Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com

Overview

General Information

Sample URL:https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com
Analysis ID:1591857
Infos:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish10
Uses IPFS gateway to access IPFS content in browser (often used in phishing/scams)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL
Stores files to the Windows start menu directory
URL contains potential PII (phishing indication)

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6240 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1972,i,14627563034816558379,1021779677225965790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6616 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_72JoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    1.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
      1.2.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

        Sigma Signatures

        No Sigma rule has matched

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comAvira URL Cloud: detection malicious, Label: phishing

        Phishing

        barindex
        Yara detected HtmlPhish10
        Source: Yara matchFile source: 1.1.pages.csv, type: HTML
        Source: Yara matchFile source: 1.2.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_72, type: DROPPED
        Uses IPFS gateway to access IPFS content in browser (often used in phishing/scams)
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: Gateway: ipfs.io
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: Number of links: 0
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: <input type="password" .../> found but no <form action="...
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: Title: Webmail Portal Login - sealevel.com does not match URL
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comSample URL: PII: support@sealevel.com
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: Iframe src: https://www.sealevel.com
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: Iframe src: https://www.sealevel.com
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: <input type="password" .../> found
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: No <meta name="author".. found
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: No <meta name="author".. found
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: No <meta name="copyright".. found
        Source: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comHTTP Parser: No <meta name="copyright".. found
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
        Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
        Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
        Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
        Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
        Source: unknownTCP traffic detected without corresponding DNS query: 2.22.50.144
        Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
        Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.22
        Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
        Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.22
        Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.22
        Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.22
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q HTTP/1.1Host: ipfs.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.sealevel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /s2/favicons?domain=sealevel.com HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficDNS traffic detected: DNS query: ipfs.io
        Source: global trafficDNS traffic detected: DNS query: www.google.com
        Source: global trafficDNS traffic detected: DNS query: www.sealevel.com
        Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
        Source: global trafficDNS traffic detected: DNS query: webhook.site
        Source: unknownHTTP traffic detected: POST /report/v4?s=uKifXqJezYNpH49yB5qZC0skXdgrT4q61e22v9%2B36M0sbwqeBY%2FxKBTVkbXSTeRi95orid4ZE7ijhYVvhk5rgvzxEdm7Qi%2FW1e2tg9YIzMoAosaQNaoDE4psMTQL9coXulM%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 400Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginxcontent-type: application/jsontransfer-encoding: chunkedcache-control: no-cache, privatedate: Wed, 15 Jan 2025 13:58:27 GMTconnection: close
        Source: chromecache_72.1.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
        Source: chromecache_72.1.drString found in binary or memory: https://alphatrade-options.com/git/rand/favicon.png
        Source: chromecache_72.1.drString found in binary or memory: https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/26-269507_arbys-logo-transpar
        Source: chromecache_72.1.drString found in binary or memory: https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/favicons.png?alt=media&token=
        Source: chromecache_72.1.drString found in binary or memory: https://webhook.site/87f659f6-075d-4e0e-b197-649a09850ad0
        Source: chromecache_72.1.drString found in binary or memory: https://www.google.com/s2/favicons?domain=
        Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
        Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
        Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
        Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
        Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
        Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
        Source: classification engineClassification label: mal60.phis.win@18/22@14/8
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1972,i,14627563034816558379,1021779677225965790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1972,i,14627563034816558379,1021779677225965790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Window RecorderWindow detected: More than 3 window changes detected
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire Infrastructure1
        Drive-by Compromise        		Windows Management Instrumentation1
        Registry Run Keys / Startup Folder        		1
        Process Injection        		1
        Masquerading        		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
        Encrypted Channel        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
        Registry Run Keys / Startup Folder        		1
        Process Injection        		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
        Ingress Tool Transfer        		Traffic DuplicationData Destruction

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com100%Avira URL Cloudphishing

        Dropped Files

        No Antivirus matches

        Unpacked PE Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        SourceDetectionScannerLabelLink
        https://alphatrade-options.com/git/rand/favicon.png0%Avira URL Cloudsafe
        https://www.sealevel.com/0%Avira URL Cloudsafe

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        a.nel.cloudflare.com
        		35.190.80.1
        		truefalse
          		high
          www.google.com
          		142.250.185.100
          		truefalse
            		high
            www.sealevel.com
            		104.21.64.1
            		truefalse
              		unknown
              webhook.site
              		178.63.67.106
              		truefalse
                		high
                ipfs.io
                		209.94.90.1
                		truefalse
                  		high

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.comfalse
                    		high
                    https://webhook.site/87f659f6-075d-4e0e-b197-649a09850ad0false
                      		high
                      https://www.sealevel.com/false
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.google.com/s2/favicons?domain=sealevel.comfalse
                        		high
                        https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5qfalse
                          		high
                          https://a.nel.cloudflare.com/report/v4?s=uKifXqJezYNpH49yB5qZC0skXdgrT4q61e22v9%2B36M0sbwqeBY%2FxKBTVkbXSTeRi95orid4ZE7ijhYVvhk5rgvzxEdm7Qi%2FW1e2tg9YIzMoAosaQNaoDE4psMTQL9coXulM%3Dfalse
                            		high

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://www.google.com/s2/favicons?domain=chromecache_72.1.drfalse
                              		high
                              https://alphatrade-options.com/git/rand/favicon.pngchromecache_72.1.drfalse
                              • Avira URL Cloud: safe
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              104.21.64.1
                              		www.sealevel.comUnited States
                              		13335CLOUDFLARENETUSfalse
                              142.250.185.100
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              35.190.80.1
                              		a.nel.cloudflare.comUnited States
                              		15169GOOGLEUSfalse
                              178.63.67.106
                              		webhook.siteGermany
                              		24940HETZNER-ASDEfalse
                              172.217.16.196
                              		unknownUnited States
                              		15169GOOGLEUSfalse
                              209.94.90.1
                              		ipfs.ioUnited States
                              		40680PROTOCOLUSfalse

                              Private

                              IP
                              192.168.2.16

                              General Information

                              Joe Sandbox version:42.0.0 Malachite
                              Analysis ID:1591857
                              Start date and time:2025-01-15 14:57:10 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 39s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                              Sample URL:https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:13
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal60.phis.win@18/22@14/8
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.186.78, 142.251.168.84, 142.250.181.238, 142.250.181.234, 142.250.186.106, 216.58.212.170, 142.250.186.138, 172.217.23.106, 142.250.184.234, 172.217.16.138, 172.217.16.202, 142.250.185.106, 142.250.184.202, 142.250.185.138, 216.58.206.42, 172.217.18.10, 142.250.186.170, 216.58.206.74, 142.250.185.74, 142.250.186.174, 142.250.186.42, 142.250.185.202, 142.250.185.234, 172.217.18.106, 216.58.212.138, 142.250.186.74, 142.250.185.170, 142.250.185.238, 172.217.23.100, 142.250.185.68, 216.58.206.46, 142.250.74.206, 142.250.185.142, 216.58.212.163, 142.250.186.142, 184.28.90.27, 52.149.20.212
                              • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ajax.googleapis.com, clientservices.googleapis.com, t1.gstatic.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, firebasestorage.googleapis.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • VT rate limit hit for: https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com

                              Simulations

                              Behavior and APIs

                              No simulations

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 12:57:45 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2673
                              Entropy (8bit):3.9698765617602207
                              Encrypted:false
                              SSDEEP:48:8FOdVT9BEHCidAKZdA1FehwiZUklqehuy+3:8qvNFy
                              MD5:BED807EB9801AE8D0E8D5E64AEE4168E
                              SHA1:227BCE049E068178B89BAD0DBE4A95ADF9479EC6
                              SHA-256:80ED2BD994C81335518712FD877FC26B55BEF5E88FC743545387C31701EBE17E
                              SHA-512:F94088B444C8E141A57CC214D74964A41C69C69ECA9294355ACAE1997C4A9B9272E68E5DFC49E147B3289FFAFBDB14E7975ED1CB7E91D556640FCC09F71439DE
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....Cl.tUg..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z7o...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 12:57:45 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2675
                              Entropy (8bit):3.9904541393343913
                              Encrypted:false
                              SSDEEP:48:8wOdVT9BEHCidAKZdA1seh/iZUkAQkqeh1y+2:8dvj9Q8y
                              MD5:58EB6A15741A7226B2A5B26FE9910F52
                              SHA1:413E0C9403E0BBFD0831B3AB045909FE6F0B3E09
                              SHA-256:1F7F058D0F1C143977C861D09612AFB7001C7AF38B09292D80239F686588CEA1
                              SHA-512:5FFA08D48CB9BB0036B7E5CF47460885B6FB6AB18DEF037FD93464C793A4D5352F81363792E576EE42B702EE7D4D114FCA2C926F4A60AD0006CDF0044D599173
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....R..tUg..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z7o...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2689
                              Entropy (8bit):4.002427052266544
                              Encrypted:false
                              SSDEEP:48:85OdVT9BAHCidAKZdA14meh7sFiZUkmgqeh7sLy+BX:8uvjnZy
                              MD5:2EC5AADD9D81850B1F231748F68DC8BB
                              SHA1:556C410D83012753552BF1391F695867C2DCC0B9
                              SHA-256:19796775906778501790053C27D7664CB5D66A9700B973046B37E932F4EE58E0
                              SHA-512:FA456E114203092B2BA012AACCE17B8D6BFE5A3F07A8E488C64FA68E38C58709751DA921AAD37B1EC4D6A8EDCB45635177F71698AA878530FF77E56741CB9BC2
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 12:57:45 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.9828196215838867
                              Encrypted:false
                              SSDEEP:48:8vOdVT9BEHCidAKZdA1TehDiZUkwqehBy+R:8MvQTy
                              MD5:88E05A1E3FB8403EEFC8F3612F04F044
                              SHA1:9372D41A8B639A8BA83B78844202CCA8E51D61AC
                              SHA-256:5D86E6BC6AAE27BC1A5854CB5E2C1E1B7C0C78C8637AF6A689DFDB7DF8F7371C
                              SHA-512:52BA26E2DAFA7EA07F711179806F723C843A448962DFB454F24775527E7D4FED84BF4DFDFD572816F02766879AEFCCCDC3F082B691C50B120AB8F5487E1C5322
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....+L.tUg..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z7o...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 12:57:45 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.974524159406328
                              Encrypted:false
                              SSDEEP:48:8WYOdVT9BEHCidAKZdA1dehBiZUk1W1qehPy+C:8Evw9vy
                              MD5:40D5CFEB9C9057CD077FD9E3E67521B5
                              SHA1:EEC3A9FFACB9EAD3B3CDD039CD2AE26EBFD7088B
                              SHA-256:BECD701829155AD75BA221C89AFB3E0E1D3A3BEEB2842B224210DB78CEF2CADB
                              SHA-512:8C02D4EF73FA0B4A084EE97531CB506F8C9D8076B6C5A8E5C0E36D909AB7979C5295396EA3853B83619A7E0D07FD081E614B13DFA07558087A3F5D5C6246D165
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....mg.tUg..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z7o...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 12:57:45 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2679
                              Entropy (8bit):3.9851800188696194
                              Encrypted:false
                              SSDEEP:48:8nOdVT9BEHCidAKZdA1duTeehOuTbbiZUk5OjqehOuTbZy+yT+:8EviTfTbxWOvTbZy7T
                              MD5:852DD81336B6B3586D13530A3AB0B632
                              SHA1:E68433C25E9430466C99912E3DD871F531AB083D
                              SHA-256:F98FA2BFF9FDC46BCBD733DED40507AF73809D6B564C0F2D89173CE8E808A540
                              SHA-512:5ECE0A8E3DE6BB51502E9B3981C40B0A92DE40007E977431F57143AEEE08DFE1CF394E5FF90218DF95E354320FD378A84F3CE080B5184FAFE2E3A7070F69F65F
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....E..sUg..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I/Z,o....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z6o....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z6o....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z6o..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z7o...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........IuJo.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              Chrome Cache Entry: 64

