkmgqeh7sTy+BX:8xDcNNynRy
            MD5:8C1A5A8EC7449365F94E7E66588C47D8
            SHA1:478F573DEE68E48390C6E3F22BE0F52ED9BBA23B
            SHA-256:0DFEECD9550949803FD9DAB28B9FDCB6985C89B4A5C71C89C17B5929F8A3AB41
            SHA-512:81D7B80F9DF3D8623B7428DBFA62C184174B405184D5B9AFBD7EA715A31CE7EFA32427A0E47AFD417B94D2CC0C58A34C0A5DE41B1B9ADC7B87E2C971DB4608E5
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 23:12:44 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.992209740421725
            Encrypted:false
            SSDEEP:48:83dZcT5AWqHjidAKZdA1vehDiZUkwqeh5y+R:8bcNN/by
            MD5:140FDD375971207C332C2E33771415E1
            SHA1:EB7A6390953B823E3D1E74ECEE4426C4A6B5DF78
            SHA-256:5D23CBAF9F6455971F4889A8DA8B557E98737F2A4361D78A8BC66B8F2718BD11
            SHA-512:7A85975BD4F493D87ACB37680C74CE0887A32B4E95F0920DC861227F4F5C23F64567B7A7BF8D9ACE0B1D25DB2815FF218AB47E979EA8D94EBFB985ACECDC222C
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....''.3.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 23:12:44 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.981678412371374
            Encrypted:false
            SSDEEP:48:81dZcT5AWqHjidAKZdA1hehBiZUk1W1qeh/y+C:8xcNN/9fy
            MD5:25EE2DBC2260EAEA58FFEB7E6E95FE49
            SHA1:478E55C49A57D1A3D3EECEABE7396439C3D9C071
            SHA-256:D481A3B638A0E7A9F3652B1786636149E1215EEFFE4845F03D2714F978340499
            SHA-512:2587FDF91041D727FA1D517A46CE5665DD343A421771C62C61313DF36E1D8670C6114B1BAABDE03F4B2C9EF6E1972967096A2B632008E133F2575BF3FB890D5C
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....IN!3.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 23:12:44 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2683
            Entropy (8bit):3.992828278762105
            Encrypted:false
            SSDEEP:48:88dZcT5AWqHjidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbRy+yT+:8ucNN3T/TbxWOvTbRy7T
            MD5:CA9B327F2A6B77CED077764628CD6D7F
            SHA1:34DD6F9BFA49EB50EB307970A561AC615BFC3187
            SHA-256:65ADA302AA52374B56FD3AA11207A1C3A61A87C2B65E7067BDC0B67447BE21FB
            SHA-512:5B0F943DACC5F0423E0CA32914C5CA66D4CD9D6758A14FB9C8087BB87696799E8AA348B275869F94D3626D6B1BF22732A2ACC7C27C6CC32158585F076772FF99
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.......3.f..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............CC......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text
            Category:downloaded
            Size (bytes):315
            Entropy (8bit):5.0572271090563765
            Encrypted:false
            SSDEEP:6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoFEHcLgabzjsKtgsg93wzRbKqD:J0+oxBeRmR9etdzRxGezZfCzjsKtgizR
            MD5:A34AC19F4AFAE63ADC5D2F7BC970C07F
            SHA1:A82190FC530C265AA40A045C21770D967F4767B8
            SHA-256:D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
            SHA-512:42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
            Malicious:false
            Reputation:low
            URL:https://cdn.trytraffics.com/favicon.ico
            Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text, with very long lines (580)
            Category:downloaded
            Size (bytes):861
            Entropy (8bit):5.265155464912692
            Encrypted:false
            SSDEEP:24:hMNmlBHkspKZHxfHW+chXErd9HxfHW+chXEvptK:Im3/pKX/W+cyx/W+cutK
            MD5:ECB6ACD75071ADF12B2AB8301480ED67
            SHA1:CB5AF240F2D9402B2E1DA564582A47CF635E2B14
            SHA-256:B1C609F77291DDF13645E8BEDF7E50A1054C44D659F014FA727E0F36A5B680C0
            SHA-512:A019EB7BE3FB8D6053A46DC1A9B6FC67DB22301B0E6C78709AE96AD18171D5F090E0C8E3DF6CEAB0E64A6D2F619F0D0D9D321577B0C9B6BE4D46DFAF4B3B943E
            Malicious:false
            Reputation:low
            URL:https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
            Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">.<html xmlns="http://www.w3.org/1999/xhtml">.<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title></title></head>.<body><center><h2><!doctype html><html><head><meta charset="utf-8"><title>404 Content not found</title></head><body><div><p style="font-family: Arial, 'Lucida Bright', 'DejaVu Serif', Georgia, 'serif'; font-size: 24px; text-align: center;">404 Content not found</p></div></body></html>.<!doctype html><html><head><meta charset="utf-8"><title>404 Content not found</title></head><body><div><p style="font-family: Arial, 'Lucida Bright', 'DejaVu Serif', Georgia, 'serif'; font-size: 24px; text-align: center;">404 Content not found</p></div></body></html>&B=true&LT=5.</h2></center>..</body>.</html>
            No static file info
            TimestampSource PortDest PortSource IPDest IP
            Jan 15, 2025 01:12:36.536104918 CET49675443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:36.536104918 CET49674443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:36.629775047 CET49673443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:46.135884047 CET49675443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:46.142407894 CET49674443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:46.234693050 CET49673443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:47.885005951 CET4434970323.1.237.91192.168.2.5
