Edit tour

Windows Analysis Report
http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html

Overview

General Information

Sample URL:	http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html
Analysis ID:	1592356
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 1012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1984,i,18264050135257540139,10615610278554493349,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6564 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 16 Jan 2025 00:36:05 GMTContent-Length: 4288Content-Security-Policy: object-src 'none'; base-uri 'self'; default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'X-Frame-Options: SAMEORIGINVary: Accept-EncodingContent-Language: enX-Content-Type-Options: nosniffReferrer-Policy: strict-origin-when-cross-originCache-Control: public, max-age=31536000X-XSS-Protection: 1; mode=blockPermissions-Policy: fullscreen=(self)Connection: closeContent-Type: text/html; charset=utf-8

Source: chromecache_50.2.dr	String found in binary or memory: https://alphatrade-options.com/git/rand/favicon.png
Source: chromecache_50.2.dr	String found in binary or memory: https://code.jquery.com/jquery-2.2.4.min.js
Source: chromecache_50.2.dr	String found in binary or memory: https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/
Source: chromecache_50.2.dr	String found in binary or memory: https://firebasestorage.googleapis.com/v0/b/portal-aa363.appspot.com/o/favicons.png?alt=media&token=
Source: chromecache_50.2.dr	String found in binary or memory: https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: classification engine

Classification label: mal48.win@18/10@19/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1984,i,18264050135257540139,10615610278554493349,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1984,i,18264050135257540139,10615610278554493349,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label	Link
https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/	0%	Avira URL Cloud	safe
https://alphatrade-options.com/git/rand/favicon.png	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
code.jquery.com	151.101.194.137	true	false	high
faint-sandwich-miniature.on-fleek.app	104.26.12.141	true	false	unknown
www.google.com	142.250.185.228	true	false	high
fac.corp.fortinet.com	208.91.114.103	true	false	high
d28h3jm4r3crf8.cloudfront.net	65.9.66.52	true	false	unknown
alphatrade-options.com	unknown	unknown	false	high
ik.imagekit.io	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	false		unknown
https://code.jquery.com/jquery-2.2.4.min.js	false		high
https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/	false	Avira URL Cloud: safe	unknown
https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://alphatrade-options.com/git/rand/favicon.png	chromecache_50.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
151.101.130.137	unknown	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.26.13.141	unknown	United States	13335	CLOUDFLARENETUS	false
65.9.66.52	d28h3jm4r3crf8.cloudfront.net	United States	16509	AMAZON-02US	false
208.91.114.103	fac.corp.fortinet.com	United States	40934	FORTINETUS	false
151.101.194.137	code.jquery.com	United States	54113	FASTLYUS	false
65.9.66.13	unknown	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1592356
Start date and time:	2025-01-16 01:35:00 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 1s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@18/10@19/10
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 172.217.18.14, 66.102.1.84, 142.250.185.78, 142.250.186.174, 172.217.16.206, 142.250.185.202, 142.250.186.42, 142.250.186.74, 142.250.185.138, 142.250.186.106, 142.250.181.234, 172.217.18.10, 142.250.185.234, 216.58.212.138, 142.250.186.138, 142.250.186.170, 142.250.185.74, 216.58.206.74, 216.58.206.42, 142.250.185.170, 142.250.184.202, 217.20.57.18, 2.23.77.188, 199.232.214.172, 142.250.185.142, 172.217.18.110, 142.250.186.78, 142.250.186.99, 142.250.186.46, 142.250.181.238, 142.250.80.46, 74.125.0.102, 142.250.185.238, 184.28.90.27, 4.245.163.56, 13.107.246.45
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, r1.sn-t0aekn7e.gvt1.com, clients.l.google.com, r1---sn-t0aekn7e.gvt1.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html