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):32
                              Entropy (8bit):4.413909765557392
                              Encrypted:false
                              SSDEEP:3:2T5CZZ8mek:0CZZ8m7
                              MD5:A5ED4BAF1E3EA02E3E8303106EBB791A
                              SHA1:C583088EC025B992C59C4AA4B9543B38B3EB1FF5
                              SHA-256:1403C7DC4D943C3C944027680B720C798AF62BF7B6D36B6CC2FD0C5F8E9EFC41
                              SHA-512:D2072CD2BB901223A3B34AD98668CA6B2143286A56450B90C2984FF07AB446783AD72FEC3E5296CA773E5DC84A6240EA667C880C5D4B22A2AFF55C454619D5D1
                              Malicious:false
                              Reputation:low
                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwnafXqpG7OCbBIFDbq_44ASBQ1MSZGY?alt=proto
                              Preview:ChYKCw26v+OAGgQIVhgCCgcNTEmRmBoA

                              Chrome Cache Entry: 65

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 860 x 460, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):56109
                              Entropy (8bit):7.973537367126651
                              Encrypted:false
                              SSDEEP:768:K2IH1Jqp3G6W3cZZq0PtaJg01kv+HnSKDS+Mj4wjRHQV2w/BCnhdKGNqvzgkH0O1:ArqpXH3RlCgLFjj4mRHs2w0n6IstzQq
                              MD5:CE793AC1E75B3F60908CC6E3D63379E5
                              SHA1:3BF1BAD607D899BB91DECB1BB0B32A0D82C233A8
                              SHA-256:42171D76548498998DA88F032ABA50A028B9481FD7004A9A3B5D3B8D98FE48A2
                              SHA-512:025C6474A68618D59ABD019B1821C5ACBDA6958FF7FC9D97DBBECA02C0BCBE2C5329603AE61EC89B00DBA1F09525F76D04B54BC6D9B5B8D230609282E78CC1FC
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...\.................IDATx....T..........vE....(*..."..{..z.M.J...^ ..T. $@..........L..g.=s.p}<G!..u].i....#!..B.!..b>..@.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B4.U./.%.M.*M.G..x..!..B.".....Z).C..$..H...<^..B..p.B....B.!..E..p.B.!.P..!....!..B(\..B."..B..p.B(\..B.!..B....E.!....!.P..!..B(\....!..B.....Trrrd.M2w.&....q..l.[..U...J.!....!....$...w....d....y.U..B.!..E.!u....o..k.7..5kx..!..B."....!..B....B."..B..p.B(\..B.!.P..!..E.!..B.".P..!..B(\.......B.!..BH......W\...QQ.s....{.7..k.UQ.$.@U...!..B(\..gSYY)K.,i62.....+.....>w.Jy...&...D..\..!..B....B.p.B.!.P..!..B.!....!..E."..B....B.p.B.!.P..!..B.!....!..E."..B....B.p.B.!.P

                              Chrome Cache Entry: 66

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):274
                              Entropy (8bit):6.732985317875807
                              Encrypted:false
                              SSDEEP:6:6v/lhPfah08/kKvMIoRNqe6zProGR9nsA+/VUftMNCv8j24VwK/DgJA/8Wgp:6v/76rv2NaDzrsPVUmCqEU5EWq
                              MD5:21A42A57BC0B13BBAE707196837C5EC3
                              SHA1:F58514B1CDB45B009548BA5C504A4AB536D348A0
                              SHA-256:663FBBB2E70A843DA32D00D5EC403BD87B280351958BC537C09B84B31BC391C6
                              SHA-512:1D815C66C6B03CA81139848343B0241837F3D54EF3B91797F260DC97CA2D907C1D34162E8E8B4A0893C5E13F5AABFA14C11B03C8D512A8C75F06525F40825AED
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.............(-.S...iPLTE...sss.....\.................................i.......<w...lll........n L.}..3V...Z......t..Xs..5s...].U[...dIDAT....Y.. .C. ..(....).....I_f....T*..y..TZ.amr..(.....=...?...../../.....m?..rr.Y.......,......w.H%....IEND.B`.

                              Chrome Cache Entry: 67

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):274
                              Entropy (8bit):6.732985317875807
                              Encrypted:false
                              SSDEEP:6:6v/lhPfah08/kKvMIoRNqe6zProGR9nsA+/VUftMNCv8j24VwK/DgJA/8Wgp:6v/76rv2NaDzrsPVUmCqEU5EWq
                              MD5:21A42A57BC0B13BBAE707196837C5EC3
                              SHA1:F58514B1CDB45B009548BA5C504A4AB536D348A0
                              SHA-256:663FBBB2E70A843DA32D00D5EC403BD87B280351958BC537C09B84B31BC391C6
                              SHA-512:1D815C66C6B03CA81139848343B0241837F3D54EF3B91797F260DC97CA2D907C1D34162E8E8B4A0893C5E13F5AABFA14C11B03C8D512A8C75F06525F40825AED
                              Malicious:false
                              Reputation:low
                              URL:"https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sealevel.com&size=16"
                              Preview:.PNG........IHDR.............(-.S...iPLTE...sss.....\.................................i.......<w...lll........n L.}..3V...Z......t..Xs..5s...].U[...dIDAT....Y.. .C. ..(....).....I_f....T*..y..TZ.amr..(.....=...?...../../.....m?..rr.Y.......,......w.H%....IEND.B`.

                              Chrome Cache Entry: 68

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):492
                              Entropy (8bit):7.443140866786406
                              Encrypted:false
                              SSDEEP:12:6v/7w9xBoc7dfbmXwR54uPABdsBCRGE03H76f79ysL5w:t9/1dfbV5pIssN03H7kpyW5w
                              MD5:3CA64F83FDCF25135D87E08AF65E68C9
                              SHA1:B82D0979D555BD137B33C15021129E06CBEEA59A
                              SHA-256:2E30FF33270FD8687B0EB4D12652BFD967F23975F158BF8DA93BECE2BA4AB947
                              SHA-512:7675A8C4E6146E62DDA019340EF95E477AA3D14364B5A773114EA1110C38233F5D8D9B08F6C83BF7664B33695AAC7254B25D727A15EA6A9DED2EC9D1EA07DC0E
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR................a....IDATx.b...?E........;C..i[PI....>......(.1.c..b...d..m.m';]...W{...S......+..'.}..X........~...N..1...E...S1E..O.PX\..C...o]<.........[.T..d.Rm..u.n.....<........:...#.P..c.*2....g.....!...>v.:...#...J..d.xx."..x._=....k...!.!!;@.....+.{`..+.....gk.....@N..-@.X.q......K...'..@@)...........&.w.......%..<&.N.._x.G`c..F%L.eC.80H`L...#Z..F....e.......L.H...L.&a..5.0..V4N..m..........$.......(..b{....8a.L.a.BM....0.....IEND.B`.

