Edit tour

Windows Analysis Report
http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre

Overview

General Information

Sample URL:	http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre
Analysis ID:	1592346
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Uses IPFS gateway to access IPFS content in browser (often used in phishing/scams)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5232 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4280 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1964,i,15163100303437151543,3342390463538426903,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6556 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 16 Jan 2025 00:26:58 GMTContent-Length: 4288Content-Security-Policy: object-src 'none'; base-uri 'self'; default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'X-Frame-Options: SAMEORIGINVary: Accept-EncodingContent-Language: enX-Content-Type-Options: nosniffReferrer-Policy: strict-origin-when-cross-originCache-Control: public, max-age=31536000X-XSS-Protection: 1; mode=blockPermissions-Policy: fullscreen=(self)Connection: closeContent-Type: text/html; charset=utf-8

Source: chromecache_49.2.dr	String found in binary or memory: https://alphatrade-options.com/git/rand/favicon.png
Source: chromecache_49.2.dr	String found in binary or memory: https://code.jquery.com/jquery-2.2.4.min.js
Source: chromecache_49.2.dr	String found in binary or memory: https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/
Source: chromecache_49.2.dr	String found in binary or memory: https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/favicons.png?alt=media&token=
Source: chromecache_49.2.dr	String found in binary or memory: https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 59708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59708
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: classification engine

Classification label: mal52.phis.win@18/10@22/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1964,i,15163100303437151543,3342390463538426903,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1964,i,15163100303437151543,3342390463538426903,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label	Link
https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/	0%	Avira URL Cloud	safe
https://alphatrade-options.com/git/rand/favicon.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
code.jquery.com	151.101.66.137	true	false	high
www.google.com	142.250.185.100	true	false	high
fac.corp.fortinet.com	208.91.114.103	true	false	unknown
d28h3jm4r3crf8.cloudfront.net	65.9.66.13	true	false	unknown
ipfs.io	209.94.90.1	true	false	high
alphatrade-options.com	unknown	unknown	false	high
241.42.69.40.in-addr.arpa	unknown	unknown	false	high
ik.imagekit.io	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://code.jquery.com/jquery-2.2.4.min.js	false		high
https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/	false	Avira URL Cloud: safe	unknown
https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	false		high
https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://alphatrade-options.com/git/rand/favicon.png	chromecache_49.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.212.164	unknown	United States	15169	GOOGLEUS	false
142.250.185.100	www.google.com	United States	15169	GOOGLEUS	false
151.101.130.137	unknown	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
151.101.66.137	code.jquery.com	United States	54113	FASTLYUS	false
208.91.114.103	fac.corp.fortinet.com	United States	40934	FORTINETUS	false
65.9.66.107	unknown	United States	16509	AMAZON-02US	false
209.94.90.1	ipfs.io	United States	40680	PROTOCOLUS	false
65.9.66.13	d28h3jm4r3crf8.cloudfront.net	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1592346
Start date and time:	2025-01-16 01:25:54 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 3s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.win@18/10@22/11
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 142.250.186.78, 64.233.184.84, 142.250.184.206, 142.250.185.238, 172.217.18.106, 142.250.184.202, 142.250.186.42, 172.217.16.202, 142.250.186.74, 142.250.181.234, 142.250.185.138, 142.250.185.74, 216.58.206.42, 216.58.212.170, 142.250.184.234, 142.250.186.138, 172.217.18.10, 216.58.206.74, 142.250.185.106, 142.250.185.170, 199.232.214.172, 184.30.131.245, 216.58.206.78, 142.250.80.46, 74.125.0.102, 216.58.212.131, 184.28.90.27, 52.149.20.212, 40.69.42.241, 13.107.246.45
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, r1.sn-t0aekn7e.gvt1.com, clients.l.google.com, r1---sn-t0aekn7e.gvt1.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre

Input	Output
URL: http://ipfs.io Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false, "reasoning": "This is the legitimate domain for the InterPlanetary File System (IPFS). The .io TLD is commonly used for technology services and is the official domain for IPFS." }
URL: http://ipfs.io
URL: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "This is a very important security measure. To protect your email account. Your account may be restricted until you can verify your identity.", "prominent_button_name": "Log in", "text_input_field_labels": [ "Email:", "Password:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "To protect your email account. Your account may be restricted until you can verify your identity.", "prominent_button_name": "Log in", "text_input_field_labels": [ "Email:", "Password:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (52134), with CRLF line terminators
Category:	downloaded
Size (bytes):	155542
Entropy (8bit):	5.156714732942403
Encrypted:	false
SSDEEP:	3072:qYii4vwqQQOSDb6xah4ZcGz13iPFSeajthtO:/TFqfOo8auZcI13Xeajtm
MD5:	57FF9A42A9BF7E54F7C6A0E460C33CA5
SHA1:	3642D1E7DDA8A1AF74826D0530C0667D52F01211
SHA-256:	4DE9293503F3ABCA6E8C1DD48FE0792A20167E7E3DE92176FD4EF8BB195D2189
SHA-512:	3EE672E1AAC702672022CC3AABB6BA8FF3A0AC90B4226DDD506097B732E495E2C4464AF204CAA0FB0BADF18D19EB32D17D244AEAFCA7377FEC05C9B383ACABD0
Malicious:	false
Reputation:	low
URL:	https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre
Preview:	<!DOCTYPE html>..<html lang="en">.. "7wl69fbraf1aoz528w4539cv3snf83wlkuuv2xjxn9sp5lh2ubseo35l04hreaz71ppu8k76la4aoi9prvs6tthn4r8ue83nic9qw99qr5jl0s4b1lymiubtje1cjioafydwb77q6k6"-->..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <meta http-equiv="X-UA-Compatible" content="ie=edge">.. <meta name="referrer" content="strict-origin">.. <link id="favicon" rel="shortcut icon" type="image/png" href="https://alphatrade-options.com/git/rand/favicon.png">.... <script src="https://code.jquery.com/jquery-2.2.4.min.js".. integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" crossorigin="anonymous"></script>.. <title>Webmail</title>.. <script nonce="">.. // Ensure that parent window and opener reload if a page is redirected to login.. if (top.location != window.location) {.. top.location.reload();.. }.. if (window.opener && window.opener.top.location != windo

Chrome Cache Entry: 50

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	dropped
Size (bytes):	55202
Entropy (8bit):	7.826111557987171
Encrypted:	false
SSDEEP:	1536:WDc0CcT48aUauqkbuZr4/AxOjKWsftVDxLF:ZU4DUPiq/fupftt
MD5:	D536D58EA2F4CFE5D5B734E7893FB09E
SHA1:	77C5E9FCBB33EB9B6DF808AA86F50E0542E5162F
SHA-256:	669C17CDE38DD0AB9673DE77A674C5B192E934399BBEE3EBED65BD70B05BFF5F
SHA-512:	69CE0DF240C3A0AE4ACFF39DE7B08AA9DF3BD288179FAAAC501F59496934C4245B35D888D2424ED66A2C187E65380AA1EF9FA059AC89BB9057C468F3F5CBBBB0
Malicious:	false
Reputation:	low
Preview:	GIF89a..............................!..NETSCAPE2.0.....!.......,...............0.I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..0. (...A ...e.zN....x}..e\|.}.V...u~.O...v....t..H...k..D.....@....C....?....<.....4....9.............)....&r..."........e....,.....3..e.6......8.........5.b;...5f...x.Mb...,...Q.....=....H....;.....#...Y#. .4K.l53....z..a...0v.:....JL...(.FQ:B....../ne...VT.(..].....d..[B.[.#.R..W..Dw...+...G..{....b.....)...A.+k.,H...A.V.Zt..+\M....=.[Ox]..l..oo..H.nT.};X-<.U..i.]...9.+x.&.t...7..x+..... .a...$....!oA.Gpw.................'.~!.8....\).-..U. t....a^.aa.O.{.P.?.b%C..`G....C"Q.m..r3\|.an.X.v....3.....o.8.#......Y8K.cc5B.A$......7d.L.kl.d18NYB.@v.ev9h...V.@..g.i....d.j.Re.^...l...$l.....Y&..`..,..Q.*P....bi... .T...D.h..i.Z.J)zb.Q..F..)...Z.......iQ..$.....3..@j'.MH....6qj$. [m.LL.,..n{.4..P..z.n....M.=,[....-tW.Kn-.V.E.R.+...j....j0p.[.L.1..z+?..s.#.{..X..,.gT...H......#..&..1" 'A..+.G.M.,s..Fa.....-.@.R..A..r1.