            Jan 15, 2025 01:12:47.885153055 CET49703443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:47.934696913 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:47.934801102 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:47.934899092 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:47.935230017 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:47.935252905 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.580846071 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.581401110 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:48.581440926 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.583101988 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.583187103 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:48.584424019 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:48.584520102 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.628243923 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:48.628278971 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:48.675034046 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:49.702733040 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.702781916 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:49.702913046 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.703059912 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.703093052 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:49.703145027 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.703423023 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.703449011 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:49.703588963 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:49.703620911 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.185432911 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.185717106 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.185755968 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.186693907 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.186774969 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191473961 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191523075 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191586018 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191844940 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191879988 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.191945076 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.191952944 CET44349714188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.192028999 CET49714443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.192293882 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.192308903 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.202678919 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.202882051 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.202896118 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.206640005 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.206718922 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207015991 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207027912 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207060099 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207194090 CET44349715188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.207246065 CET49715443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207334995 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207374096 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.207447052 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207644939 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.207663059 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.692562103 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.693037033 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.693072081 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.693213940 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.693495989 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.693515062 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.694736958 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.694807053 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.695907116 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.695997000 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.696207047 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.696216106 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.696901083 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.696969986 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.697319984 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.697403908 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.735780001 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.750993013 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:50.751004934 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:50.798500061 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.313872099 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.313992977 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.314054012 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.322278976 CET49716443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.322312117 CET44349716188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.396145105 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.439342976 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.892719984 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.892836094 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.892966986 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.896605015 CET49717443192.168.2.5188.114.96.3