                              Chrome Cache Entry: 69

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 860 x 460, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):56109
                              Entropy (8bit):7.973537367126651
                              Encrypted:false
                              SSDEEP:768:K2IH1Jqp3G6W3cZZq0PtaJg01kv+HnSKDS+Mj4wjRHQV2w/BCnhdKGNqvzgkH0O1:ArqpXH3RlCgLFjj4mRHs2w0n6IstzQq
                              MD5:CE793AC1E75B3F60908CC6E3D63379E5
                              SHA1:3BF1BAD607D899BB91DECB1BB0B32A0D82C233A8
                              SHA-256:42171D76548498998DA88F032ABA50A028B9481FD7004A9A3B5D3B8D98FE48A2
                              SHA-512:025C6474A68618D59ABD019B1821C5ACBDA6958FF7FC9D97DBBECA02C0BCBE2C5329603AE61EC89B00DBA1F09525F76D04B54BC6D9B5B8D230609282E78CC1FC
                              Malicious:false
                              Reputation:low
                              URL:https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png?alt=media&token=270a0942-12e5-423b-8855-04615084dca8
                              Preview:.PNG........IHDR...\.................IDATx....T..........vE....(*..."..{..z.M.J...^ ..T. $@..........L..g.=s.p}<G!..u].i....#!..B.!..b>..@.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B.!..B....B.!..B(\..B.!..B(\..B.!..B."..B.!....!..B.!....!..B.!.P..!..B.!..E.!..B.!..E.!..B.!..B.!..B..p.B.!..B..p.B4.U./.%.M.*M.G..x..!..B.".....Z).C..$..H...<^..B..p.B....B.!..E..p.B.!.P..!....!..B(\..B."..B..p.B(\..B.!..B....E.!....!.P..!..B(\....!..B.....Trrrd.M2w.&....q..l.[..U...J.!....!....$...w....d....y.U..B.!..E.!u....o..k.7..5kx..!..B."....!..B....B."..B..p.B(\..B.!.P..!..E.!..B.".P..!..B(\.......B.!..BH......W\...QQ.s....{.7..k.UQ.$.@U...!..B(\..gSYY)K.,i62.....+.....>w.Jy...&...D..\..!..B....B.p.B.!.P..!..B.!....!..E."..B....B.p.B.!.P..!..B.!....!..E."..B....B.p.B.!.P

                              Chrome Cache Entry: 70

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):492
                              Entropy (8bit):7.443140866786406
                              Encrypted:false
                              SSDEEP:12:6v/7w9xBoc7dfbmXwR54uPABdsBCRGE03H76f79ysL5w:t9/1dfbV5pIssN03H7kpyW5w
                              MD5:3CA64F83FDCF25135D87E08AF65E68C9
                              SHA1:B82D0979D555BD137B33C15021129E06CBEEA59A
                              SHA-256:2E30FF33270FD8687B0EB4D12652BFD967F23975F158BF8DA93BECE2BA4AB947
                              SHA-512:7675A8C4E6146E62DDA019340EF95E477AA3D14364B5A773114EA1110C38233F5D8D9B08F6C83BF7664B33695AAC7254B25D727A15EA6A9DED2EC9D1EA07DC0E
                              Malicious:false
                              Reputation:low
                              URL:https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/favicons.png?alt=media&token=805fb0ef-a2d9-4a7f-85e6-d68384e166e3
                              Preview:.PNG........IHDR................a....IDATx.b...?E........;C..i[PI....>......(.1.c..b...d..m.m';]...W{...S......+..'.}..X........~...N..1...E...S1E..O.PX\..C...o]<.........[.T..d.Rm..u.n.....<........:...#.P..c.*2....g.....!...>v.:...#...J..d.xx."..x._=....k...!.!!;@.....+.{`..+.....gk.....@N..-@.X.q......K...'..@@)...........&.w.......%..<&.N.._x.G`c..F%L.eC.80H`L...#Z..F....e.......L.H...L.&a..5.0..V4N..m..........$.......(..b{....8a.L.a.BM....0.....IEND.B`.

                              Chrome Cache Entry: 71

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65447)
                              Category:dropped
                              Size (bytes):89501
                              Entropy (8bit):5.289893677458563
                              Encrypted:false
                              SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
                              MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                              SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                              SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                              SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                              Malicious:false
                              Reputation:low
                              Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                              Chrome Cache Entry: 72

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1705), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):55407
                              Entropy (8bit):5.481899219948928
                              Encrypted:false
                              SSDEEP:384:/VfMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDnMXDn9:/jJBaA6
                              MD5:D0EB7045E8185F39786D730EC4797FA9
                              SHA1:8C990E122CE9AE5ACAB54FF2E85C5F7D38B2F42B
                              SHA-256:65787486D5A9E23FE92B12EC8AC56CF8105573C2980FC7EA1DA15CB66B1780EC
                              SHA-512:4C43EA7804C29A4585BAADC286AD4378D16CFB55FB526F6A75D305A53BA789FC9BBC66A8C0A88F463A6A962AC356337A914C88CCD43E7550073F2C6884CC3331
                              Malicious:false
                              Reputation:low
                              URL:https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q
                              Preview:.<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">..<html>..<head>.. lJfw87er........,Shop in bo..Hi Yin..E-mail......Explore your weekly savings..Warm up with great deals on your faves.....Shop deals ..Discover today's top deals..See all..Image of Dyson V11. Advanced Stick.....Dyson V11. Advanced Stick.....AU $788.00....AU $1,199.00 . AU $411.00 OFF....Direct from Dyson Direct from Dyson....Image of AZDOME 4K Dash Cam UHD.....AZDOME 4K Dash Cam UHD.....AU $55.99....AU $71.99 . 22% OFF....Image of Perfect Choice Red Mixed Wines.....Perfect Choice Red Mixed Wines.....AU $65.00....AU $230.00 . AU $165.00 OFF....Image of EVERAU. Women Men Slippers.....EVERAU. Women Men Slippers.....AU $54.00....AU $99.95 . 46% OFF....Image of ALFORDSON Greenhouse Aluminium.....ALFORDSON Greenhouse Aluminium.....AU $199.95....AU $1,199.75 . AU $999.80 OFF....Image of BLACK LORD Kettlebell Set 20kg.....BLACK LORD Kettlebell Set 20kg...