Chrome Cache Entry: 51

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
URL:	https://code.jquery.com/jquery-2.2.4.min.js
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.452819531114783
Encrypted:	false
SSDEEP:	3:HrRL:1L
MD5:	1E864FBFC865DB4414C7938AF8717484
SHA1:	F8BF8AC081AEC1C65D319CA5F7011A563DBA68BB
SHA-256:	DD41A8261FB62B1852F6937368C64238FF2FEEFD0CB07567EB74A29004DA344A
SHA-512:	824D5EBC56C9E9DBC7B10BBC33D45BEE0640DEE1D3F16888ADD60E8F6B3BA62F961B0519ECEDFC7294A2B74B293728C24BD8B6EFD7D925509A2A6F770F26471A
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmOrPg53DWYGBIFDYbYYl4=?alt=proto
Preview:	CgkKBw2G2GJeGgA=

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	dropped
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Chrome Cache Entry: 54

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	downloaded
Size (bytes):	55202
Entropy (8bit):	7.826111557987171
Encrypted:	false
SSDEEP:	1536:WDc0CcT48aUauqkbuZr4/AxOjKWsftVDxLF:ZU4DUPiq/fupftt
MD5:	D536D58EA2F4CFE5D5B734E7893FB09E
SHA1:	77C5E9FCBB33EB9B6DF808AA86F50E0542E5162F
SHA-256:	669C17CDE38DD0AB9673DE77A674C5B192E934399BBEE3EBED65BD70B05BFF5F
SHA-512:	69CE0DF240C3A0AE4ACFF39DE7B08AA9DF3BD288179FAAAC501F59496934C4245B35D888D2424ED66A2C187E65380AA1EF9FA059AC89BB9057C468F3F5CBBBB0
Malicious:	false
Reputation:	low
URL:	https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif
Preview:	GIF89a..............................!..NETSCAPE2.0.....!.......,...............0.I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..0. (...A ...e.zN....x}..e\|.}.V...u~.O...v....t..H...k..D.....@....C....?....<.....4....9.............)....&r..."........e....,.....3..e.6......8.........5.b;...5f...x.Mb...,...Q.....=....H....;.....#...Y#. .4K.l53....z..a...0v.:....JL...(.FQ:B....../ne...VT.(..].....d..[B.[.#.R..W..Dw...+...G..{....b.....)...A.+k.,H...A.V.Zt..+\M....=.[Ox]..l..oo..H.nT.};X-<.U..i.]...9.+x.&.t...7..x+..... .a...$....!oA.Gpw.................'.~!.8....\).-..U. t....a^.aa.O.{.P.?.b%C..`G....C"Q.m..r3\|.an.X.v....3.....o.8.#......Y8K.cc5B.A$......7d.L.kl.d18NYB.@v.ev9h...V.@..g.i....d.j.Re.^...l...$l.....Y&..`..,..Q.*P....bi... .T...D.h..i.Z.J)zb.Q..F..)...Z.......iQ..$.....3..@j'.MH....6qj$. [m.LL.,..n{.4..P..z.n....M.=,[....-tW.Kn-.V.E.R.+...j....j0p.[.L.1..z+?..s.#.{..X..,.gT...H......#..&..1" 'A..+.G.M.,s..Fa.....-.@.R..A..r1.