            Jan 15, 2025 01:12:51.896625042 CET44349717188.114.96.3192.168.2.5
            Jan 15, 2025 01:12:51.902599096 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:51.902638912 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:51.902712107 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:51.902935028 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:51.902949095 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.373321056 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.373610973 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.373625994 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.375294924 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.375358105 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.376784086 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.376873016 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.377619028 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.377630949 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.423863888 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.501439095 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.501672983 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.501759052 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.502043009 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.502064943 CET4434971835.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.502079010 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.502119064 CET49718443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.502995968 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.503096104 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.503216028 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.503456116 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.503493071 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.977897882 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.978223085 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.978244066 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.978750944 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.979341030 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:52.979420900 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:52.979597092 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:53.027327061 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:53.108586073 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:53.108798981 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:53.108881950 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:53.109030962 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:53.109030962 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:53.109081030 CET4434971935.190.80.1192.168.2.5
            Jan 15, 2025 01:12:53.109146118 CET49719443192.168.2.535.190.80.1
            Jan 15, 2025 01:12:58.473263025 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:58.473351002 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:12:58.473434925 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:58.684123039 CET49703443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:58.684571981 CET49703443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:58.689126968 CET4434970323.1.237.91192.168.2.5
            Jan 15, 2025 01:12:58.689389944 CET4434970323.1.237.91192.168.2.5
            Jan 15, 2025 01:12:58.705054998 CET49726443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:58.705107927 CET4434972623.1.237.91192.168.2.5
            Jan 15, 2025 01:12:58.705269098 CET49726443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:58.705529928 CET49726443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:58.705548048 CET4434972623.1.237.91192.168.2.5
            Jan 15, 2025 01:12:59.312108040 CET4434972623.1.237.91192.168.2.5
            Jan 15, 2025 01:12:59.312345028 CET49726443192.168.2.523.1.237.91
            Jan 15, 2025 01:12:59.847661972 CET49711443192.168.2.5216.58.206.68
            Jan 15, 2025 01:12:59.847680092 CET44349711216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:18.543793917 CET4434972623.1.237.91192.168.2.5
            Jan 15, 2025 01:13:18.543870926 CET49726443192.168.2.523.1.237.91
            Jan 15, 2025 01:13:47.987270117 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:47.987334967 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:47.987493038 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:47.987790108 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:47.987807035 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:48.645471096 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:48.646002054 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:48.646020889 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:48.647669077 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:48.648022890 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:48.648103952 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:48.688898087 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:58.552541018 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:58.552627087 CET44349996216.58.206.68192.168.2.5
            Jan 15, 2025 01:13:58.552690983 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:59.848738909 CET49996443192.168.2.5216.58.206.68
            Jan 15, 2025 01:13:59.848762035 CET44349996216.58.206.68192.168.2.5
            TimestampSource PortDest PortSource IPDest IP