                              Chrome Cache Entry: 73

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65447)
                              Category:downloaded
                              Size (bytes):89501
                              Entropy (8bit):5.289893677458563
                              Encrypted:false
                              SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
                              MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                              SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                              SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                              SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                              Malicious:false
                              Reputation:low
                              URL:https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
                              Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Jan 15, 2025 14:57:42.629472017 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:42.932024002 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:43.538969994 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:44.427371979 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.427405119 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.427455902 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.427917957 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.428020954 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.428024054 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.428033113 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.428102016 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.428299904 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.428344011 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.742072105 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:44.893742085 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.893748999 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.894033909 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.894057035 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.894248962 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.894320011 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.895728111 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.895797968 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.895848989 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.895921946 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.896925926 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.897011042 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.897083044 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.897089005 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.897165060 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.897254944 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.947994947 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.948121071 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:44.948189020 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:44.996021032 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.058799982 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.058845997 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.058877945 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.058906078 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.058939934 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.058953047 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.058981895 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.058995008 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.059046984 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.059052944 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.059461117 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.059487104 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.059521914 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.059528112 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.059585094 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.063472033 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.063517094 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.063582897 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.063589096 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.107019901 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.145482063 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.145529032 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.145553112 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.145582914 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.145617962 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.145643950 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.145657063 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.145998001 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146048069 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146054029 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.146060944 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146097898 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.146104097 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146644115 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146680117 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146713972 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146750927 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146795988 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146820068 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.146827936 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.146852016 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.147567987 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.147602081 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.147638083 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.147659063 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.147665024 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.147686958 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.147696972 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.147742987 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.147748947 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.148483992 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.148533106 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.148534060 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.148542881 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.148590088 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.232652903 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.232887983 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.232923985 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.232959032 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.232986927 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.233021975 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.233042002 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.233381987 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.233428955 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.237543106 CET49708443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:45.237564087 CET44349708209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:45.274044037 CET4968980192.168.2.16192.229.211.108
                              Jan 15, 2025 14:57:47.148055077 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:48.028635979 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.028681040 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.028768063 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.029112101 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.029131889 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.066917896 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.066982031 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.067074060 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.067555904 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.067590952 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.289706945 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.289752007 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:48.289861917 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.290098906 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.290118933 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:48.554013968 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.554335117 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.554404020 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.555913925 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.555995941 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.557080030 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.557183027 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.557262897 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.557280064 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:48.612993956 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:48.666991949 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.667284966 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.667299986 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.668179989 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.668241978 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.669656038 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.669725895 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.670088053 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.670099020 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.722978115 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.941452980 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.941652060 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.941714048 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.942162991 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.942183971 CET44349720142.250.185.100192.168.2.16
                              Jan 15, 2025 14:57:48.942193031 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.942239046 CET49720443192.168.2.16142.250.185.100
                              Jan 15, 2025 14:57:48.952857018 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:48.953126907 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.953140020 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:48.954152107 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:48.954212904 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.954530001 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:48.954607964 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:49.008981943 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:49.008997917 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:49.056994915 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:49.111248016 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111500025 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111566067 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.111591101 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111676931 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111721039 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.111732006 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111829042 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111876011 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.111885071 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.111975908 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.112021923 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.112030029 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.115827084 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.115888119 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.115900993 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.115986109 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.116030931 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.116039991 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.127118111 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.127269983 CET44349721104.21.64.1192.168.2.16
                              Jan 15, 2025 14:57:49.127337933 CET49721443192.168.2.16104.21.64.1
                              Jan 15, 2025 14:57:49.136560917 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.136595011 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.136667967 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.136914015 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.136928082 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.630136967 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.630347967 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.630357981 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.631589890 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.631666899 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.632564068 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.632630110 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.632715940 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.679008007 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.679016113 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.724986076 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.759506941 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.759573936 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.759629011 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.759803057 CET49725443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.759816885 CET4434972535.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.760953903 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.761002064 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:49.761198997 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.761430979 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:49.761444092 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.236922979 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.237381935 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.237406015 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.237906933 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.239176035 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.239290953 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.240895987 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.283370972 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.368539095 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.368737936 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.368818998 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.368983984 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.369009972 CET4434972635.190.80.1192.168.2.16
                              Jan 15, 2025 14:57:50.369024038 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.369066954 CET49726443192.168.2.1635.190.80.1
                              Jan 15, 2025 14:57:50.794486046 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:57:51.098030090 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:57:51.700416088 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:57:51.955005884 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:57:52.905354023 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:57:55.263354063 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:57:55.311050892 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:57:55.566080093 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:57:56.173055887 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:57:57.387171984 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:57:58.860161066 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:58.860311985 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:58.860512972 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:59.699614048 CET49722443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:57:59.699692011 CET44349722172.217.16.196192.168.2.16
                              Jan 15, 2025 14:57:59.793530941 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:59.793608904 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:57:59.793791056 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:57:59.794135094 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:58:00.126051903 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:58:01.453780890 CET49709443192.168.2.16209.94.90.1
                              Jan 15, 2025 14:58:01.453856945 CET44349709209.94.90.1192.168.2.16
                              Jan 15, 2025 14:58:01.564081907 CET49673443192.168.2.16204.79.197.203
                              Jan 15, 2025 14:58:04.594141006 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:58:09.727271080 CET49678443192.168.2.1620.189.173.10
                              Jan 15, 2025 14:58:14.201158047 CET4968080192.168.2.16192.229.211.108
                              Jan 15, 2025 14:58:26.331120968 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:26.331192017 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:26.331301928 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:26.331480980 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:26.331505060 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.013196945 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.013655901 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.013719082 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.015883923 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.016005039 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.017190933 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.017311096 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.017380953 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.059406042 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.066453934 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.066514015 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.114209890 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.312446117 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.312529087 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:27.312633991 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.313168049 CET49730443192.168.2.16178.63.67.106
                              Jan 15, 2025 14:58:27.313208103 CET44349730178.63.67.106192.168.2.16
                              Jan 15, 2025 14:58:30.704426050 CET4969880192.168.2.162.22.50.144
                              Jan 15, 2025 14:58:30.704607010 CET4969980192.168.2.162.22.50.144
                              Jan 15, 2025 14:58:30.709533930 CET80496982.22.50.144192.168.2.16
                              Jan 15, 2025 14:58:30.709619045 CET4969880192.168.2.162.22.50.144
                              Jan 15, 2025 14:58:30.709947109 CET80496992.22.50.144192.168.2.16
                              Jan 15, 2025 14:58:30.710002899 CET4969980192.168.2.162.22.50.144
                              Jan 15, 2025 14:58:48.340646029 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:48.340722084 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:48.340817928 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:48.341087103 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:48.341109037 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:49.009887934 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:49.010410070 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:49.010456085 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:49.011599064 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:49.012000084 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:49.012186050 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:49.056422949 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:58.890100002 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:58.890280008 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:58:58.890360117 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:59.712307930 CET49733443192.168.2.16172.217.16.196
                              Jan 15, 2025 14:58:59.712390900 CET44349733172.217.16.196192.168.2.16
                              Jan 15, 2025 14:59:21.100697041 CET4970180192.168.2.162.23.77.188
                              Jan 15, 2025 14:59:21.100698948 CET49700443192.168.2.1620.190.160.22
                              Jan 15, 2025 14:59:21.105895042 CET80497012.23.77.188192.168.2.16
                              Jan 15, 2025 14:59:21.105986118 CET4970180192.168.2.162.23.77.188
                              Jan 15, 2025 14:59:21.106411934 CET4434970020.190.160.22192.168.2.16
                              Jan 15, 2025 14:59:21.106461048 CET49700443192.168.2.1620.190.160.22
                              Jan 15, 2025 14:59:23.450917959 CET49702443192.168.2.1620.190.160.22
                              Jan 15, 2025 14:59:23.456094980 CET4434970220.190.160.22192.168.2.16
                              Jan 15, 2025 14:59:23.456211090 CET49702443192.168.2.1620.190.160.22
                              Jan 15, 2025 14:59:48.411153078 CET49735443192.168.2.16142.250.185.196
                              Jan 15, 2025 14:59:48.411181927 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:48.411318064 CET49735443192.168.2.16142.250.185.196
                              Jan 15, 2025 14:59:48.411598921 CET49735443192.168.2.16142.250.185.196
                              Jan 15, 2025 14:59:48.411613941 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:49.067292929 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:49.067981958 CET49735443192.168.2.16142.250.185.196
                              Jan 15, 2025 14:59:49.067996979 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:49.068455935 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:49.068923950 CET49735443192.168.2.16142.250.185.196
                              Jan 15, 2025 14:59:49.069010973 CET44349735142.250.185.196192.168.2.16
                              Jan 15, 2025 14:59:49.116672039 CET49735443192.168.2.16142.250.185.196

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Jan 15, 2025 14:57:43.455904007 CET53563641.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:43.505564928 CET53533871.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:44.418514967 CET6408253192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:44.419014931 CET6387053192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:44.425057888 CET53640821.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:44.426829100 CET53638701.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:44.533152103 CET53543911.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:45.173799038 CET53553041.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:45.262469053 CET53595751.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:46.325562954 CET53560801.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:46.397471905 CET53560211.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:46.671319008 CET53521071.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.020912886 CET5405453192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.021136999 CET5286753192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.021785021 CET5879453192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.022075891 CET5884053192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.027671099 CET53528671.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.027884960 CET53540541.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.055109978 CET53587941.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.185657978 CET53588401.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.280703068 CET6017953192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.280915976 CET6039453192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:48.288597107 CET53603941.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.288614988 CET53601791.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:48.951143980 CET53608511.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:49.128684998 CET5194353192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:49.128892899 CET5601153192.168.2.161.1.1.1
                              Jan 15, 2025 14:57:49.135535955 CET53519431.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:49.136188030 CET53560111.1.1.1192.168.2.16
                              Jan 15, 2025 14:57:49.906971931 CET53609761.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:01.461950064 CET53544571.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:20.512196064 CET53594331.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:26.321968079 CET6473253192.168.2.161.1.1.1
                              Jan 15, 2025 14:58:26.322180986 CET4982653192.168.2.161.1.1.1
                              Jan 15, 2025 14:58:26.329401970 CET53647321.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:26.330595970 CET53498261.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:43.243693113 CET53516221.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:43.453785896 CET53572241.1.1.1192.168.2.16
                              Jan 15, 2025 14:58:46.959796906 CET138138192.168.2.16192.168.2.255
                              Jan 15, 2025 14:59:13.568681955 CET53583011.1.1.1192.168.2.16
                              Jan 15, 2025 14:59:48.403007030 CET6276853192.168.2.161.1.1.1
                              Jan 15, 2025 14:59:48.403158903 CET5515253192.168.2.161.1.1.1
                              Jan 15, 2025 14:59:48.409857988 CET53551521.1.1.1192.168.2.16
                              Jan 15, 2025 14:59:48.410310030 CET53627681.1.1.1192.168.2.16

                              ICMP Packets

                              TimestampSource IPDest IPChecksumCodeType
                              Jan 15, 2025 14:57:48.185810089 CET192.168.2.161.1.1.1c2ea(Port unreachable)Destination Unreachable

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Jan 15, 2025 14:57:44.418514967 CET192.168.2.161.1.1.10xfcaStandard query (0)ipfs.ioA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:44.419014931 CET192.168.2.161.1.1.10x4867Standard query (0)ipfs.io65IN (0x0001)false
                              Jan 15, 2025 14:57:48.020912886 CET192.168.2.161.1.1.10xb5afStandard query (0)www.google.comA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.021136999 CET192.168.2.161.1.1.10x2f48Standard query (0)www.google.com65IN (0x0001)false
                              Jan 15, 2025 14:57:48.021785021 CET192.168.2.161.1.1.10xda64Standard query (0)www.sealevel.comA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.022075891 CET192.168.2.161.1.1.10xbc62Standard query (0)www.sealevel.com65IN (0x0001)false
                              Jan 15, 2025 14:57:48.280703068 CET192.168.2.161.1.1.10xb730Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.280915976 CET192.168.2.161.1.1.10x399bStandard query (0)www.google.com65IN (0x0001)false
                              Jan 15, 2025 14:57:49.128684998 CET192.168.2.161.1.1.10x75aStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:49.128892899 CET192.168.2.161.1.1.10x5693Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                              Jan 15, 2025 14:58:26.321968079 CET192.168.2.161.1.1.10x3e49Standard query (0)webhook.siteA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:58:26.322180986 CET192.168.2.161.1.1.10x29adStandard query (0)webhook.site65IN (0x0001)false
                              Jan 15, 2025 14:59:48.403007030 CET192.168.2.161.1.1.10xf840Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Jan 15, 2025 14:59:48.403158903 CET192.168.2.161.1.1.10xd147Standard query (0)www.google.com65IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Jan 15, 2025 14:57:44.425057888 CET1.1.1.1192.168.2.160xfcaNo error (0)ipfs.io209.94.90.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:44.426829100 CET1.1.1.1192.168.2.160x4867No error (0)ipfs.io65IN (0x0001)false
                              Jan 15, 2025 14:57:48.027671099 CET1.1.1.1192.168.2.160x2f48No error (0)www.google.com65IN (0x0001)false
                              Jan 15, 2025 14:57:48.027884960 CET1.1.1.1192.168.2.160xb5afNo error (0)www.google.com142.250.185.100A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.64.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.48.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.96.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.16.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.80.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.32.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.055109978 CET1.1.1.1192.168.2.160xda64No error (0)www.sealevel.com104.21.112.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:48.185657978 CET1.1.1.1192.168.2.160xbc62No error (0)www.sealevel.com65IN (0x0001)false
                              Jan 15, 2025 14:57:48.288597107 CET1.1.1.1192.168.2.160x399bNo error (0)www.google.com65IN (0x0001)false
                              Jan 15, 2025 14:57:48.288614988 CET1.1.1.1192.168.2.160xb730No error (0)www.google.com172.217.16.196A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:57:49.135535955 CET1.1.1.1192.168.2.160x75aNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:58:26.329401970 CET1.1.1.1192.168.2.160x3e49No error (0)webhook.site178.63.67.106A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:58:26.329401970 CET1.1.1.1192.168.2.160x3e49No error (0)webhook.site178.63.67.153A (IP address)IN (0x0001)false
                              Jan 15, 2025 14:59:48.409857988 CET1.1.1.1192.168.2.160xd147No error (0)www.google.com65IN (0x0001)false
                              Jan 15, 2025 14:59:48.410310030 CET1.1.1.1192.168.2.160xf840No error (0)www.google.com142.250.185.196A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • ipfs.io
                              • https:
                                • www.sealevel.com
                                • www.google.com
                                • webhook.site
                              • a.nel.cloudflare.com