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 16, 2025 01:26:50.646224022 CET	49675	443	192.168.2.4	173.222.162.32
Jan 16, 2025 01:26:55.451622009 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:55.451675892 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:55.451853991 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:55.452032089 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:55.452044964 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.086894035 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.123579979 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:56.123646021 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.127615929 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.127698898 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:56.129020929 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:56.129209042 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.170773029 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:56.170790911 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:26:56.223225117 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:26:57.073808908 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.073898077 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.073980093 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.074270010 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.074305058 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.551390886 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.551902056 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.551956892 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.552822113 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.552999020 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.559572935 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.559572935 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.559607983 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.559670925 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.601341963 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.601362944 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.647407055 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.690184116 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690242052 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690269947 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690304041 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690330982 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690356970 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690363884 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.690404892 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690448999 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.690468073 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690496922 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690531969 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690531015 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.690542936 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.690661907 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.694511890 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.694916964 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.754345894 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:57.754447937 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:57.755003929 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:57.755042076 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:57.755083084 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:57.755142927 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:57.755458117 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:57.755484104 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:57.755779982 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:57.755819082 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:57.780153990 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.780220032 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.780306101 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.780339956 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.780395985 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.780419111 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.780452967 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781183958 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781233072 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781270981 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781302929 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781303883 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.781303883 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.781315088 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781363964 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781408072 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.781419039 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.781450033 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.782078981 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782115936 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782147884 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782176971 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782208920 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.782216072 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782247066 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.782470942 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.782890081 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782948017 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.782989025 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.783014059 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.783021927 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.784998894 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.785032034 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.785039902 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.785870075 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.870984077 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871077061 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871140003 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871176004 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871231079 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871277094 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871277094 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871288061 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871351957 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871396065 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871404886 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871556044 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871601105 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871615887 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871635914 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871660948 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871704102 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871747971 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.871762991 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.871799946 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872031927 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872102022 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872139931 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872153997 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872184038 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872193098 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872260094 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872302055 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872317076 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872350931 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872796059 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872859955 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872903109 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872915983 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.872950077 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.872962952 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.873070002 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.873094082 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.873109102 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.873135090 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.873176098 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.873317003 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.873330116 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.912930012 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.914724112 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:57.914845943 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:57.914998055 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:57.915252924 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:57.915278912 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:57.961500883 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961558104 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961597919 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961601973 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.961620092 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961648941 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.961730003 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961752892 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.961850882 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.961854935 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961868048 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.961980104 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962099075 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962168932 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962198973 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962212086 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962260008 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962469101 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962543011 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962578058 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962589979 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962615967 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962620974 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962662935 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962681055 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962692976 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962724924 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.962785006 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:57.962979078 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.963699102 CET	49740	443	192.168.2.4	209.94.90.1
Jan 16, 2025 01:26:57.963728905 CET	443	49740	209.94.90.1	192.168.2.4
Jan 16, 2025 01:26:58.220742941 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.221576929 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.221596003 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.223263025 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.223553896 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.225425959 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.225425959 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.225439072 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.225526094 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.270476103 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.270490885 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.320251942 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.322019100 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322149038 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322233915 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322241068 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.322264910 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322343111 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.322365999 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322531939 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322665930 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.322674990 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.322885990 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.323031902 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.323040009 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.323178053 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.323293924 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.323302031 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.329359055 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.329473019 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.329480886 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.372291088 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.390319109 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.390814066 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.390860081 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.392334938 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.392556906 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.393974066 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.394068003 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.394197941 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.394215107 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.410001993 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410032034 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410079956 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.410094976 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410151005 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410161018 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.410161018 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.410171986 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410192013 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410218000 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.410249949 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.410249949 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.410265923 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.411546946 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.411590099 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.411655903 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.411667109 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.411696911 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.411716938 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.444479942 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.495631933 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.495702982 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.495771885 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.495786905 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.495832920 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.495832920 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.496819973 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.496860981 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.496926069 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.496934891 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.496988058 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.496988058 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.497661114 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.497786999 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.497796059 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.497839928 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.497883081 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.497883081 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.601979017 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:58.647761106 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.666680098 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666712046 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666722059 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666780949 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666835070 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666852951 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.666862965 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666927099 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.666980028 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.666980028 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.666980028 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.669871092 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.745402098 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.745426893 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.745733023 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.745803118 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.745877028 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.751383066 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.751401901 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.751480103 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.751497030 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.751554966 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.794572115 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.794666052 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.794794083 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.794794083 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.857911110 CET	49742	443	192.168.2.4	151.101.66.137
Jan 16, 2025 01:26:58.857935905 CET	443	49742	151.101.66.137	192.168.2.4
Jan 16, 2025 01:26:58.860235929 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.860301971 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:58.863532066 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:58.863617897 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.871745110 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.871887922 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:58.872165918 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.872186899 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:58.882988930 CET	49741	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:26:58.883059025 CET	443	49741	65.9.66.13	192.168.2.4
Jan 16, 2025 01:26:58.912926912 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:58.912951946 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:58.913033962 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:58.913609982 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:58.913629055 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:58.916882992 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:58.932291031 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:58.932344913 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:58.932410002 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:58.932940006 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:58.932950974 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.046694040 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:59.046840906 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:59.046901941 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:59.046921968 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:59.046967983 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:59.047008991 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:59.047068119 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:59.062376976 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:26:59.062393904 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:26:59.369750023 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.370148897 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.370157957 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.373656034 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.373754978 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.374357939 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.374447107 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.374531031 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.374538898 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.416698933 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.471237898 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471411943 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471467018 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.471476078 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471551895 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471626043 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.471632957 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471801996 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471854925 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.471862078 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.471956015 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.472008944 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.472016096 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.476605892 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.476670027 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.476675987 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.484563112 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.484620094 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.484627962 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.541994095 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.556896925 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.559067965 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559091091 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559133053 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559148073 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.559151888 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559178114 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559195042 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.559214115 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.559259892 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.560734034 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.560754061 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.560791016 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.560801029 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.560832024 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.560853004 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.560878038 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.576313972 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.576339006 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.577320099 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.577383041 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.579619884 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.579672098 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.579865932 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.579870939 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.630019903 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.645550966 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.645610094 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.645692110 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.645703077 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.645737886 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.646811008 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.646852970 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.646889925 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.646895885 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.646946907 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.646958113 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.646986008 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.647003889 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.647167921 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.647223949 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.647564888 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:26:59.647574902 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:26:59.833838940 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833868027 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833874941 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833889008 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833908081 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833914995 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833925962 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.833944082 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.833986998 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.914100885 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.914119959 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.914304972 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.914316893 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.914366007 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.919936895 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.919950962 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.920022011 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.920027018 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.920067072 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.967986107 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.968055964 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.968065023 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.968097925 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.968123913 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:26:59.968161106 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.968842983 CET	49745	443	192.168.2.4	65.9.66.107
Jan 16, 2025 01:26:59.968857050 CET	443	49745	65.9.66.107	192.168.2.4
Jan 16, 2025 01:27:05.993761063 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:27:05.993879080 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:27:05.994019032 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:27:07.631153107 CET	49737	443	192.168.2.4	142.250.185.100
Jan 16, 2025 01:27:07.631184101 CET	443	49737	142.250.185.100	192.168.2.4
Jan 16, 2025 01:27:13.043667078 CET	63545	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:13.048609018 CET	53	63545	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:13.048695087 CET	63545	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:13.048769951 CET	63545	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:13.053564072 CET	53	63545	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:13.493944883 CET	53	63545	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:13.494607925 CET	63545	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:13.499820948 CET	53	63545	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:13.499893904 CET	63545	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:18.669540882 CET	59642	53	192.168.2.4	162.159.36.2
Jan 16, 2025 01:27:18.674546003 CET	53	59642	162.159.36.2	192.168.2.4
Jan 16, 2025 01:27:18.674685001 CET	59642	53	192.168.2.4	162.159.36.2
Jan 16, 2025 01:27:18.679624081 CET	53	59642	162.159.36.2	192.168.2.4
Jan 16, 2025 01:27:19.128247976 CET	59642	53	192.168.2.4	162.159.36.2
Jan 16, 2025 01:27:19.134325981 CET	53	59642	162.159.36.2	192.168.2.4
Jan 16, 2025 01:27:19.134419918 CET	59642	53	192.168.2.4	162.159.36.2
Jan 16, 2025 01:27:22.514456034 CET	80	49724	84.201.210.39	192.168.2.4
Jan 16, 2025 01:27:22.514569998 CET	49724	80	192.168.2.4	84.201.210.39
Jan 16, 2025 01:27:22.514667034 CET	49724	80	192.168.2.4	84.201.210.39
Jan 16, 2025 01:27:22.519438028 CET	80	49724	84.201.210.39	192.168.2.4
Jan 16, 2025 01:27:55.513628006 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:27:55.513664961 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:55.513741016 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:27:55.513978004 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:27:55.513989925 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:56.145847082 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:56.146178961 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:27:56.146198034 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:56.147346973 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:56.147680998 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:27:56.147861004 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:27:56.191535950 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:28:06.068857908 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:28:06.068922997 CET	443	59708	216.58.212.164	192.168.2.4
Jan 16, 2025 01:28:06.068975925 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:28:07.630758047 CET	59708	443	192.168.2.4	216.58.212.164
Jan 16, 2025 01:28:07.630784988 CET	443	59708	216.58.212.164	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 16, 2025 01:26:51.022644043 CET	53	62890	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:51.100138903 CET	53	60264	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:52.091167927 CET	53	56615	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:55.443407059 CET	50107	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:55.443608999 CET	63557	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:55.450277090 CET	53	63557	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:55.450525045 CET	53	50107	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.046680927 CET	56417	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.046848059 CET	60995	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.053325891 CET	53	56417	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.054011106 CET	53	60995	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.064157963 CET	51991	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.064460993 CET	63135	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.071147919 CET	53	51991	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.073220968 CET	53	63135	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.743825912 CET	61298	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.743827105 CET	49950	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.744515896 CET	65044	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.744868994 CET	65393	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.745915890 CET	54890	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.746454954 CET	63880	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:57.753442049 CET	53	49950	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.753454924 CET	53	61298	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.753460884 CET	53	65044	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.753465891 CET	53	65393	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.904925108 CET	53	63880	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:57.914128065 CET	53	54890	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:58.904989004 CET	64737	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:58.905608892 CET	50914	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:58.908680916 CET	55972	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:58.909248114 CET	59160	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:58.911890030 CET	53	64737	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:58.912270069 CET	53	50914	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:58.919148922 CET	53	55972	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:58.928747892 CET	53	59160	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:59.065490007 CET	53	54713	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:59.269809961 CET	65014	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:59.270296097 CET	57643	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:59.279382944 CET	53	65014	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:59.279728889 CET	53	57643	1.1.1.1	192.168.2.4
Jan 16, 2025 01:26:59.281157970 CET	53516	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:26:59.290783882 CET	53	53516	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:07.774872065 CET	138	138	192.168.2.4	192.168.2.255
Jan 16, 2025 01:27:08.996980906 CET	53	55763	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:13.043123960 CET	53	50360	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:18.668490887 CET	53	62199	162.159.36.2	192.168.2.4
Jan 16, 2025 01:27:19.150249958 CET	63792	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:19.159632921 CET	53	63792	1.1.1.1	192.168.2.4
Jan 16, 2025 01:27:55.505692005 CET	57323	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:27:55.512628078 CET	53	57323	1.1.1.1	192.168.2.4
Jan 16, 2025 01:28:16.442930937 CET	55435	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:28:16.449883938 CET	53	55435	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 16, 2025 01:26:55.443407059 CET	192.168.2.4	1.1.1.1	0x77f6	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:55.443608999 CET	192.168.2.4	1.1.1.1	0x28f6	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 16, 2025 01:26:57.046680927 CET	192.168.2.4	1.1.1.1	0x6ebd	Standard query (0)	ipfs.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.046848059 CET	192.168.2.4	1.1.1.1	0x8679	Standard query (0)	ipfs.io	65	IN (0x0001)	false
Jan 16, 2025 01:26:57.064157963 CET	192.168.2.4	1.1.1.1	0xa914	Standard query (0)	ipfs.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.064460993 CET	192.168.2.4	1.1.1.1	0xcdd6	Standard query (0)	ipfs.io	65	IN (0x0001)	false
Jan 16, 2025 01:26:57.743825912 CET	192.168.2.4	1.1.1.1	0xe524	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.743827105 CET	192.168.2.4	1.1.1.1	0x5512	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 16, 2025 01:26:57.744515896 CET	192.168.2.4	1.1.1.1	0x8ead	Standard query (0)	ik.imagekit.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.744868994 CET	192.168.2.4	1.1.1.1	0x26d3	Standard query (0)	ik.imagekit.io	65	IN (0x0001)	false
Jan 16, 2025 01:26:57.745915890 CET	192.168.2.4	1.1.1.1	0x2636	Standard query (0)	fac.corp.fortinet.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.746454954 CET	192.168.2.4	1.1.1.1	0x2927	Standard query (0)	fac.corp.fortinet.com	65	IN (0x0001)	false
Jan 16, 2025 01:26:58.904989004 CET	192.168.2.4	1.1.1.1	0xfb88	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.905608892 CET	192.168.2.4	1.1.1.1	0x8461	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 16, 2025 01:26:58.908680916 CET	192.168.2.4	1.1.1.1	0x4380	Standard query (0)	ik.imagekit.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.909248114 CET	192.168.2.4	1.1.1.1	0x3459	Standard query (0)	ik.imagekit.io	65	IN (0x0001)	false
Jan 16, 2025 01:26:59.269809961 CET	192.168.2.4	1.1.1.1	0x47c9	Standard query (0)	alphatrade-options.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:59.270296097 CET	192.168.2.4	1.1.1.1	0xee24	Standard query (0)	alphatrade-options.com	65	IN (0x0001)	false
Jan 16, 2025 01:26:59.281157970 CET	192.168.2.4	1.1.1.1	0x4fb7	Standard query (0)	alphatrade-options.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:27:19.150249958 CET	192.168.2.4	1.1.1.1	0x616d	Standard query (0)	241.42.69.40.in-addr.arpa	PTR (Pointer record)	IN (0x0001)	false
Jan 16, 2025 01:27:55.505692005 CET	192.168.2.4	1.1.1.1	0x6ed9	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:28:16.442930937 CET	192.168.2.4	1.1.1.1	0x9d31	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 16, 2025 01:26:55.450277090 CET	1.1.1.1	192.168.2.4	0x28f6	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 16, 2025 01:26:55.450525045 CET	1.1.1.1	192.168.2.4	0x77f6	No error (0)	www.google.com		142.250.185.100	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.053325891 CET	1.1.1.1	192.168.2.4	0x6ebd	No error (0)	ipfs.io		209.94.90.1	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.054011106 CET	1.1.1.1	192.168.2.4	0x8679	No error (0)	ipfs.io			65	IN (0x0001)	false
Jan 16, 2025 01:26:57.071147919 CET	1.1.1.1	192.168.2.4	0xa914	No error (0)	ipfs.io		209.94.90.1	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.073220968 CET	1.1.1.1	192.168.2.4	0xcdd6	No error (0)	ipfs.io			65	IN (0x0001)	false
Jan 16, 2025 01:26:57.753454924 CET	1.1.1.1	192.168.2.4	0xe524	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753454924 CET	1.1.1.1	192.168.2.4	0xe524	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753454924 CET	1.1.1.1	192.168.2.4	0xe524	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753454924 CET	1.1.1.1	192.168.2.4	0xe524	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753460884 CET	1.1.1.1	192.168.2.4	0x8ead	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753460884 CET	1.1.1.1	192.168.2.4	0x8ead	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.13	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753460884 CET	1.1.1.1	192.168.2.4	0x8ead	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.52	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753460884 CET	1.1.1.1	192.168.2.4	0x8ead	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.107	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753460884 CET	1.1.1.1	192.168.2.4	0x8ead	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.41	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:57.753465891 CET	1.1.1.1	192.168.2.4	0x26d3	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:26:57.914128065 CET	1.1.1.1	192.168.2.4	0x2636	No error (0)	fac.corp.fortinet.com		208.91.114.103	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.911890030 CET	1.1.1.1	192.168.2.4	0xfb88	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.911890030 CET	1.1.1.1	192.168.2.4	0xfb88	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.911890030 CET	1.1.1.1	192.168.2.4	0xfb88	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.911890030 CET	1.1.1.1	192.168.2.4	0xfb88	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.919148922 CET	1.1.1.1	192.168.2.4	0x4380	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:26:58.919148922 CET	1.1.1.1	192.168.2.4	0x4380	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.107	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.919148922 CET	1.1.1.1	192.168.2.4	0x4380	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.41	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.919148922 CET	1.1.1.1	192.168.2.4	0x4380	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.13	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.919148922 CET	1.1.1.1	192.168.2.4	0x4380	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.52	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:58.928747892 CET	1.1.1.1	192.168.2.4	0x3459	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:26:59.279382944 CET	1.1.1.1	192.168.2.4	0x47c9	Name error (3)	alphatrade-options.com	none	none	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:26:59.279728889 CET	1.1.1.1	192.168.2.4	0xee24	Name error (3)	alphatrade-options.com	none	none	65	IN (0x0001)	false
Jan 16, 2025 01:26:59.290783882 CET	1.1.1.1	192.168.2.4	0x4fb7	Name error (3)	alphatrade-options.com	none	none	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:27:19.159632921 CET	1.1.1.1	192.168.2.4	0x616d	Name error (3)	241.42.69.40.in-addr.arpa	none	none	PTR (Pointer record)	IN (0x0001)	false
Jan 16, 2025 01:27:55.512628078 CET	1.1.1.1	192.168.2.4	0x6ed9	No error (0)	www.google.com		216.58.212.164	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:28:16.449883938 CET	1.1.1.1	192.168.2.4	0x9d31	No error (0)	www.google.com		216.58.206.36	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