Input	Output
URL: http://faint-sandwich-miniature.on-fleek.app Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": true, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": true, "reasoning": "The URL uses a non-standard TLD (.app) and appears to be hosted on a third-party platform (on-fleek). The subdomain contains multiple words joined by hyphens which is unusual and could be considered long. The domain doesn't appear to be a well-known or established brand." }
URL: http://faint-sandwich-miniature.on-fleek.app
URL: https://faint-sandwich-miniature.on-fleek.app/yibq... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate security measure to ensure that the parent window and opener are reloaded if the current page is redirected to a login page. This behavior is common in web applications to prevent potential session hijacking or other security issues. While the code uses some DOM manipulation, it does not exhibit any high-risk indicators like dynamic code execution or data exfiltration. The overall risk is low, as the script seems to be implementing a standard security practice." }
// Ensure that parent window and opener reload if a page is redirected to login if (top.location != window.location) { top.location.reload(); } if (window.opener && window.opener.top.location != window.location) { window.opener.top.location.reload(); self.close(); }
URL: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "This is a very important security measure. To protect your email account. Your account may be restricted until you can verify your identity.", "prominent_button_name": "Log in", "text_input_field_labels": [ "Email:", "Password:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "To protect your email account. Your account may be restricted until you can verify your identity.", "prominent_button_name": "Log in", "text_input_field_labels": [ "Email:", "Password:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	dropped
Size (bytes):	55202
Entropy (8bit):	7.826111557987171
Encrypted:	false
SSDEEP:	1536:WDc0CcT48aUauqkbuZr4/AxOjKWsftVDxLF:ZU4DUPiq/fupftt
MD5:	D536D58EA2F4CFE5D5B734E7893FB09E
SHA1:	77C5E9FCBB33EB9B6DF808AA86F50E0542E5162F
SHA-256:	669C17CDE38DD0AB9673DE77A674C5B192E934399BBEE3EBED65BD70B05BFF5F
SHA-512:	69CE0DF240C3A0AE4ACFF39DE7B08AA9DF3BD288179FAAAC501F59496934C4245B35D888D2424ED66A2C187E65380AA1EF9FA059AC89BB9057C468F3F5CBBBB0
Malicious:	false
Reputation:	low
Preview:	GIF89a..............................!..NETSCAPE2.0.....!.......,...............0.I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..0. (...A ...e.zN....x}..e\|.}.V...u~.O...v....t..H...k..D.....@....C....?....<.....4....9.............)....&r..."........e....,.....3..e.6......8.........5.b;...5f...x.Mb...,...Q.....=....H....;.....#...Y#. .4K.l53....z..a...0v.:....JL...(.FQ:B....../ne...VT.(..].....d..[B.[.#.R..W..Dw...+...G..{....b.....)...A.+k.,H...A.V.Zt..+\M....=.[Ox]..l..oo..H.nT.};X-<.U..i.]...9.+x.&.t...7..x+..... .a...$....!oA.Gpw.................'.~!.8....\).-..U. t....a^.aa.O.{.P.?.b%C..`G....C"Q.m..r3\|.an.X.v....3.....o.8.#......Y8K.cc5B.A$......7d.L.kl.d18NYB.@v.ev9h...V.@..g.i....d.j.Re.^...l...$l.....Y&..`..,..Q.*P....bi... .T...D.h..i.Z.J)zb.Q..F..)...Z.......iQ..$.....3..@j'.MH....6qj$. [m.LL.,..n{.4..P..z.n....M.=,[....-tW.Kn-.V.E.R.+...j....j0p.[.L.1..z+?..s.#.{..X..,.gT...H......#..&..1" 'A..+.G.M.,s..Fa.....-.@.R..A..r1.

Chrome Cache Entry: 49

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.452819531114783
Encrypted:	false
SSDEEP:	3:HrRL:1L
MD5:	1E864FBFC865DB4414C7938AF8717484
SHA1:	F8BF8AC081AEC1C65D319CA5F7011A563DBA68BB
SHA-256:	DD41A8261FB62B1852F6937368C64238FF2FEEFD0CB07567EB74A29004DA344A
SHA-512:	824D5EBC56C9E9DBC7B10BBC33D45BEE0640DEE1D3F16888ADD60E8F6B3BA62F961B0519ECEDFC7294A2B74B293728C24BD8B6EFD7D925509A2A6F770F26471A
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkbkCeXwtXiqxIFDYbYYl4=?alt=proto
Preview:	CgkKBw2G2GJeGgA=

Chrome Cache Entry: 50

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (52134), with CRLF line terminators
Category:	downloaded
Size (bytes):	168822
Entropy (8bit):	5.150618572002559
Encrypted:	false
SSDEEP:	3072:veR825KQJuhVifQSuWbSU4JxZ/91G21AHYaDoynauI0xDwRLB:GRUGSifQSuWbR4JxZ/9PuoyaZZB
MD5:	20305B151EA9DB7CEE7B2275E9D83F75
SHA1:	B7ECBBF5EFE88650B1552CA8979D488146C09366
SHA-256:	FAC9EA286744EA0344F6028D6909BCD627698784346748D92948CECA9500F4D6
SHA-512:	874078B79FC32E5964388595068F27D0369FD67F089C728EC3E546897B49903E705728A46E5B4A64A627CCB6E27E725041CA92E42B3B0B6A23D47656D0E2AAF0
Malicious:	false
Reputation:	low
URL:	https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html
Preview:	<!DOCTYPE html>..<html lang="en">.. "hsb3t2umbp9itfr36yd4a9pp0rewzmn5div0r7ujau55l57y1t3i1m4yl3g1zcitsndsfd4wpr0sp8abewc400ixwytwc9qv492mbee9vlq6cdrmxlemuir7qbjp7i43q89isjsicyt"-->..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <meta http-equiv="X-UA-Compatible" content="ie=edge">.. <meta name="referrer" content="strict-origin">.. <link id="favicon" rel="shortcut icon" type="image/png" href="https://alphatrade-options.com/git/rand/favicon.png">.... <script src="https://code.jquery.com/jquery-2.2.4.min.js".. integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" crossorigin="anonymous"></script>.. <title>Webmail</title>.. <script nonce="">.. // Ensure that parent window and opener reload if a page is redirected to login.. if (top.location != window.location) {.. top.location.reload();.. }.. if (window.opener && window.opener.top.location != windo