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.1649708209.94.90.14436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:57:44 UTC714OUTGET /ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q HTTP/1.1
                              Host: ipfs.io
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:57:45 UTC1069INHTTP/1.1 200 OK
                              Date: Wed, 15 Jan 2025 13:57:45 GMT
                              Content-Type: text/html
                              Transfer-Encoding: chunked
                              Connection: close
                              access-control-allow-headers: Content-Type
                              access-control-allow-headers: Range
                              access-control-allow-headers: User-Agent
                              access-control-allow-headers: X-Requested-With
                              access-control-allow-methods: GET
                              access-control-allow-methods: HEAD
                              access-control-allow-methods: OPTIONS
                              access-control-allow-origin: *
                              access-control-expose-headers: Content-Length
                              access-control-expose-headers: Content-Range
                              access-control-expose-headers: X-Chunked-Output
                              access-control-expose-headers: X-Ipfs-Path
                              access-control-expose-headers: X-Ipfs-Roots
                              access-control-expose-headers: X-Stream-Output
                              Cache-Control: public, max-age=29030400, immutable
                              x-ipfs-path: /ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q
                              x-ipfs-roots: bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q
                              x-ipfs-pop: rainbow-ny5-04
                              CF-Cache-Status: HIT
                              Age: 18542
                              Server: cloudflare
                              CF-RAY: 9026606c3f5941d5-EWR
                              alt-svc: h3=":443"; ma=86400
                              2025-01-15 13:57:45 UTC300INData Raw: 37 62 38 34 0d 0a ef bb bf 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 21 2d 2d 6c 4a 66 77 38 37 65 72 e6 95 ac e7 9a 84 e5 90 84 e8 a1 8c e6 a5 ad e4 be 9b e6 87 89 e5 95 86 2c 53 68 6f 70 20 69 6e 20 62 6f 0d 0a 48 69 20 59 69 6e 0d 0a 45 2d 6d 61 69 6c 0d 0a 0d 0a 0d 0a 45 78 70 6c 6f 72 65 20 79 6f 75 72 20 77 65 65 6b 6c 79 20 73 61 76 69 6e 67 73 0d 0a 57 61 72 6d 20 75 70 20 77 69 74 68 20 67 72 65 61 74 20 64 65 61 6c 73 20 6f 6e 20 79 6f 75 72 20 66 61 76 65 73 2e 0d
                              Data Ascii: 7b84<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head>...lJfw87er,Shop in boHi YinE-mailExplore your weekly savingsWarm up with great deals on your faves.
                              2025-01-15 13:57:45 UTC1369INData Raw: 65 65 20 61 6c 6c 0d 0a 49 6d 61 67 65 20 6f 66 20 44 79 73 6f 6e 20 56 31 31 e2 84 a2 20 41 64 76 61 6e 63 65 64 20 53 74 69 63 6b 2e 2e 2e 0d 0a 44 79 73 6f 6e 20 56 31 31 e2 84 a2 20 41 64 76 61 6e 63 65 64 20 53 74 69 63 6b 2e 2e 2e 0d 0a 41 55 20 24 37 38 38 2e 30 30 0d 0a 0d 0a 41 55 20 24 31 2c 31 39 39 2e 30 30 20 c2 b7 20 41 55 20 24 34 31 31 2e 30 30 20 4f 46 46 0d 0a 0d 0a 44 69 72 65 63 74 20 66 72 6f 6d 20 44 79 73 6f 6e 20 44 69 72 65 63 74 20 66 72 6f 6d 20 44 79 73 6f 6e 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 41 5a 44 4f 4d 45 20 34 4b 20 44 61 73 68 20 43 61 6d 20 55 48 44 2e 2e 2e 0d 0a 41 5a 44 4f 4d 45 20 34 4b 20 44 61 73 68 20 43 61 6d 20 55 48 44 2e 2e 2e 0d 0a 41 55 20 24 35 35 2e 39 39 0d 0a 0d 0a 41 55 20 24 37 31 2e 39 39 20 c2
                              Data Ascii: ee allImage of Dyson V11 Advanced Stick...Dyson V11 Advanced Stick...AU $788.00AU $1,199.00 AU $411.00 OFFDirect from Dyson Direct from DysonImage of AZDOME 4K Dash Cam UHD...AZDOME 4K Dash Cam UHD...AU $55.99AU $71.99
                              2025-01-15 13:57:45 UTC1369INData Raw: 20 4f 70 65 6e 2d 62 61 63 6b 2e 2e 2e 0d 0a 41 55 20 24 31 39 39 2e 30 30 0d 0a 0d 0a 41 55 20 24 33 39 39 2e 39 35 20 c2 b7 20 41 55 20 24 32 30 30 2e 39 35 20 4f 46 46 0d 0a 0d 0a 44 69 72 65 63 74 20 66 72 6f 6d 20 53 65 6e 6e 68 65 69 73 65 72 20 44 69 72 65 63 74 20 66 72 6f 6d 20 53 65 6e 6e 68 65 69 73 65 72 0d 0a 0d 0a 45 78 70 6c 6f 72 65 20 67 72 65 61 74 20 6f 66 66 65 72 73 20 66 72 6f 6d 20 74 6f 70 20 62 72 61 6e 64 73 0d 0a 48 6f 74 20 73 61 76 69 6e 67 73 20 61 63 72 6f 73 73 20 61 20 68 75 67 65 20 72 61 6e 67 65 20 6f 6e 20 70 72 6f 64 75 63 74 73 20 79 6f 75 20 6c 6f 76 65 2e 0d 0a 0d 0a 53 68 6f 70 20 6e 6f 77 20 0d 0a 53 61 6c 65 73 20 26 20 65 76 65 6e 74 73 0d 0a 65 42 61 79 20 4c 6f 67 6f 09 20 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii: Open-back...AU $199.00AU $399.95 AU $200.95 OFFDirect from Sennheiser Direct from SennheiserExplore great offers from top brandsHot savings across a huge range on products you love.Shop now Sales & eventseBay Logo
                              2025-01-15 13:57:45 UTC1369INData Raw: 20 41 55 20 24 34 33 39 2e 38 30 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 41 4c 46 4f 52 44 53 4f 4e 20 41 64 69 72 6f 6e 64 61 63 6b 20 43 68 61 69 72 2e 2e 2e 0d 0a 41 4c 46 4f 52 44 53 4f 4e 20 41 64 69 72 6f 6e 64 61 63 6b 20 43 68 61 69 72 2e 2e 2e 0d 0a 41 55 20 24 31 31 39 2e 39 35 0d 0a 0d 0a 41 55 20 24 39 35 39 2e 39 35 20 c2 b7 20 41 55 20 24 38 34 30 2e 30 30 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 4f 69 6b 69 74 75 72 65 20 4b 69 74 63 68 65 6e 20 49 73 6c 61 6e 64 2e 2e 2e 0d 0a 4f 69 6b 69 74 75 72 65 20 4b 69 74 63 68 65 6e 20 49 73 6c 61 6e 64 2e 2e 2e 0d 0a 41 55 20 24 31 37 30 2e 30 30 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 42 65 64 72 61 20 45 6c 65 63 74 72 69 63 20 42 6c 61 6e 6b 65 74 20 46 75 6c 6c 79 2e 2e 2e
                              Data Ascii: AU $439.80 OFFImage of ALFORDSON Adirondack Chair...ALFORDSON Adirondack Chair...AU $119.95AU $959.95 AU $840.00 OFFImage of Oikiture Kitchen Island...Oikiture Kitchen Island...AU $170.00Image of Bedra Electric Blanket Fully...
                              2025-01-15 13:57:45 UTC1369INData Raw: 31 2c 31 39 39 2e 30 30 20 c2 b7 20 41 55 20 24 34 31 31 2e 30 30 20 4f 46 46 0d 0a 0d 0a 44 69 72 65 63 74 20 66 72 6f 6d 20 44 79 73 6f 6e 20 44 69 72 65 63 74 20 66 72 6f 6d 20 44 79 73 6f 6e 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 41 5a 44 4f 4d 45 20 34 4b 20 44 61 73 68 20 43 61 6d 20 55 48 44 2e 2e 2e 0d 0a 41 5a 44 4f 4d 45 20 34 4b 20 44 61 73 68 20 43 61 6d 20 55 48 44 2e 2e 2e 0d 0a 41 55 20 24 35 35 2e 39 39 0d 0a 0d 0a 41 55 20 24 37 31 2e 39 39 20 c2 b7 20 32 32 25 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 50 65 72 66 65 63 74 20 43 68 6f 69 63 65 20 52 65 64 20 4d 69 78 65 64 20 57 69 6e 65 73 2e 2e 2e 0d 0a 50 65 72 66 65 63 74 20 43 68 6f 69 63 65 20 52 65 64 20 4d 69 78 65 64 20 57 69 6e 65 73 2e 2e 2e 0d 0a 41 55 20 24 36 35 2e
                              Data Ascii: 1,199.00 AU $411.00 OFFDirect from Dyson Direct from DysonImage of AZDOME 4K Dash Cam UHD...AZDOME 4K Dash Cam UHD...AU $55.99AU $71.99 22% OFFImage of Perfect Choice Red Mixed Wines...Perfect Choice Red Mixed Wines...AU $65.
                              2025-01-15 13:57:45 UTC1369INData Raw: 6e 68 65 69 73 65 72 0d 0a 0d 0a 45 78 70 6c 6f 72 65 20 67 72 65 61 74 20 6f 66 66 65 72 73 20 66 72 6f 6d 20 74 6f 70 20 62 72 61 6e 64 73 0d 0a 48 6f 74 20 73 61 76 69 6e 67 73 20 61 63 72 6f 73 73 20 61 20 68 75 67 65 20 72 61 6e 67 65 20 6f 6e 20 70 72 6f 64 75 63 74 73 20 79 6f 75 20 6c 6f 76 65 2e 0d 0a 0d 0a 53 68 6f 70 20 6e 6f 77 20 0d 0a 53 61 6c 65 73 20 26 20 65 76 65 6e 74 73 0d 0a 65 42 61 79 20 4c 6f 67 6f 09 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 0d 0a 55 70 64 61 74 65 20 79 6f 75 72 20 65 6d 61 69 6c 20 70 72 65 66 65 72 65 6e 63 65 73 2c 20 75 6e 73 75 62 73 63 72 69 62 65 20 6f 72 20 6c 65 61 72 6e 20 61 62 6f 75 74 20 61 63 63 6f 75 6e 74 20 70 72 6f 74 65 63 74 69 6f 6e 2e 0d 0a 49 66 20 79 6f 75
                              Data Ascii: nheiserExplore great offers from top brandsHot savings across a huge range on products you love.Shop now Sales & eventseBay Logo Update your email preferences, unsubscribe or learn about account protection.If you
                              2025-01-15 13:57:45 UTC1369INData Raw: 35 0d 0a 0d 0a 41 55 20 24 39 35 39 2e 39 35 20 c2 b7 20 41 55 20 24 38 34 30 2e 30 30 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 4f 69 6b 69 74 75 72 65 20 4b 69 74 63 68 65 6e 20 49 73 6c 61 6e 64 2e 2e 2e 0d 0a 4f 69 6b 69 74 75 72 65 20 4b 69 74 63 68 65 6e 20 49 73 6c 61 6e 64 2e 2e 2e 0d 0a 41 55 20 24 31 37 30 2e 30 30 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 42 65 64 72 61 20 45 6c 65 63 74 72 69 63 20 42 6c 61 6e 6b 65 74 20 46 75 6c 6c 79 2e 2e 2e 0d 0a 42 65 64 72 61 20 45 6c 65 63 74 72 69 63 20 42 6c 61 6e 6b 65 74 20 46 75 6c 6c 79 2e 2e 2e 0d 0a 41 55 20 24 36 33 2e 30 30 0d 0a 0d 0a 41 55 20 24 37 30 2e 39 30 20 c2 b7 20 31 31 25 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 42 6f 50 65 65 70 20 46 6f 6c 64 61 62 6c 65 20 4b 69
                              Data Ascii: 5AU $959.95 AU $840.00 OFFImage of Oikiture Kitchen Island...Oikiture Kitchen Island...AU $170.00Image of Bedra Electric Blanket Fully...Bedra Electric Blanket Fully...AU $63.00AU $70.90 11% OFFImage of BoPeep Foldable Ki
                              2025-01-15 13:57:45 UTC1369INData Raw: 44 2e 2e 2e 0d 0a 41 5a 44 4f 4d 45 20 34 4b 20 44 61 73 68 20 43 61 6d 20 55 48 44 2e 2e 2e 0d 0a 41 55 20 24 35 35 2e 39 39 0d 0a 0d 0a 41 55 20 24 37 31 2e 39 39 20 c2 b7 20 32 32 25 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 50 65 72 66 65 63 74 20 43 68 6f 69 63 65 20 52 65 64 20 4d 69 78 65 64 20 57 69 6e 65 73 2e 2e 2e 0d 0a 50 65 72 66 65 63 74 20 43 68 6f 69 63 65 20 52 65 64 20 4d 69 78 65 64 20 57 69 6e 65 73 2e 2e 2e 0d 0a 41 55 20 24 36 35 2e 30 30 0d 0a 0d 0a 41 55 20 24 32 33 30 2e 30 30 20 c2 b7 20 41 55 20 24 31 36 35 2e 30 30 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 45 56 45 52 41 55 c2 ae 20 57 6f 6d 65 6e 20 4d 65 6e 20 53 6c 69 70 70 65 72 73 2e 2e 2e 0d 0a 45 56 45 52 41 55 c2 ae 20 57 6f 6d 65 6e 20 4d 65 6e 20 53
                              Data Ascii: D...AZDOME 4K Dash Cam UHD...AU $55.99AU $71.99 22% OFFImage of Perfect Choice Red Mixed Wines...Perfect Choice Red Mixed Wines...AU $65.00AU $230.00 AU $165.00 OFFImage of EVERAU Women Men Slippers...EVERAU Women Men S
                              2025-01-15 13:57:45 UTC1369INData Raw: 76 65 2e 0d 0a 0d 0a 53 68 6f 70 20 6e 6f 77 20 0d 0a 53 61 6c 65 73 20 26 20 65 76 65 6e 74 73 0d 0a 65 42 61 79 20 4c 6f 67 6f 09 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 0d 0a 55 70 64 61 74 65 20 79 6f 75 72 20 65 6d 61 69 6c 20 70 72 65 66 65 72 65 6e 63 65 73 2c 20 75 6e 73 75 62 73 63 72 69 62 65 20 6f 72 20 6c 65 61 72 6e 20 61 62 6f 75 74 20 61 63 63 6f 75 6e 74 20 70 72 6f 74 65 63 74 69 6f 6e 2e 0d 0a 49 66 20 79 6f 75 20 68 61 76 65 20 61 20 71 75 65 73 74 69 6f 6e 2c 20 63 6f 6e 74 61 63 74 20 75 73 2e 20 65 42 61 79 20 4d e2 80 8c 61 72 6b 65 74 70 6c 61 63 65 73 20 47 e2 80 8c 6d 62 48 2c 20 48 e2 80 8c 65 6c 76 65 74 69 61 73 74 72 61 73 73 65 20 31 e2 80 8c 35 2f 31 37 2c 20 33 e2 80 8c 30 30 35 20 42 e2
                              Data Ascii: ve.Shop now Sales & eventseBay Logo Update your email preferences, unsubscribe or learn about account protection.If you have a question, contact us. eBay Marketplaces GmbH, Helvetiastrasse 15/17, 3005 B
                              2025-01-15 13:57:45 UTC1369INData Raw: 2e 0d 0a 41 55 20 24 31 37 30 2e 30 30 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 42 65 64 72 61 20 45 6c 65 63 74 72 69 63 20 42 6c 61 6e 6b 65 74 20 46 75 6c 6c 79 2e 2e 2e 0d 0a 42 65 64 72 61 20 45 6c 65 63 74 72 69 63 20 42 6c 61 6e 6b 65 74 20 46 75 6c 6c 79 2e 2e 2e 0d 0a 41 55 20 24 36 33 2e 30 30 0d 0a 0d 0a 41 55 20 24 37 30 2e 39 30 20 c2 b7 20 31 31 25 20 4f 46 46 0d 0a 0d 0a 49 6d 61 67 65 20 6f 66 20 42 6f 50 65 65 70 20 46 6f 6c 64 61 62 6c 65 20 4b 69 64 73 20 53 63 6f 6f 74 65 72 2e 2e 2e 0d 0a 42 6f 50 65 65 70 20 46 6f 6c 64 61 62 6c 65 20 4b 69 64 73 20 53 63 6f 6f 74 65 72 2e 2e 2e 0d 0a 41 55 20 24 34 39 2e 39 39 0d 0a 0d 0a 41 55 20 24 31 30 37 2e 39 39 20 c2 b7 20 41 55 20 24 35 38 2e 30 30 20 4f 46 46 0d 0a 0d 0a 44 69 72 65 63 74 20
                              Data Ascii: .AU $170.00Image of Bedra Electric Blanket Fully...Bedra Electric Blanket Fully...AU $63.00AU $70.90 11% OFFImage of BoPeep Foldable Kids Scooter...BoPeep Foldable Kids Scooter...AU $49.99AU $107.99 AU $58.00 OFFDirect