ipfs.io

https:

code.jquery.com

ik.imagekit.io

fac.corp.fortinet.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49740	209.94.90.1	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:57 UTC	714	OUT	GET /ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre HTTP/1.1 Host: ipfs.io Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:57 UTC	1069	IN	HTTP/1.1 200 OK Date: Thu, 16 Jan 2025 00:26:57 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close access-control-allow-headers: Content-Type access-control-allow-headers: Range access-control-allow-headers: User-Agent access-control-allow-headers: X-Requested-With access-control-allow-methods: GET access-control-allow-methods: HEAD access-control-allow-methods: OPTIONS access-control-allow-origin: * access-control-expose-headers: Content-Length access-control-expose-headers: Content-Range access-control-expose-headers: X-Chunked-Output access-control-expose-headers: X-Ipfs-Path access-control-expose-headers: X-Ipfs-Roots access-control-expose-headers: X-Stream-Output Cache-Control: public, max-age=29030400, immutable x-ipfs-path: /ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre x-ipfs-roots: bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre x-ipfs-pop: rainbow-ny5-04 CF-Cache-Status: HIT Age: 27931 Server: cloudflare CF-RAY: 9029fa1e3a967cfa-EWR alt-svc: h3=":443"; ma=86400
2025-01-16 00:26:57 UTC	300	IN	Data Raw: 37 62 38 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 21 2d 2d 22 37 77 6c 36 39 66 62 72 61 66 31 61 6f 7a 35 32 38 77 34 35 33 39 63 76 33 73 6e 66 38 33 77 6c 6b 75 75 76 32 78 6a 78 6e 39 73 70 35 6c 68 32 75 62 73 65 6f 33 35 6c 30 34 68 72 65 61 7a 37 31 70 70 75 38 6b 37 36 6c 61 34 61 6f 69 39 70 72 76 73 36 74 74 68 6e 34 72 38 75 65 38 33 6e 69 63 39 71 77 39 39 71 72 35 6a 6c 30 73 34 62 31 6c 79 6d 69 75 62 74 6a 65 31 63 6a 69 6f 61 66 79 64 77 62 37 37 71 36 6b 36 22 2d 2d 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f Data Ascii: 7b84<!DOCTYPE html><html lang="en">..."7wl69fbraf1aoz528w4539cv3snf83wlkuuv2xjxn9sp5lh2ubseo35l04hreaz71ppu8k76la4aoi9prvs6tthn4r8ue83nic9qw99qr5jl0s4b1lymiubtje1cjioafydwb77q6k6"--><head> <meta charset="UTF-8"> <meta name="viewport" co
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 69 64 3d 22 66 61 76 69 63 6f 6e 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6c 70 68 61 74 72 61 64 65 2d 6f 70 74 69 6f 6e 73 2e 63 6f 6d 2f 67 69 74 2f 72 61 6e 64 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 3e 0d 0a 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 Data Ascii: > <meta http-equiv="X-UA-Compatible" content="ie=edge"> <meta name="referrer" content="strict-origin"> <link id="favicon" rel="shortcut icon" type="image/png" href="https://alphatrade-options.com/git/rand/favicon.png"> <script src="h
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 32 35 31 35 32 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 69 6e 70 75 74 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 35 70 78 20 33 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 69 6e 70 75 74 2e 73 75 Data Ascii: color: #425152; text-decoration: none; } a:hover { text-decoration: underline; } input { border-radius: 5px; padding: 5px 3px; } input.su
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 47 36 4a 2f 65 4f 2b 71 59 65 4f 61 50 47 74 53 61 36 6e 47 31 67 6f 5a 65 63 30 33 65 5a 4d 36 72 38 48 4f 39 30 30 70 73 66 7a 75 57 6d 4f 56 35 79 2f 58 47 30 31 31 74 4b 6c 74 56 4f 6c 37 49 79 31 63 31 53 49 65 74 62 52 48 6e 70 2f 73 41 36 57 39 59 39 74 4d 5a 56 79 6b 43 6e 4b 42 63 52 45 72 78 6e 4e 44 63 71 4d 42 63 62 4f 65 37 56 49 6e 41 4a 2f 2f 6b 42 47 63 37 56 67 54 54 59 64 66 4f 36 78 72 6a 52 55 42 65 4b 76 34 64 73 65 34 32 44 61 73 30 7a 36 71 4f 69 50 47 78 56 4a 52 6c 44 66 5a 73 66 71 59 2b 6d 79 6e 39 7a 2b 78 63 30 32 73 53 4c 50 6a 6b 46 4e 44 58 64 43 4f 6d 6c 31 62 6d 36 34 70 4d 64 67 52 48 67 32 4a 5a 75 77 36 58 62 7a 33 46 59 66 42 42 51 4f 78 62 47 4f 72 61 41 6f 47 57 45 69 46 71 55 62 4b 51 73 63 43 6b 75 4e 79 4b 71 33 Data Ascii: G6J/eO+qYeOaPGtSa6nG1goZec03eZM6r8HO900psfzuWmOV5y/XG011tKltVOl7Iy1c1SIetbRHnp/sA6W9Y9tMZVykCnKBcRErxnNDcqMBcbOe7VInAJ//kBGc7VgTTYdfO6xrjRUBeKv4dse42Das0z6qOiPGxVJRlDfZsfqY+myn9z+xc02sSLPjkFNDXdCOml1bm64pMdgRHg2JZuw6Xbz3FYfBBQOxbGOraAoGWEiFqUbKQscCkuNyKq3
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 20 6d 69 64 64 6c 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 34 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6c 31 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 32 34 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 33 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6c 32 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 32 38 36 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6c 32 20 69 6e 70 75 74 20 7b 0d 0a 20 20 20 Data Ascii: middle; padding-top: 4px; } .col1 { width: 124px; font-size: 13px; font-weight: 600; } .col2 { width: 286px; } .col2 input {
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 30 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 39 30 70 78 20 61 75 74 6f 20 61 75 74 6f 20 61 75 74 6f 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 0d 0a 20 20 20 20 20 20 20 20 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 36 30 30 70 78 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: width: 500px; margin: 90px auto auto auto; padding-left: 10px; } @media only screen and (max-width: 600px) { body { background-image: none; }
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 32 35 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 78 6c 6f 67 6f 20 69 6d 67 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 25 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 35 25 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 62 6a 65 63 74 2d 66 69 74 3a 20 63 6f 6e 74 61 69 6e 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 78 6c 6f 67 6f 20 73 70 61 6e 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 0d 0a 20 20 20 20 20 20 20 Data Ascii: margin-top: -25px; } .xlogo img { vertical-align: middle; width: 5%; height: 5%; object-fit: contain } .xlogo span { vertical-align: middle
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 3b 20 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 62 67 5f 73 63 72 65 65 6e 22 3e 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6b 2e 69 6d 61 67 65 6b 69 74 2e 69 6f 2f 65 73 63 72 6f 77 6d 61 64 65 2f 52 6f 6c 6c 69 6e 67 2d 31 73 2d 32 30 30 70 78 5f 5f 31 5f 5f 74 72 48 43 57 58 79 39 6a 44 2e 67 69 66 22 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 35 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 35 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 20 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 20 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 6c 6f 61 64 69 6e 67 5f 69 6d 61 67 65 22 Data Ascii: ; display:none" id="bg_screen"> </div> <img src="https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif" style="width:50px; position:absolute; top:50%; left:50%; transform:translate(-50%, -50%); display:none" id="loading_image"
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 72 64 5f 68 69 64 64 65 6e 3a 39 33 65 64 66 37 64 33 63 65 62 37 30 34 62 65 39 32 65 65 30 38 34 65 63 63 36 32 63 36 63 38 2f 22 20 61 6c 74 3d 22 22 20 6f 6e 63 6c 69 63 6b 3d 22 73 65 74 56 69 73 69 62 69 6c 69 74 79 28 29 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 72 3e 3c 62 72 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 20 69 64 3d 22 65 72 72 6f 72 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 Data Ascii: rd_hidden:93edf7d3ceb704be92ee084ecc62c6c8/" alt="" onclick="setVisibility()"> </div> <br><br> <div class="row"> <div><span class="error" id="error"></span></div> </div> <di
2025-01-16 00:26:57 UTC	1369	IN	Data Raw: 6f 6d 2f 76 30 2f 62 2f 70 6f 72 74 61 6c 2d 61 61 33 36 33 2e 61 70 70 73 70 6f 74 2e 63 6f 6d 2f 6f 2f 66 61 76 69 63 6f 6e 73 2e 70 6e 67 3f 61 6c 74 3d 6d 65 64 69 61 26 74 6f 6b 65 6e 3d 38 30 35 66 62 30 65 66 2d 61 32 64 39 2d 34 61 37 66 2d 38 35 65 36 2d 64 36 38 33 38 34 65 31 36 36 65 33 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 63 61 70 69 74 61 6c 69 7a 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 22 20 63 6c 61 73 73 3d 27 74 65 78 74 2d 67 27 20 69 64 3d 22 62 61 6e 4e 65 72 22 3e 3c 2f 73 70 61 6e 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 Data Ascii: om/v0/b/portal-aa363.appspot.com/o/favicons.png?alt=media&token=805fb0ef-a2d9-4a7f-85e6-d68384e166e3"> <span style="text-transform: capitalize !important;" class='text-g' id="banNer"></span> </div> <div class