            Jan 15, 2025 01:12:43.569238901 CET53532211.1.1.1192.168.2.5
            Jan 15, 2025 01:12:43.654062033 CET53546971.1.1.1192.168.2.5
            Jan 15, 2025 01:12:44.651643991 CET53598091.1.1.1192.168.2.5
            Jan 15, 2025 01:12:47.926233053 CET4960453192.168.2.51.1.1.1
            Jan 15, 2025 01:12:47.926403999 CET5177553192.168.2.51.1.1.1
            Jan 15, 2025 01:12:47.933296919 CET53496041.1.1.1192.168.2.5
            Jan 15, 2025 01:12:47.933449984 CET53517751.1.1.1192.168.2.5
            Jan 15, 2025 01:12:49.387927055 CET5720653192.168.2.51.1.1.1
            Jan 15, 2025 01:12:49.388129950 CET5577853192.168.2.51.1.1.1
            Jan 15, 2025 01:12:49.701818943 CET53557781.1.1.1192.168.2.5
            Jan 15, 2025 01:12:49.701833010 CET53572061.1.1.1192.168.2.5
            Jan 15, 2025 01:12:51.894884109 CET6551753192.168.2.51.1.1.1
            Jan 15, 2025 01:12:51.895132065 CET6135453192.168.2.51.1.1.1
            Jan 15, 2025 01:12:51.901997089 CET53613541.1.1.1192.168.2.5
            Jan 15, 2025 01:12:51.902012110 CET53655171.1.1.1192.168.2.5
            Jan 15, 2025 01:13:01.588196993 CET53638211.1.1.1192.168.2.5
            Jan 15, 2025 01:13:20.604768038 CET53598261.1.1.1192.168.2.5
            Jan 15, 2025 01:13:43.074229002 CET53590351.1.1.1192.168.2.5
            Jan 15, 2025 01:13:43.169729948 CET53588061.1.1.1192.168.2.5
            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Jan 15, 2025 01:12:47.926233053 CET192.168.2.51.1.1.10xedfStandard query (0)www.google.comA (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:47.926403999 CET192.168.2.51.1.1.10xc96fStandard query (0)www.google.com65IN (0x0001)false
            Jan 15, 2025 01:12:49.387927055 CET192.168.2.51.1.1.10x2579Standard query (0)cdn.trytraffics.comA (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:49.388129950 CET192.168.2.51.1.1.10x9865Standard query (0)cdn.trytraffics.com65IN (0x0001)false
            Jan 15, 2025 01:12:51.894884109 CET192.168.2.51.1.1.10x84ecStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:51.895132065 CET192.168.2.51.1.1.10x6ac4Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Jan 15, 2025 01:12:47.933296919 CET1.1.1.1192.168.2.50xedfNo error (0)www.google.com216.58.206.68A (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:47.933449984 CET1.1.1.1192.168.2.50xc96fNo error (0)www.google.com65IN (0x0001)false
            Jan 15, 2025 01:12:49.701818943 CET1.1.1.1192.168.2.50x9865No error (0)cdn.trytraffics.com65IN (0x0001)false
            Jan 15, 2025 01:12:49.701833010 CET1.1.1.1192.168.2.50x2579No error (0)cdn.trytraffics.com188.114.96.3A (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:49.701833010 CET1.1.1.1192.168.2.50x2579No error (0)cdn.trytraffics.com188.114.97.3A (IP address)IN (0x0001)false
            Jan 15, 2025 01:12:51.902012110 CET1.1.1.1192.168.2.50x84ecNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
            • cdn.trytraffics.com
            • https:
            • a.nel.cloudflare.com
            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            0192.168.2.549716188.114.96.34433568C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-15 00:12:50 UTC770OUTGET /rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM= HTTP/1.1
            Host: cdn.trytraffics.com
            Connection: keep-alive
            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
            sec-ch-ua-mobile: ?0
            sec-ch-ua-platform: "Windows"
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
            Sec-Fetch-Site: none
            Sec-Fetch-Mode: navigate
            Sec-Fetch-User: ?1
            Sec-Fetch-Dest: document
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-15 00:12:51 UTC793INHTTP/1.1 200 OK
            Date: Wed, 15 Jan 2025 00:12:51 GMT
            Content-Type: text/html; charset=UTF-8
            Transfer-Encoding: chunked
            Connection: close
            cf-cache-status: DYNAMIC
            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAvamEnSjlQ4i%2FMDVuIlqxGCCq%2FoW%2BunyjNX2jbe2ZKQtLQEs%2FZDQ6cwBhhmhnGg2SzKTqiiNUgeyuoKKZDg0sSFzlfqLKYIGDv7PJrPzayzu5ZQ3STApapspFCtMKUMiVW3UKIp"}],"group":"cf-nel","max_age":604800}
            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
            Server: cloudflare
            CF-RAY: 9021a8118af0a2e6-YUL
            alt-svc: h3=":443"; ma=86400
            server-timing: cfL4;desc="?proto=TCP&rtt=17722&min_rtt=17718&rtt_var=6654&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1348&delivery_rate=164442&cwnd=32&unsent_bytes=0&cid=0850ab77b097135e&ts=636&x=0"
            2025-01-15 00:12:51 UTC576INData Raw: 33 35 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 74 69 74 6c 65 3e 3c 2f
            Data Ascii: 35d<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title></
            2025-01-15 00:12:51 UTC292INData Raw: 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 74 69 74 6c 65 3e 34 30 34 20 43 6f 6e 74 65 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 64 69 76 3e 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 27 4c 75 63 69 64 61 20 42 72 69 67 68 74 27 2c 20 27 44 65 6a 61 56 75 20 53 65 72 69 66 27 2c 20 47 65 6f 72 67 69 61 2c 20 27 73 65 72 69 66 27 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 34 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 22 3e 34 30 34 20 43 6f 6e 74 65 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 26 42 3d 74 72 75 65 26 4c