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.1649721104.21.64.14436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:57:48 UTC670OUTGET / HTTP/1.1
                              Host: www.sealevel.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: iframe
                              Referer: https://ipfs.io/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:57:49 UTC1281INHTTP/1.1 200 OK
                              Date: Wed, 15 Jan 2025 13:57:49 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              vary: Accept-Encoding
                              Cache-Control: no-store, no-cache, must-revalidate
                              x-content-type-options: nosniff
                              x-permitted-cross-domain-policies: none
                              Set-Cookie: SF-CSRF-TOKEN=0d9a1169-94c0-449b-ae2a-1b332c24182f; Path=/; Secure; SameSite=Strict
                              Set-Cookie: fornax_anonymousId=810f093f-e450-4940-86b8-0b7f888ffaa7; Expires=Fri, 15 Jan 2027 13:57:48 GMT; Path=/; Secure; SameSite=None
                              Set-Cookie: athena_short_visit_id=a48530fb-2346-4c6f-9ea9-40dc00f3e31a:1736949468; Expires=Wed, 15 Jan 2025 14:27:48 GMT; Path=/; Secure; HttpOnly; SameSite=None
                              Set-Cookie: Shopper-Pref=10078B695F1DDF0989629A87F558346D82D6E58B-1737554269000-x%7B%22cur%22%3A%22USD%22%7D; Expires=Wed, 22 Jan 2025 13:57:49 GMT; Path=/; HttpOnly
                              Set-Cookie: XSRF-TOKEN=274455e27fb350767e232691da2dbb49286483416bae0b30d472cd0b2d3d7868; path=/; Secure; SameSite=none
                              Set-Cookie: SHOP_SESSION_TOKEN=4039889b-1c13-42fb-be99-cd85b5ae8482; Expires=Wed, 22 Jan 2025 13:57:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
                              Set-Cookie: __HOST-SHOP_SESSION_TOKEN=4039889b-1c13-42fb-be99-cd85b5ae8482; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
                              2025-01-15 13:57:49 UTC1253INData Raw: 6c 69 6e 6b 3a 20 3c 68 74 74 70 73 3a 2f 2f 73 61 76 65 79 6f 75 72 63 61 72 74 2e 69 6f 2f 73 74 6f 72 61 67 65 2f 63 6c 69 65 6e 74 73 2f 55 63 32 58 74 37 6f 31 72 4e 4f 75 35 6e 51 6e 2e 6a 73 3e 3b 20 72 65 6c 3d 70 72 65 6c 6f 61 64 3b 20 61 73 3d 73 63 72 69 70 74 0d 0a 6c 69 6e 6b 3a 20 3c 68 74 74 70 73 3a 2f 2f 63 64 6e 31 31 2e 62 69 67 63 6f 6d 6d 65 72 63 65 2e 63 6f 6d 2f 73 2d 39 66 70 70 6e 73 30 35 38 75 3e 3b 20 72 65 6c 3d 70 72 65 63 6f 6e 6e 65 63 74 3b 20 61 73 3d 66 6f 6e 74 3b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 61 6e 6f 6e 79 6d 6f 75 73 2c 20 3c 68 74 74 70 73 3a 2f 2f 63 64 6e 31 31 2e 62 69 67 63 6f 6d 6d 65 72 63 65 2e 63 6f 6d 2f 73 2d 39 66 70 70 6e 73 30 35 38 75 2f 73 74 65 6e 63 69 6c 2f 62 39 34 32 34 36 66 30 2d 62
                              Data Ascii: link: <https://saveyourcart.io/storage/clients/Uc2Xt7o1rNOu5nQn.js>; rel=preload; as=scriptlink: <https://cdn11.bigcommerce.com/s-9fppns058u>; rel=preconnect; as=font; crossorigin=anonymous, <https://cdn11.bigcommerce.com/s-9fppns058u/stencil/b94246f0-b
                              2025-01-15 13:57:49 UTC1369INData Raw: 37 66 66 61 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 0d 0a 09 09 20 20 20 20 20 20 20 20 49 6e 64 75 73 74 72 69 61 6c 20 49 2f 4f 20 26 61 6d 70 3b 20 43 6f 6d 70 75 74 69 6e 67 20 50 72 6f 64 75 63 74 73 20 7c 20 45 6e 67 69 6e 65 65 72 69 6e 67 20 26 61 6d 70 3b 20 4d 61 6e 75 66 61 63 74 75 72 69 6e 67 20 7c 20 53 65 61 6c 65 76 65 6c 0d 0a 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 61 73 3d 22 66 6f 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63
                              Data Ascii: 7ffa<!DOCTYPE html><html class="no-js" lang="en"> <head> <title> Industrial I/O &amp; Computing Products | Engineering &amp; Manufacturing | Sealevel </title> <link rel="preload" as="font" href="https://c
                              2025-01-15 13:57:49 UTC1369INData Raw: 2e 77 6f 66 66 32 22 20 74 79 70 65 3d 22 66 6f 6e 74 2f 77 6f 66 66 32 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 61 73 3d 22 66 6f 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 31 31 2e 62 69 67 63 6f 6d 6d 65 72 63 65 2e 63 6f 6d 2f 73 2d 39 66 70 70 6e 73 30 35 38 75 2f 73 74 65 6e 63 69 6c 2f 62 39 34 32 34 36 66 30 2d 62 30 39 64 2d 30 31 33 64 2d 38 36 37 63 2d 37 61 30 63 64 34 61 66 35 62 66 38 2f 65 2f 31 63 38 61 35 32 36 30 2d 62 30 39 65 2d 30 31 33 64 2d 63 31 66 65 2d 34 61 36 39 66 39 64 63 36 65 62 30 2f 66 6f 6e 74 73 2f 43 65 6e 74 72 61 4e 6f 32 2d 42 6f 6c 64 2e 77 6f 66 66 22 20 74 79 70 65 3d
                              Data Ascii: .woff2" type="font/woff2" crossorigin="anonymous"> <link rel="preload" as="font" href="https://cdn11.bigcommerce.com/s-9fppns058u/stencil/b94246f0-b09d-013d-867c-7a0cd4af5bf8/e/1c8a5260-b09e-013d-c1fe-4a69f9dc6eb0/fonts/CentraNo2-Bold.woff" type=
                              2025-01-15 13:57:49 UTC1369INData Raw: 74 28 27 77 6f 66 66 32 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 73 72 63 3a 20 75 72 6c 28 22 68 74 74 70 73 3a 2f 2f 63 64 6e 31 31 2e 62 69 67 63 6f 6d 6d 65 72 63 65 2e 63 6f 6d 2f 73 2d 39 66 70 70 6e 73 30 35 38 75 2f 73 74 65 6e 63 69 6c 2f 62 39 34 32 34 36 66 30 2d 62 30 39 64 2d 30 31 33 64 2d 38 36 37 63 2d 37 61 30 63 64 34 61 66 35 62 66 38 2f 65 2f 31 63 38 61 35 32 36 30 2d 62 30 39 65 2d 30 31 33 64 2d 63 31 66 65 2d 34 61 36 39 66 39 64 63 36 65 62 30 2f 66 6f 6e 74 73 2f 43 65 6e 74 72 61 4e 6f 32 2d 42 6f 6f 6b 2e 77 6f 66 66 22 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0d 0a 20 20 20 20 20 20
                              Data Ascii: t('woff2'); src: url("https://cdn11.bigcommerce.com/s-9fppns058u/stencil/b94246f0-b09d-013d-867c-7a0cd4af5bf8/e/1c8a5260-b09e-013d-c1fe-4a69f9dc6eb0/fonts/CentraNo2-Book.woff") format('woff'); font-weight: normal;
                              2025-01-15 13:57:49 UTC1369INData Raw: 74 72 61 4e 6f 32 2d 42 6f 6c 64 2e 77 6f 66 66 22 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 64 6f 63 75 6d 65 6e
                              Data Ascii: traNo2-Bold.woff") format('woff'); font-weight: bold; font-style: normal; font-display: swap; } </style> <script> document.documentElement.className = documen
                              2025-01-15 13:57:49 UTC1369INData Raw: 74 74 69 6e 67 73 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 64 61 74 61 5f 63 6f 6c 6c 65 63 74 69 6f 6e 5f 70 72 65 66 65 72 65 6e 63 65 73 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 6d 61 6e 61 67 65 5f 64 61 74 61 5f 63 6f 6c 6c 65 63 74 69 6f 6e 5f 70 72 65 66 65 72 65 6e 63 65 73 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 75 73 65 5f 64 61 74 61 5f 62 79 5f 63 6f 6f 6b 69 65 73 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 64 61 74 61 5f 63 61 74 65 67 6f 72 69 65 73 5f 74 61 62 6c 65 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 61 6c 6c 6f 77 22 3a 22 65 6e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72
                              Data Ascii: ttings":"en","consent_manager.data_collection_preferences":"en","consent_manager.manage_data_collection_preferences":"en","consent_manager.use_data_by_cookies":"en","consent_manager.data_categories_table":"en","consent_manager.allow":"en","consent_manager
                              2025-01-15 13:57:49 UTC1369INData Raw: 69 6e 67 22 3a 22 65 6e 22 7d 2c 22 74 72 61 6e 73 6c 61 74 69 6f 6e 73 22 3a 7b 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 64 61 74 61 5f 63 6f 6c 6c 65 63 74 69 6f 6e 5f 77 61 72 6e 69 6e 67 22 3a 22 57 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 28 61 6e 64 20 6f 74 68 65 72 20 73 69 6d 69 6c 61 72 20 74 65 63 68 6e 6f 6c 6f 67 69 65 73 29 20 74 6f 20 63 6f 6c 6c 65 63 74 20 64 61 74 61 20 74 6f 20 69 6d 70 72 6f 76 65 20 79 6f 75 72 20 73 68 6f 70 70 69 6e 67 20 65 78 70 65 72 69 65 6e 63 65 2e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 61 63 63 65 70 74 5f 61 6c 6c 5f 63 6f 6f 6b 69 65 73 22 3a 22 41 63 63 65 70 74 20 41 6c 6c 20 43 6f 6f 6b 69 65 73 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 67 64 70 72 5f 73 65 74
                              Data Ascii: ing":"en"},"translations":{"consent_manager.data_collection_warning":"We use cookies (and other similar technologies) to collect data to improve your shopping experience.","consent_manager.accept_all_cookies":"Accept All Cookies","consent_manager.gdpr_set
                              2025-01-15 13:57:49 UTC1369INData Raw: 6f 72 6d 61 74 69 6f 6e 20 6f 6e 20 73 69 74 65 20 75 73 61 67 65 2c 20 65 2e 67 2e 2c 20 77 65 62 20 61 6e 61 6c 79 74 69 63 73 20 73 6f 20 77 65 20 63 61 6e 20 69 6d 70 72 6f 76 65 20 74 68 69 73 20 77 65 62 73 69 74 65 20 6f 76 65 72 20 74 69 6d 65 2e 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 74 61 72 67 65 74 69 6e 67 5f 63 61 74 65 67 6f 72 79 22 3a 22 54 61 72 67 65 74 69 6e 67 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 61 64 76 65 72 74 69 73 69 6e 67 5f 63 61 74 65 67 6f 72 79 22 3a 22 41 64 76 65 72 74 69 73 69 6e 67 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 61 64 76 65 72 74 69 73 69 6e 67 5f 70 75 72 70 6f 73 65 22 3a 22 55 73 65 64 20 74 6f 20 63 72 65 61 74 65 20 70 72 6f 66 69 6c 65 73 20 6f 72 20
                              Data Ascii: ormation on site usage, e.g., web analytics so we can improve this website over time.","consent_manager.targeting_category":"Targeting","consent_manager.advertising_category":"Advertising","consent_manager.advertising_purpose":"Used to create profiles or
                              2025-01-15 13:57:49 UTC1369INData Raw: 2e 61 6c 6c 6f 77 5f 63 61 74 65 67 6f 72 79 5f 74 72 61 63 6b 69 6e 67 22 3a 22 41 6c 6c 6f 77 20 5b 43 41 54 45 47 4f 52 59 5f 4e 41 4d 45 5d 20 74 72 61 63 6b 69 6e 67 22 2c 22 63 6f 6e 73 65 6e 74 5f 6d 61 6e 61 67 65 72 2e 64 69 73 61 6c 6c 6f 77 5f 63 61 74 65 67 6f 72 79 5f 74 72 61 63 6b 69 6e 67 22 3a 22 44 69 73 61 6c 6c 6f 77 20 5b 43 41 54 45 47 4f 52 59 5f 4e 41 4d 45 5d 20 74 72 61 63 6b 69 6e 67 22 7d 7d 60 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 61 7a 79 53 69 7a 65 73 43 6f 6e 66 69 67 20 3d 20 77 69 6e 64 6f 77 2e 6c 61 7a 79 53 69 7a 65 73 43 6f 6e 66 69 67 20 7c 7c 20 7b 7d 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 77
                              Data Ascii: .allow_category_tracking":"Allow [CATEGORY_NAME] tracking","consent_manager.disallow_category_tracking":"Disallow [CATEGORY_NAME] tracking"}}`;</script> <script> window.lazySizesConfig = window.lazySizesConfig || {}; w
                              2025-01-15 13:57:49 UTC1369INData Raw: 38 37 30 62 38 62 36 30 33 61 38 31 64 65 35 39 37 63 31 30 66 36 62 63 37 36 39 39 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 3e 0a 20 20 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0a 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 0a 20 20 20 20 20 20 20 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 69 6e 69 74 47 41 34 28 65 76 65 6e 74 29 20 7b 0a 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 73 65 74 75 70 47
                              Data Ascii: 870b8b603a81de597c10f6bc7699.js"></script><script data-cfasync="false"> (function () { window.dataLayer = window.dataLayer || []; function gtag(){ dataLayer.push(arguments); } function initGA4(event) { function setupG