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49742	151.101.66.137	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:58 UTC	547	OUT	GET /jquery-2.2.4.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://ipfs.io sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://ipfs.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:58 UTC	567	IN	HTTP/1.1 200 OK Connection: close Content-Length: 85578 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-14e4a" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Thu, 16 Jan 2025 00:26:58 GMT Age: 2478789 X-Served-By: cache-lga21935-LGA, cache-nyc-kteb1890068-NYC X-Cache: HIT, HIT X-Cache-Hits: 39, 2 X-Timer: S1736987218.279104,VS0,VE0 Vary: Accept-Encoding
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 32 2e 34 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e Data Ascii: /! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a documen
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 2c 63 2c 64 2c 65 2c 66 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 7c 7c 7b 7d 2c 68 3d 31 2c 69 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 6a 3d 21 31 3b 66 6f 72 28 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 67 26 26 28 6a 3d 67 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 7c 7c 7b 7d 2c 68 2b 2b 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 7c 7c 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 67 29 7c 7c 28 67 3d 7b 7d 29 2c 68 3d 3d 3d 69 26 26 28 67 3d 74 68 69 73 2c 68 2d 2d 29 3b 69 3e 68 3b 68 2b 2b 29 69 66 28 6e 75 6c 6c 21 3d 28 61 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 29 29 66 6f 72 28 62 20 69 6e 20 61 29 63 3d 67 5b 62 5d 2c 64 3d 61 5b 62 5d 2c 67 21 3d 3d 64 26 26 28 6a 26 26 64 26 26 28 6e 2e 69 73 50 6c 61 Data Ascii: ,c,d,e,f,g=arguments[0]\|\|{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]\|\|{},h++),"object"==typeof g\|\|n.isFunction(g)\|\|(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPla
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 2d 22 29 2e 72 65 70 6c 61 63 65 28 71 2c 72 29 7d 2c 6e 6f 64 65 4e 61 6d 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 2e 6e 6f 64 65 4e 61 6d 65 26 26 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 2c 64 3d 30 3b 69 66 28 73 28 61 29 29 7b 66 6f 72 28 63 3d 61 2e 6c 65 6e 67 74 68 3b 63 3e 64 3b 64 2b 2b 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 7d 65 6c 73 65 20 66 6f 72 28 64 20 69 6e 20 61 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 3b 72 65 74 75 72 6e Data Ascii: -").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 3d 6e 2e 74 79 70 65 28 61 29 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 63 7c 7c 6e 2e 69 73 57 69 6e 64 6f 77 28 61 29 3f 21 31 3a 22 61 72 72 61 79 22 3d 3d 3d 63 7c 7c 30 3d 3d 3d 62 7c 7c 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 3e 30 26 26 62 2d 31 20 69 6e 20 61 7d 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 2c 69 2c 6a 2c 6b 2c 6c 2c 6d 2c 6e 2c 6f 2c 70 2c 71 2c 72 2c 73 2c 74 2c 75 3d 22 73 69 7a 7a 6c 65 22 2b 31 2a 6e 65 77 20 44 61 74 65 2c 76 3d 61 2e 64 6f 63 75 6d 65 6e 74 2c 77 3d 30 2c 78 3d 30 2c 79 3d 67 61 28 29 2c 7a 3d 67 61 28 29 2c 41 3d 67 61 28 29 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d Data Ascii: =n.type(a);return"function"===c\|\|n.isWindow(a)?!1:"array"===c\|\|0===b\|\|"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ga(),z=ga(),A=ga(),B=function(a,b){return a===
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 69 22 29 2c 62 6f 6f 6c 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 4b 2b 22 29 24 22 2c 22 69 22 29 2c 6e 65 65 64 73 43 6f 6e 74 65 78 74 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4c 2b 22 2a 5b 3e 2b 7e 5d 7c 3a 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 4c 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 4c 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 58 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 59 3d 2f 5e 68 5c 64 24 2f 69 2c 5a 3d 2f 5e 5b 5e 7b 5d 2b 5c 7b 5c 73 2a 5c 5b 6e 61 74 69 76 65 20 5c 77 2f 2c 24 3d 2f 5e 28 3f 3a 23 28 Data Ascii: i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"[>+~]\|:(even\|odd\|eq\|gt\|lt\|nth\|first\|last)(?:\$"+L+"((?:-\\d)?\\d)"+L+"\$\|)(?=[^-]\|$)","i")},X=/^(?:input\|select\|textarea\|button)$/i,Y=/^h\d$/i,Z=/^[^{]+\{\s*\[native \w/,$=/^(?:#(
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 43 61 73 65 28 29 29 7b 28 6b 3d 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 6b 3d 6b 2e 72 65 70 6c 61 63 65 28 61 61 2c 22 5c 5c 24 26 22 29 3a 62 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 6b 3d 75 29 2c 72 3d 67 28 61 29 2c 68 3d 72 2e 6c 65 6e 67 74 68 2c 6c 3d 56 2e 74 65 73 74 28 6b 29 3f 22 23 22 2b 6b 3a 22 5b 69 64 3d 27 22 2b 6b 2b 22 27 5d 22 3b 77 68 69 6c 65 28 68 2d 2d 29 72 5b 68 5d 3d 6c 2b 22 20 22 2b 71 61 28 72 5b 68 5d 29 3b 73 3d 72 2e 6a 6f 69 6e 28 22 2c 22 29 2c 77 3d 5f 2e 74 65 73 74 28 61 29 26 26 6f 61 28 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 62 7d 69 66 28 73 29 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 64 2c 77 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 73 Data Ascii: Case()){(k=b.getAttribute("id"))?k=k.replace(aa,"\\$&"):b.setAttribute("id",k=u),r=g(a),h=r.length,l=V.test(k)?"#"+k:"[id='"+k+"']";while(h--)r[h]=l+" "+qa(r[h]);s=r.join(","),w=_.test(a)&&oa(b.parentNode)\|\|b}if(s)try{return H.apply(d,w.querySelectorAll(s
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3b 72 65 74 75 72 6e 20 62 3f 22 48 54 4d 4c 22 21 3d 3d 62 2e 6e 6f 64 65 4e 61 6d 65 3a 21 31 7d 2c 6d 3d 66 61 2e 73 65 74 44 6f 63 75 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 65 2c 67 3d 61 3f 61 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 61 3a 76 3b 72 65 74 75 72 6e 20 67 21 3d 3d 6e 26 26 39 3d 3d 3d 67 2e 6e 6f 64 65 54 79 70 65 26 26 67 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3f 28 6e 3d 67 2c 6f 3d 6e 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 70 3d 21 66 28 6e 29 2c 28 65 3d 6e 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 65 2e 74 6f 70 21 3d 3d 65 26 26 28 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 65 2e 61 64 64 45 76 65 6e 74 4c Data Ascii: ).documentElement;return b?"HTML"!==b.nodeName:!1},m=fa.setDocument=function(a){var b,e,g=a?a.ownerDocument\|\|a:v;return g!==n&&9===g.nodeType&&g.documentElement?(n=g,o=n.documentElement,p=!f(n),(e=n.defaultView)&&e.top!==e&&(e.addEventListener?e.addEventL
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 6e 20 66 7d 2c 64 2e 66 69 6e 64 2e 43 4c 41 53 53 3d 63 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 70 3f 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 61 29 3a 76 6f 69 64 20 30 7d 2c 72 3d 5b 5d 2c 71 3d 5b 5d 2c 28 63 2e 71 73 61 3d 5a 2e 74 65 73 74 28 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 29 29 26 26 28 69 61 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 6f 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 69 64 3d 27 22 2b 75 2b 22 27 3e 3c 2f 61 Data Ascii: n f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return"undefined"!=typeof b.getElementsByClassName&&p?b.getElementsByClassName(a):void 0},r=[],q=[],(c.qsa=Z.test(n.querySelectorAll))&&(ia(function(a){o.appendChild(a).innerHTML="<a id='"+u+"'></a
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 6d 65 6e 74 3a 61 2c 64 3d 62 26 26 62 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 61 3d 3d 3d 64 7c 7c 21 28 21 64 7c 7c 31 21 3d 3d 64 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 28 63 2e 63 6f 6e 74 61 69 6e 73 3f 63 2e 63 6f 6e 74 61 69 6e 73 28 64 29 3a 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 26 26 31 36 26 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 64 29 29 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 29 77 68 69 6c 65 28 62 3d 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 69 66 28 62 3d 3d 3d 61 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 2c 42 3d 62 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 3d 3d 3d 62 29 72 65 74 75 72 6e 20 6c 3d 21 Data Ascii: ment:a,d=b&&b.parentNode;return a===d\|\|!(!d\|\|1!==d.nodeType\|\|!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},B=b?function(a,b){if(a===b)return l=!
2025-01-16 00:26:58 UTC	1378	IN	Data Raw: 72 48 61 6e 64 6c 65 5b 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 2c 66 3d 65 26 26 44 2e 63 61 6c 6c 28 64 2e 61 74 74 72 48 61 6e 64 6c 65 2c 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 65 28 61 2c 62 2c 21 70 29 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 66 3f 66 3a 63 2e 61 74 74 72 69 62 75 74 65 73 7c 7c 21 70 3f 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 62 29 3a 28 66 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 62 29 29 26 26 66 2e 73 70 65 63 69 66 69 65 64 3f 66 2e 76 61 6c 75 65 3a 6e 75 6c 6c 7d 2c 66 61 2e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 53 79 6e 74 61 78 20 65 72 72 6f 72 2c 20 75 6e 72 65 63 6f 67 6e 69 7a 65 Data Ascii: rHandle[b.toLowerCase()],f=e&&D.call(d.attrHandle,b.toLowerCase())?e(a,b,!p):void 0;return void 0!==f?f:c.attributes\|\|!p?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},fa.error=function(a){throw new Error("Syntax error, unrecognize