            Data Ascii: <head><meta charset="utf-8"><title>404 Content not found</title></head><body><div><p style="font-family: Arial, 'Lucida Bright', 'DejaVu Serif', Georgia, 'serif'; font-size: 24px; text-align: center;">404 Content not found</p></div></body></html>&B=true&L
            2025-01-15 00:12:51 UTC5INData Raw: 30 0d 0a 0d 0a
            Data Ascii: 0


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            1192.168.2.549717188.114.96.34433568C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-15 00:12:51 UTC702OUTGET /favicon.ico HTTP/1.1
            Host: cdn.trytraffics.com
            Connection: keep-alive
            sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
            sec-ch-ua-mobile: ?0
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            sec-ch-ua-platform: "Windows"
            Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
            Sec-Fetch-Site: same-origin
            Sec-Fetch-Mode: no-cors
            Sec-Fetch-Dest: image
            Referer: https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-15 00:12:51 UTC844INHTTP/1.1 404 Not Found
            Date: Wed, 15 Jan 2025 00:12:51 GMT
            Content-Type: text/html; charset=iso-8859-1
            Transfer-Encoding: chunked
            Connection: close
            Cache-Control: max-age=14400
            CF-Cache-Status: EXPIRED
            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuw"}],"group":"cf-nel","max_age":604800}
            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
            Server: cloudflare
            CF-RAY: 9021a8159ee6ac72-YYZ
            alt-svc: h3=":443"; ma=86400
            server-timing: cfL4;desc="?proto=TCP&rtt=13822&min_rtt=13820&rtt_var=5186&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1280&delivery_rate=211028&cwnd=32&unsent_bytes=0&cid=b7d2a80948811f56&ts=1211&x=0"
            2025-01-15 00:12:51 UTC322INData Raw: 31 33 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74
            Data Ascii: 13b<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying t
            2025-01-15 00:12:51 UTC5INData Raw: 30 0d 0a 0d 0a
            Data Ascii: 0


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            2192.168.2.54971835.190.80.14433568C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-15 00:12:52 UTC552OUTOPTIONS /report/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuw HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Origin: https://cdn.trytraffics.com
            Access-Control-Request-Method: POST
            Access-Control-Request-Headers: content-type
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-15 00:12:52 UTC336INHTTP/1.1 200 OK
            Content-Length: 0
            access-control-max-age: 86400
            access-control-allow-methods: OPTIONS, POST
            access-control-allow-origin: *
            access-control-allow-headers: content-type, content-length
            date: Wed, 15 Jan 2025 00:12:52 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            3192.168.2.54971935.190.80.14433568C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-01-15 00:12:52 UTC490OUTPOST /report/v4?s=K%2BwpX%2Fjt23fJQIMDcBPW9pE48XS%2F19mHYICrXwKOBr8oG3bl6hd%2BTN6s%2FFNOQTvhkr04WQ2fRoy0erFA%2FoFkACEY1lnOstKMdKKOaPIB14HrVa%2Fje%2BjczqK46MQbSmfYNL4vhkuw HTTP/1.1
            Host: a.nel.cloudflare.com
            Connection: keep-alive
            Content-Length: 535
            Content-Type: application/reports+json
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
            Accept-Encoding: gzip, deflate, br
            Accept-Language: en-US,en;q=0.9
            2025-01-15 00:12:52 UTC535OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 34 39 37 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 74 72 79 74 72 61 66 66 69 63 73 2e 63 6f 6d 2f 72 64 72 2f 59 57 45 39 4d 7a 55 31 4e 54 67 78 4d 44 45 33 4a 6e 4e 6c 61 54 30 7a 4d 44 45 34 4e 6a 51 33 4e 79 5a 30 61 7a 31 4a 61 56 70 4e 56 6a 4a 53 52 44 4e 7a 61 30 46 6c 54 45 52 32 54 54 64 76 52 79 5a 30 50 54 55 6d 59 7a 30 35 4d 47 46 7a 4f 44 63 32 5a 6d 51 34 4f 57 46 7a 4e 57 5a 6e 4f 47 45 77 4f 58 4d 3d 22 2c 22 73 61 6d 70 6c 69 6e 67
            Data Ascii: [{"age":0,"body":{"elapsed_time":497,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=","sampling
            2025-01-15 00:12:53 UTC168INHTTP/1.1 200 OK
            Content-Length: 0
            date: Wed, 15 Jan 2025 00:12:52 GMT
            Via: 1.1 google
            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
            Connection: close


            Click to jump to process

            Click to jump to process

            Click to jump to process

            Target ID:0
            Start time:19:12:39
            Start date:14/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            Target ID:2
            Start time:19:12:41
            Start date:14/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1884,i,7230682522980469484,15994161189670794245,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            Target ID:3
            Start time:19:12:47
            Start date:14/01/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.trytraffics.com/rdr/YWE9MzU1NTgxMDE3JnNlaT0zMDE4NjQ3NyZ0az1JaVpNVjJSRDNza0FlTER2TTdvRyZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM="
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            No disassembly