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.1649720142.250.185.1004436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:57:48 UTC689OUTGET /s2/favicons?domain=sealevel.com HTTP/1.1
                              Host: www.google.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlKHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://ipfs.io/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:57:48 UTC484INHTTP/1.1 301 Moved Permanently
                              Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sealevel.com&size=16
                              Content-Type: text/html; charset=UTF-8
                              X-Content-Type-Options: nosniff
                              Date: Wed, 15 Jan 2025 13:57:48 GMT
                              Expires: Wed, 15 Jan 2025 14:27:48 GMT
                              Cache-Control: public, max-age=1800
                              Server: sffe
                              Content-Length: 332
                              X-XSS-Protection: 0
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close
                              2025-01-15 13:57:48 UTC332INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 74 31 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 56 32 3f 63 6c 69 65 6e 74 3d 53 4f 43 49 41 4c 26 61 6d 70 3b 74 79 70 65 3d 46 41 56 49 43 4f 4e 26 61 6d 70 3b 66 61 6c 6c 62 61 63 6b 5f 6f 70 74 73 3d 54 59 50 45 2c
                              Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>301 Moved</TITLE></HEAD><BODY><H1>301 Moved</H1>The document has moved<A HREF="https://t1.gstatic.com/faviconV2?client=SOCIAL&amp;type=FAVICON&amp;fallback_opts=TYPE,