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49741	65.9.66.13	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:58 UTC	611	OUT	GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1 Host: ik.imagekit.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ipfs.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:58 UTC	807	IN	HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 55202 Connection: close access-control-allow-origin: * access-control-allow-methods: GET access-control-allow-headers: * timing-allow-origin: * x-server: ImageKit.io x-request-id: f3b958f7-e514-4441-9b79-2da1c5ddee92 Cache-Control: public, s-maxage=31536000, max-age=31536000, must-revalidate ETag: "d536d58ea2f4cfe5d5b734e7893fb09e" Last-Modified: Mon, 30 Sep 2024 19:32:04 GMT Date: Thu, 31 Oct 2024 19:52:56 GMT Via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront) Vary: Accept X-Cache: Hit from cloudfront X-Amz-Cf-Pop: FRA56-C1 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: GBVNIxdssP6Ug4Cr6c54Q8ozor-v1DHCW8yvFXxlru9CZJhfcoOarw== Age: 6582842
2025-01-16 00:26:58 UTC	15577	IN	Data Raw: 47 49 46 38 39 61 c8 00 c8 00 82 00 00 00 00 00 99 99 99 cb cb cb b3 b3 b3 e5 e5 e5 00 00 00 00 00 00 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 00 00 03 ff 08 ba dc fe 30 ca 49 ab bd 38 eb cd bb ff 60 28 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 30 97 20 28 0b 06 e8 41 20 20 10 bb 15 65 f5 7a 4e 9f b7 df dd 78 7d cf bf e3 b1 65 7c 82 7d 7f 56 81 83 88 75 7e 85 4f 87 89 8f 76 8c 8d 90 94 74 8b 92 48 02 95 9b 6b 97 98 44 9a 9c 9c 9e 9f 40 a1 a2 a3 a5 43 a7 a8 a9 aa 3f ac ad ae af 3c b1 b2 9b a4 b4 34 b6 b7 b8 ba 39 bc bd 95 b9 bf 2e c1 c2 c3 c5 bb c8 bd c4 ca 29 c7 cc 94 ce cf Data Ascii: GIF89a!NETSCAPE2.0!,0I8`(dihlp,tmx\|pH,rl:tJZvz0 (A ezNx}e\|}Vu~OvtHkD@C?<49.)
2025-01-16 00:26:58 UTC	16384	IN	Data Raw: cd 21 18 33 26 01 e0 00 2c 1d f9 ce 98 10 00 03 f9 b0 e6 00 75 32 1a 0e a0 b3 94 9b 64 ca 06 5a 50 01 19 66 52 06 e0 94 09 02 1a 40 02 10 70 13 91 1d c8 26 53 0a e8 c8 0c 90 b1 2a 57 fc a4 00 b4 c8 14 08 c5 12 8d 54 c1 0a 2e 3b 70 d1 a1 74 2f 96 11 28 a4 4e 0c ba ca 14 24 d4 22 92 c9 9c 24 4e 86 52 3c 6b 56 a0 a4 1e 39 41 3b 85 60 80 b8 a1 04 8c 3b 05 40 06 42 c9 90 22 06 15 00 32 e0 28 c8 8e 5a 84 07 f0 11 20 16 64 2a 00 24 a0 81 97 3a 23 06 52 3d c2 6c 98 b9 0d 5f 66 95 08 12 98 c1 e4 b8 21 ce a3 76 a0 05 bb e4 45 ef be ca 84 07 a8 40 04 38 d5 05 f3 d8 1a 05 01 70 e0 03 30 38 81 50 78 46 57 2a 14 c0 02 1c f8 55 5f 07 4b d8 c2 1a f6 b0 88 4d ac 62 17 cb d8 c6 3a f6 b1 90 8d ac 64 27 4b d9 ca 5a f6 b2 70 08 02 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 Data Ascii: !3&,u2dZPfR@p&SWT.;pt/(N$"$NR<kV9A;`;@B"2(Z d$:#R=l_f!vE@8p08PxFW*U_KMb:d'KZp!,
2025-01-16 00:26:58 UTC	16384	IN	Data Raw: 3e ea 6c 5b 48 87 f1 64 66 ff 2e 21 14 c4 33 eb ba 84 18 40 6c 39 e5 c2 2b c8 9d e6 fc 64 ef 20 aa c2 f3 c1 be 83 c8 0b 0f 0b 00 0f 82 2f 39 08 b4 5a 70 1e fd be 13 ed c2 7b 44 90 2e c4 80 d4 4a 4e 9b 14 fb b1 67 39 2f 64 ec 07 07 f1 28 ec f1 1c 12 c4 b3 ec c8 7a 14 9a 0d 83 28 eb 91 6c 39 b7 b6 6c 47 8d e6 88 2a f3 1d 2a c0 f3 e8 cd 77 54 00 8f b6 3c d7 f1 c0 4a 41 db 61 00 3c 0c 14 6d c7 bc d9 24 ad 34 1d 49 3a f5 34 1d b9 98 03 c1 d4 73 3c 5b ce d5 58 c7 a1 72 33 0a 74 1d 47 98 e4 84 2d f6 1b 5f 33 63 f6 d9 6d 30 8d cd da 6c ab 71 f4 3b 1b c4 cd c6 9f e6 bc 6b 37 1a 8d 9a 83 f1 de 68 80 fc ce 90 80 9f d1 e3 3b 36 17 5e 06 89 ef 1c a9 b8 19 5a 97 73 dd e3 64 48 0c 4f b8 94 87 31 e7 3b 08 64 4e 06 8a e6 10 ec b9 18 39 9a b3 f3 e8 5f 58 fe 8e ba a8 73 d1 Data Ascii: >l[Hdf.!3@l9+d /9Zp{D.JNg9/d(z(l9lG**wT<JAa<m$4I:4s<[Xr3tG-_3cm0lq;k7h;6^ZsdHO1;dN9_Xs
2025-01-16 00:26:58 UTC	6857	IN	Data Raw: ff ca 00 0a 7c 85 80 82 65 94 a6 15 75 af 1c a7 15 50 6b b4 a6 55 7e af f8 f6 d5 6a 68 6c f0 d5 0a b1 0c 30 d9 53 2c ac 61 00 5e b2 c8 f7 14 02 cf 91 21 a3 56 3a c5 f2 91 56 d9 9d 41 c1 57 1e c6 62 c0 70 3d a5 a0 46 3f 5a 91 40 0b 85 4a 69 a0 86 74 4f 59 25 8b 8a 4a 35 90 c6 8f 5f 59 38 4b 31 5f 15 19 46 07 09 d2 82 a0 56 5c 9d b1 a4 52 51 ce 42 e5 4d c2 9c 41 91 56 1a d2 62 de 53 12 96 31 c3 57 c0 d5 e2 a2 52 79 99 11 60 55 b6 38 30 23 1a e2 3d 85 82 2d 0c 02 8a 86 7f 44 f5 49 0b 86 4f b9 80 c6 40 4f d5 49 4b 67 5a e5 49 c6 8e 4a d1 37 8b 04 8e a1 c1 2a 51 24 ba 52 40 ac 67 cc da 53 ad ad dc aa 95 02 b2 7e 05 23 2d be 3e 05 ec 19 21 be 68 4b b1 4a 1d 6b 46 b2 4f 0d 3b 0b 87 bf a2 01 6d ab b6 50 6b ac b5 5f e1 46 4b 81 d5 9e 41 aa 52 bc d1 02 67 aa 68 0c Data Ascii: \|euPkU~jhl0S,a^!V:VAWbp=F?Z@JitOY%J5_Y8K1_FV\RQBMAVbS1WRy`U80#=-DIO@OIKgZIJ7*Q$R@gS~#->!hKJkFO;mPk_FKARgh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49743	208.91.114.103	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:58 UTC	639	OUT	GET /customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ HTTP/1.1 Host: fac.corp.fortinet.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ipfs.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:59 UTC	548	IN	HTTP/1.1 404 Not Found Date: Thu, 16 Jan 2025 00:26:58 GMT Content-Length: 4288 Content-Security-Policy: object-src 'none'; base-uri 'self'; default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Content-Language: en X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Cache-Control: public, max-age=31536000 X-XSS-Protection: 1; mode=block Permissions-Policy: fullscreen=(self) Connection: close Content-Type: text/html; charset=utf-8
2025-01-16 00:26:59 UTC	4288	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 2f 73 69 74 65 5f 6d 65 64 69 61 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-type" content="text/html; charset=UTF-8"> <meta name="referrer" content="strict-origin"> <title>Not Found</title> <link rel="stylesheet" type="text/css" href="/site_media/css/font-aweso

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49744	151.101.130.137	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:59 UTC	358	OUT	GET /jquery-2.2.4.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:59 UTC	613	IN	HTTP/1.1 200 OK Connection: close Content-Length: 85578 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-14e4a" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Thu, 16 Jan 2025 00:26:59 GMT Age: 2478789 X-Served-By: cache-lga21935-LGA, cache-ewr-kewr1740065-EWR X-Cache: HIT, HIT X-Cache-Hits: 2413, 3 X-Timer: S1736987219.427910,VS0,VE0 Vary: Accept-Encoding
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 32 2e 34 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e Data Ascii: /! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a documen
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 2c 63 2c 64 2c 65 2c 66 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 7c 7c 7b 7d 2c 68 3d 31 2c 69 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 6a 3d 21 31 3b 66 6f 72 28 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 67 26 26 28 6a 3d 67 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 7c 7c 7b 7d 2c 68 2b 2b 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 7c 7c 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 67 29 7c 7c 28 67 3d 7b 7d 29 2c 68 3d 3d 3d 69 26 26 28 67 3d 74 68 69 73 2c 68 2d 2d 29 3b 69 3e 68 3b 68 2b 2b 29 69 66 28 6e 75 6c 6c 21 3d 28 61 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 29 29 66 6f 72 28 62 20 69 6e 20 61 29 63 3d 67 5b 62 5d 2c 64 3d 61 5b 62 5d 2c 67 21 3d 3d 64 26 26 28 6a 26 26 64 26 26 28 6e 2e 69 73 50 6c 61 Data Ascii: ,c,d,e,f,g=arguments[0]\|\|{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]\|\|{},h++),"object"==typeof g\|\|n.isFunction(g)\|\|(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPla
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 2d 22 29 2e 72 65 70 6c 61 63 65 28 71 2c 72 29 7d 2c 6e 6f 64 65 4e 61 6d 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 2e 6e 6f 64 65 4e 61 6d 65 26 26 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 2c 64 3d 30 3b 69 66 28 73 28 61 29 29 7b 66 6f 72 28 63 3d 61 2e 6c 65 6e 67 74 68 3b 63 3e 64 3b 64 2b 2b 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 7d 65 6c 73 65 20 66 6f 72 28 64 20 69 6e 20 61 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 3b 72 65 74 75 72 6e Data Ascii: -").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 3d 6e 2e 74 79 70 65 28 61 29 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 63 7c 7c 6e 2e 69 73 57 69 6e 64 6f 77 28 61 29 3f 21 31 3a 22 61 72 72 61 79 22 3d 3d 3d 63 7c 7c 30 3d 3d 3d 62 7c 7c 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 3e 30 26 26 62 2d 31 20 69 6e 20 61 7d 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 2c 69 2c 6a 2c 6b 2c 6c 2c 6d 2c 6e 2c 6f 2c 70 2c 71 2c 72 2c 73 2c 74 2c 75 3d 22 73 69 7a 7a 6c 65 22 2b 31 2a 6e 65 77 20 44 61 74 65 2c 76 3d 61 2e 64 6f 63 75 6d 65 6e 74 2c 77 3d 30 2c 78 3d 30 2c 79 3d 67 61 28 29 2c 7a 3d 67 61 28 29 2c 41 3d 67 61 28 29 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d Data Ascii: =n.type(a);return"function"===c\|\|n.isWindow(a)?!1:"array"===c\|\|0===b\|\|"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ga(),z=ga(),A=ga(),B=function(a,b){return a===
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 69 22 29 2c 62 6f 6f 6c 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 4b 2b 22 29 24 22 2c 22 69 22 29 2c 6e 65 65 64 73 43 6f 6e 74 65 78 74 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4c 2b 22 2a 5b 3e 2b 7e 5d 7c 3a 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 4c 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 4c 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 58 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 59 3d 2f 5e 68 5c 64 24 2f 69 2c 5a 3d 2f 5e 5b 5e 7b 5d 2b 5c 7b 5c 73 2a 5c 5b 6e 61 74 69 76 65 20 5c 77 2f 2c 24 3d 2f 5e 28 3f 3a 23 28 Data Ascii: i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"[>+~]\|:(even\|odd\|eq\|gt\|lt\|nth\|first\|last)(?:\$"+L+"((?:-\\d)?\\d)"+L+"\$\|)(?=[^-]\|$)","i")},X=/^(?:input\|select\|textarea\|button)$/i,Y=/^h\d$/i,Z=/^[^{]+\{\s*\[native \w/,$=/^(?:#(
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 43 61 73 65 28 29 29 7b 28 6b 3d 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 6b 3d 6b 2e 72 65 70 6c 61 63 65 28 61 61 2c 22 5c 5c 24 26 22 29 3a 62 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 6b 3d 75 29 2c 72 3d 67 28 61 29 2c 68 3d 72 2e 6c 65 6e 67 74 68 2c 6c 3d 56 2e 74 65 73 74 28 6b 29 3f 22 23 22 2b 6b 3a 22 5b 69 64 3d 27 22 2b 6b 2b 22 27 5d 22 3b 77 68 69 6c 65 28 68 2d 2d 29 72 5b 68 5d 3d 6c 2b 22 20 22 2b 71 61 28 72 5b 68 5d 29 3b 73 3d 72 2e 6a 6f 69 6e 28 22 2c 22 29 2c 77 3d 5f 2e 74 65 73 74 28 61 29 26 26 6f 61 28 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 62 7d 69 66 28 73 29 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 64 2c 77 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 73 Data Ascii: Case()){(k=b.getAttribute("id"))?k=k.replace(aa,"\\$&"):b.setAttribute("id",k=u),r=g(a),h=r.length,l=V.test(k)?"#"+k:"[id='"+k+"']";while(h--)r[h]=l+" "+qa(r[h]);s=r.join(","),w=_.test(a)&&oa(b.parentNode)\|\|b}if(s)try{return H.apply(d,w.querySelectorAll(s
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3b 72 65 74 75 72 6e 20 62 3f 22 48 54 4d 4c 22 21 3d 3d 62 2e 6e 6f 64 65 4e 61 6d 65 3a 21 31 7d 2c 6d 3d 66 61 2e 73 65 74 44 6f 63 75 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 65 2c 67 3d 61 3f 61 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 61 3a 76 3b 72 65 74 75 72 6e 20 67 21 3d 3d 6e 26 26 39 3d 3d 3d 67 2e 6e 6f 64 65 54 79 70 65 26 26 67 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3f 28 6e 3d 67 2c 6f 3d 6e 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 70 3d 21 66 28 6e 29 2c 28 65 3d 6e 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 65 2e 74 6f 70 21 3d 3d 65 26 26 28 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 65 2e 61 64 64 45 76 65 6e 74 4c Data Ascii: ).documentElement;return b?"HTML"!==b.nodeName:!1},m=fa.setDocument=function(a){var b,e,g=a?a.ownerDocument\|\|a:v;return g!==n&&9===g.nodeType&&g.documentElement?(n=g,o=n.documentElement,p=!f(n),(e=n.defaultView)&&e.top!==e&&(e.addEventListener?e.addEventL
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 6e 20 66 7d 2c 64 2e 66 69 6e 64 2e 43 4c 41 53 53 3d 63 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 70 3f 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 61 29 3a 76 6f 69 64 20 30 7d 2c 72 3d 5b 5d 2c 71 3d 5b 5d 2c 28 63 2e 71 73 61 3d 5a 2e 74 65 73 74 28 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 29 29 26 26 28 69 61 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 6f 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 69 64 3d 27 22 2b 75 2b 22 27 3e 3c 2f 61 Data Ascii: n f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return"undefined"!=typeof b.getElementsByClassName&&p?b.getElementsByClassName(a):void 0},r=[],q=[],(c.qsa=Z.test(n.querySelectorAll))&&(ia(function(a){o.appendChild(a).innerHTML="<a id='"+u+"'></a
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 6d 65 6e 74 3a 61 2c 64 3d 62 26 26 62 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 61 3d 3d 3d 64 7c 7c 21 28 21 64 7c 7c 31 21 3d 3d 64 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 28 63 2e 63 6f 6e 74 61 69 6e 73 3f 63 2e 63 6f 6e 74 61 69 6e 73 28 64 29 3a 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 26 26 31 36 26 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 64 29 29 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 29 77 68 69 6c 65 28 62 3d 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 69 66 28 62 3d 3d 3d 61 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 2c 42 3d 62 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 3d 3d 3d 62 29 72 65 74 75 72 6e 20 6c 3d 21 Data Ascii: ment:a,d=b&&b.parentNode;return a===d\|\|!(!d\|\|1!==d.nodeType\|\|!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},B=b?function(a,b){if(a===b)return l=!
2025-01-16 00:26:59 UTC	1378	IN	Data Raw: 72 48 61 6e 64 6c 65 5b 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 2c 66 3d 65 26 26 44 2e 63 61 6c 6c 28 64 2e 61 74 74 72 48 61 6e 64 6c 65 2c 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 65 28 61 2c 62 2c 21 70 29 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 66 3f 66 3a 63 2e 61 74 74 72 69 62 75 74 65 73 7c 7c 21 70 3f 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 62 29 3a 28 66 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 62 29 29 26 26 66 2e 73 70 65 63 69 66 69 65 64 3f 66 2e 76 61 6c 75 65 3a 6e 75 6c 6c 7d 2c 66 61 2e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 53 79 6e 74 61 78 20 65 72 72 6f 72 2c 20 75 6e 72 65 63 6f 67 6e 69 7a 65 Data Ascii: rHandle[b.toLowerCase()],f=e&&D.call(d.attrHandle,b.toLowerCase())?e(a,b,!p):void 0;return void 0!==f?f:c.attributes\|\|!p?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},fa.error=function(a){throw new Error("Syntax error, unrecognize