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.164972535.190.80.14436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:57:49 UTC537OUTOPTIONS /report/v4?s=uKifXqJezYNpH49yB5qZC0skXdgrT4q61e22v9%2B36M0sbwqeBY%2FxKBTVkbXSTeRi95orid4ZE7ijhYVvhk5rgvzxEdm7Qi%2FW1e2tg9YIzMoAosaQNaoDE4psMTQL9coXulM%3D HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Origin: https://www.sealevel.com
                              Access-Control-Request-Method: POST
                              Access-Control-Request-Headers: content-type
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:57:49 UTC336INHTTP/1.1 200 OK
                              Content-Length: 0
                              access-control-max-age: 86400
                              access-control-allow-methods: OPTIONS, POST
                              access-control-allow-origin: *
                              access-control-allow-headers: content-length, content-type
                              date: Wed, 15 Jan 2025 13:57:49 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.164972635.190.80.14436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:57:50 UTC478OUTPOST /report/v4?s=uKifXqJezYNpH49yB5qZC0skXdgrT4q61e22v9%2B36M0sbwqeBY%2FxKBTVkbXSTeRi95orid4ZE7ijhYVvhk5rgvzxEdm7Qi%2FW1e2tg9YIzMoAosaQNaoDE4psMTQL9coXulM%3D HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Content-Length: 400
                              Content-Type: application/reports+json
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:57:50 UTC400OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 31 30 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 69 70 66 73 2e 69 6f 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 36 34 2e 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 32 30 30 2c 22 74 79 70 65 22 3a 22 61 62 61 6e 64 6f 6e 65 64 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77
                              Data Ascii: [{"age":1,"body":{"elapsed_time":1105,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://ipfs.io/","sampling_fraction":1.0,"server_ip":"104.21.64.1","status_code":200,"type":"abandoned"},"type":"network-error","url":"https://ww
                              2025-01-15 13:57:50 UTC168INHTTP/1.1 200 OK
                              Content-Length: 0
                              date: Wed, 15 Jan 2025 13:57:50 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.1649730178.63.67.1064436924C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-01-15 13:58:27 UTC688OUTPOST /87f659f6-075d-4e0e-b197-649a09850ad0 HTTP/1.1
                              Host: webhook.site
                              Connection: keep-alive
                              Content-Length: 58
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              Accept: application/json, text/javascript, */*; q=0.01
                              Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Origin: https://ipfs.io
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Referer: https://ipfs.io/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2025-01-15 13:58:27 UTC58OUTData Raw: 74 65 6d 61 69 6c 3d 73 75 70 70 6f 72 74 25 34 30 73 65 61 6c 65 76 65 6c 2e 63 6f 6d 26 74 70 61 73 73 3d 67 6f 66 75 63 6b 79 6f 75 72 73 65 6c 66 25 32 43 62 69 74 63 68
                              Data Ascii: temail=support%40sealevel.com&tpass=gofuckyourself%2Cbitch
                              2025-01-15 13:58:27 UTC191INHTTP/1.1 404 Not Found
                              server: nginx
                              content-type: application/json
                              transfer-encoding: chunked
                              cache-control: no-cache, private
                              date: Wed, 15 Jan 2025 13:58:27 GMT
                              connection: close
                              2025-01-15 13:58:27 UTC115INData Raw: 36 38 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 66 61 6c 73 65 2c 22 65 72 72 6f 72 22 3a 7b 22 6d 65 73 73 61 67 65 22 3a 22 54 6f 6b 65 6e 20 5c 22 38 37 66 36 35 39 66 36 2d 30 37 35 64 2d 34 65 30 65 2d 62 31 39 37 2d 36 34 39 61 30 39 38 35 30 61 64 30 5c 22 20 6e 6f 74 20 66 6f 75 6e 64 22 2c 22 69 64 22 3a 22 22 7d 7d 0d 0a 30 0d 0a 0d 0a
                              Data Ascii: 68{"success":false,"error":{"message":"Token \"87f659f6-075d-4e0e-b197-649a09850ad0\" not found","id":""}}0


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:08:57:42
                              Start date:15/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff7f9810000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:1
                              Start time:08:57:42
                              Start date:15/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1972,i,14627563034816558379,1021779677225965790,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff7f9810000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:2
                              Start time:08:57:43
                              Start date:15/01/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ipfs.io/ipfs/bafkreidfpb2invnj4i76skys5sfmk3hycbkxhquyb7d6uhnbls3gwf4a5q#support@sealevel.com"
                              Imagebase:0x7ff7f9810000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              Disassembly

                              No disassembly