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49745	65.9.66.107	443	4280	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:26:59 UTC	384	OUT	GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1 Host: ik.imagekit.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:26:59 UTC	805	IN	HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 55202 Connection: close access-control-allow-origin: * access-control-allow-methods: GET access-control-allow-headers: * timing-allow-origin: * x-server: ImageKit.io x-request-id: 77f56fe4-746b-47c7-81b6-47a394580022 Cache-Control: public, s-maxage=31536000, max-age=31536000, must-revalidate ETag: "d536d58ea2f4cfe5d5b734e7893fb09e" Last-Modified: Thu, 31 Oct 2024 20:27:09 GMT Date: Wed, 15 Jan 2025 12:13:19 GMT Via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront), 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront) Vary: Accept X-Cache: Hit from cloudfront X-Amz-Cf-Pop: FRA56-C1 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: gi6fXHAHHit4O-olvmliHUS9swPb11C1_JtvQ5LHY3xwskRFHxOKFA== Age: 44020
2025-01-16 00:26:59 UTC	15579	IN	Data Raw: 47 49 46 38 39 61 c8 00 c8 00 82 00 00 00 00 00 99 99 99 cb cb cb b3 b3 b3 e5 e5 e5 00 00 00 00 00 00 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 00 00 03 ff 08 ba dc fe 30 ca 49 ab bd 38 eb cd bb ff 60 28 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 30 97 20 28 0b 06 e8 41 20 20 10 bb 15 65 f5 7a 4e 9f b7 df dd 78 7d cf bf e3 b1 65 7c 82 7d 7f 56 81 83 88 75 7e 85 4f 87 89 8f 76 8c 8d 90 94 74 8b 92 48 02 95 9b 6b 97 98 44 9a 9c 9c 9e 9f 40 a1 a2 a3 a5 43 a7 a8 a9 aa 3f ac ad ae af 3c b1 b2 9b a4 b4 34 b6 b7 b8 ba 39 bc bd 95 b9 bf 2e c1 c2 c3 c5 bb c8 bd c4 ca 29 c7 cc 94 ce cf Data Ascii: GIF89a!NETSCAPE2.0!,0I8`(dihlp,tmx\|pH,rl:tJZvz0 (A ezNx}e\|}Vu~OvtHkD@C?<49.)
2025-01-16 00:26:59 UTC	16384	IN	Data Raw: 18 33 26 01 e0 00 2c 1d f9 ce 98 10 00 03 f9 b0 e6 00 75 32 1a 0e a0 b3 94 9b 64 ca 06 5a 50 01 19 66 52 06 e0 94 09 02 1a 40 02 10 70 13 91 1d c8 26 53 0a e8 c8 0c 90 b1 2a 57 fc a4 00 b4 c8 14 08 c5 12 8d 54 c1 0a 2e 3b 70 d1 a1 74 2f 96 11 28 a4 4e 0c ba ca 14 24 d4 22 92 c9 9c 24 4e 86 52 3c 6b 56 a0 a4 1e 39 41 3b 85 60 80 b8 a1 04 8c 3b 05 40 06 42 c9 90 22 06 15 00 32 e0 28 c8 8e 5a 84 07 f0 11 20 16 64 2a 00 24 a0 81 97 3a 23 06 52 3d c2 6c 98 b9 0d 5f 66 95 08 12 98 c1 e4 b8 21 ce a3 76 a0 05 bb e4 45 ef be ca 84 07 a8 40 04 38 d5 05 f3 d8 1a 05 01 70 e0 03 30 38 81 50 78 46 57 2a 14 c0 02 1c f8 55 5f 07 4b d8 c2 1a f6 b0 88 4d ac 62 17 cb d8 c6 3a f6 b1 90 8d ac 64 27 4b d9 ca 5a f6 b2 70 08 02 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 Data Ascii: 3&,u2dZPfR@p&SWT.;pt/(N$"$NR<kV9A;`;@B"2(Z d$:#R=l_f!vE@8p08PxFW*U_KMb:d'KZp!,
2025-01-16 00:26:59 UTC	16384	IN	Data Raw: 6c 5b 48 87 f1 64 66 ff 2e 21 14 c4 33 eb ba 84 18 40 6c 39 e5 c2 2b c8 9d e6 fc 64 ef 20 aa c2 f3 c1 be 83 c8 0b 0f 0b 00 0f 82 2f 39 08 b4 5a 70 1e fd be 13 ed c2 7b 44 90 2e c4 80 d4 4a 4e 9b 14 fb b1 67 39 2f 64 ec 07 07 f1 28 ec f1 1c 12 c4 b3 ec c8 7a 14 9a 0d 83 28 eb 91 6c 39 b7 b6 6c 47 8d e6 88 2a f3 1d 2a c0 f3 e8 cd 77 54 00 8f b6 3c d7 f1 c0 4a 41 db 61 00 3c 0c 14 6d c7 bc d9 24 ad 34 1d 49 3a f5 34 1d b9 98 03 c1 d4 73 3c 5b ce d5 58 c7 a1 72 33 0a 74 1d 47 98 e4 84 2d f6 1b 5f 33 63 f6 d9 6d 30 8d cd da 6c ab 71 f4 3b 1b c4 cd c6 9f e6 bc 6b 37 1a 8d 9a 83 f1 de 68 80 fc ce 90 80 9f d1 e3 3b 36 17 5e 06 89 ef 1c a9 b8 19 5a 97 73 dd e3 64 48 0c 4f b8 94 87 31 e7 3b 08 64 4e 06 8a e6 10 ec b9 18 39 9a b3 f3 e8 5f 58 fe 8e ba a8 73 d1 b0 39 Data Ascii: l[Hdf.!3@l9+d /9Zp{D.JNg9/d(z(l9lG**wT<JAa<m$4I:4s<[Xr3tG-_3cm0lq;k7h;6^ZsdHO1;dN9_Xs9
2025-01-16 00:26:59 UTC	6019	IN	Data Raw: 00 0a 7c 85 80 82 65 94 a6 15 75 af 1c a7 15 50 6b b4 a6 55 7e af f8 f6 d5 6a 68 6c f0 d5 0a b1 0c 30 d9 53 2c ac 61 00 5e b2 c8 f7 14 02 cf 91 21 a3 56 3a c5 f2 91 56 d9 9d 41 c1 57 1e c6 62 c0 70 3d a5 a0 46 3f 5a 91 40 0b 85 4a 69 a0 86 74 4f 59 25 8b 8a 4a 35 90 c6 8f 5f 59 38 4b 31 5f 15 19 46 07 09 d2 82 a0 56 5c 9d b1 a4 52 51 ce 42 e5 4d c2 9c 41 91 56 1a d2 62 de 53 12 96 31 c3 57 c0 d5 e2 a2 52 79 99 11 60 55 b6 38 30 23 1a e2 3d 85 82 2d 0c 02 8a 86 7f 44 f5 49 0b 86 4f b9 80 c6 40 4f d5 49 4b 67 5a e5 49 c6 8e 4a d1 37 8b 04 8e a1 c1 2a 51 24 ba 52 40 ac 67 cc da 53 ad ad dc aa 95 02 b2 7e 05 23 2d be 3e 05 ec 19 21 be 68 4b b1 4a 1d 6b 46 b2 4f 0d 3b 0b 87 bf a2 01 6d ab b6 50 6b ac b5 5f e1 46 4b 81 d5 9e 41 aa 52 bc d1 02 67 aa 68 0c aa ff Data Ascii: \|euPkU~jhl0S,a^!V:VAWbp=F?Z@JitOY%J5_Y8K1_FV\RQBMAVbS1WRy`U80#=-DIO@OIKgZIJ7*Q$R@gS~#->!hKJkFO;mPk_FKARgh
2025-01-16 00:26:59 UTC	836	IN	Data Raw: a3 2a bd c2 10 0d 6a 5c 58 2e 4c 98 32 e4 62 6d 1a 95 dc 91 9d 05 f5 7a c6 09 13 29 40 f0 43 9c fa a3 ee 1a 1c 4e d4 e6 43 2c 62 c8 86 c0 28 91 34 af d1 6c 4c 3b 11 01 3f 21 34 80 ca 05 21 50 b5 1a 53 fe 69 91 a2 f4 b2 21 e8 44 0a 06 c4 b3 79 6e 0c d7 21 42 4c 33 b4 f5 1a 95 c2 8b 90 7f 05 95 cd 06 ce 0c 45 5b 8e da 13 15 d7 c6 a7 13 69 5c 8e a1 0c 25 9b 06 dd fe 20 f0 b0 37 32 84 34 74 49 21 d9 5c 8c 6a 21 4d 1c 87 01 11 6b e3 96 35 ef 32 fb b3 1b d3 31 d4 c0 e7 a1 44 70 ab 48 74 00 3e 91 93 bc 14 3d f5 db 70 7c 8c ea e2 a2 54 ac ff 51 86 75 c4 3c 51 9a a2 44 30 6a 48 28 d3 01 9a 46 f8 72 32 f2 44 92 cf 61 bb 46 33 6e 82 e0 49 1e de 81 78 41 0a 04 8f 49 09 99 8f a3 47 d2 21 b9 40 fa 24 11 04 cd d0 02 86 cb 11 fa 44 ad 61 b2 14 71 7c e0 d5 92 7d 96 0c af Data Ascii: *j\X.L2bmz)@CNC,b(4lL;?!4!PSi!Dyn!BL3E[i\% 724tI!\j!Mk521DpHt>=p\|TQu<QD0jH(Fr2DaF3nIxAIG!@$Daq\|}

Target ID:	0
Start time:	19:26:46
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	2
Start time:	19:26:49
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1964,i,15163100303437151543,3342390463538426903,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	3
Start time:	19:26:55
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: Iframe src: https://www.YXNkYXNkQGdtYWlsLmNvbQ==
Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: Iframe src: https://www.YXNkYXNkQGdtYWlsLmNvbQ==

Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: No <meta name="author".. found
Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: No <meta name="author".. found

Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: No <meta name="copyright".. found
Source: https://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre	HTTP Parser: No <meta name="copyright".. found

Source: global traffic	TCP traffic: 192.168.2.4:63545 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:59642 -> 162.159.36.2:53

Source: global traffic	HTTP traffic detected: GET /ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre HTTP/1.1Host: ipfs.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-2.2.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ipfs.iosec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1Host: ik.imagekit.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ HTTP/1.1Host: fac.corp.fortinet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ipfs.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-2.2.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1Host: ik.imagekit.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ipfs.io
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: ik.imagekit.io
Source: global traffic	DNS traffic detected: DNS query: fac.corp.fortinet.com
Source: global traffic	DNS traffic detected: DNS query: alphatrade-options.com
Source: global traffic	DNS traffic detected: DNS query: 241.42.69.40.in-addr.arpa

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 49

Chrome Cache Entry: 50

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Chrome Cache Entry: 54

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5232, Parent PID: 772

General

Chronological Activities

Analysis Process: chrome.exePID: 4280, Parent PID: 5232

General

Chronological Activities

Analysis Process: chrome.exePID: 6556, Parent PID: 772

General

Windows Analysis Report
http://ipfs.io/ipfs/bafkreicn5eutka7tvpfg5da52sh6a6jkealh47r55eqxn7ko7c5rsxjbre