Chrome Cache Entry: 51

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	downloaded
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
URL:	https://code.jquery.com/jquery-2.2.4.min.js
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 200 x 200
Category:	downloaded
Size (bytes):	55202
Entropy (8bit):	7.826111557987171
Encrypted:	false
SSDEEP:	1536:WDc0CcT48aUauqkbuZr4/AxOjKWsftVDxLF:ZU4DUPiq/fupftt
MD5:	D536D58EA2F4CFE5D5B734E7893FB09E
SHA1:	77C5E9FCBB33EB9B6DF808AA86F50E0542E5162F
SHA-256:	669C17CDE38DD0AB9673DE77A674C5B192E934399BBEE3EBED65BD70B05BFF5F
SHA-512:	69CE0DF240C3A0AE4ACFF39DE7B08AA9DF3BD288179FAAAC501F59496934C4245B35D888D2424ED66A2C187E65380AA1EF9FA059AC89BB9057C468F3F5CBBBB0
Malicious:	false
Reputation:	low
URL:	https://ik.imagekit.io/escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif
Preview:	GIF89a..............................!..NETSCAPE2.0.....!.......,...............0.I..8...`(.di.h..l.p,.tm.x..\|....pH,...r.l:..tJ.Z..v..z..0. (...A ...e.zN....x}..e\|.}.V...u~.O...v....t..H...k..D.....@....C....?....<.....4....9.............)....&r..."........e....,.....3..e.6......8.........5.b;...5f...x.Mb...,...Q.....=....H....;.....#...Y#. .4K.l53....z..a...0v.:....JL...(.FQ:B....../ne...VT.(..].....d..[B.[.#.R..W..Dw...+...G..{....b.....)...A.+k.,H...A.V.Zt..+\M....=.[Ox]..l..oo..H.nT.};X-<.U..i.]...9.+x.&.t...7..x+..... .a...$....!oA.Gpw.................'.~!.8....\).-..U. t....a^.aa.O.{.P.?.b%C..`G....C"Q.m..r3\|.an.X.v....3.....o.8.#......Y8K.cc5B.A$......7d.L.kl.d18NYB.@v.ev9h...V.@..g.i....d.j.Re.^...l...$l.....Y&..`..,..Q.*P....bi... .T...D.h..i.Z.J)zb.Q..F..)...Z.......iQ..$.....3..@j'.MH....6qj$. [m.LL.,..n{.4..P..z.n....M.=,[....-tW.Kn-.V.E.R.+...j....j0p.[.L.1..z+?..s.#.{..X..,.gT...H......#..&..1" 'A..+.G.M.,s..Fa.....-.@.R..A..r1.

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	dropped
Size (bytes):	85578
Entropy (8bit):	5.366055229017455
Encrypted:	false
SSDEEP:	1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2
MD5:	2F6B11A7E914718E0290410E85366FE9
SHA1:	69BB69E25CA7D5EF0935317584E6153F3FD9A88C
SHA-256:	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
SHA-512:	0D40BCCAA59FEDECF7243D63B33C42592541D0330FEFC78EC81A4C6B9689922D5B211011CA4BE23AE22621CCE4C658F52A1552C92D7AC3615241EB640F8514DB
Malicious:	false
Reputation:	low
Preview:	/! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 16, 2025 01:35:55.575263977 CET	49675	443	192.168.2.4	173.222.162.32
Jan 16, 2025 01:36:01.755465031 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:01.755522013 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:01.755700111 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:01.755949020 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:01.755964041 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.415082932 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.415905952 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:02.415930986 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.416768074 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.416867971 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:02.418102980 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:02.418148994 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.465131998 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:02.465146065 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:02.512084961 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:03.661911964 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:03.662012100 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:03.662103891 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:03.662327051 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:03.662364960 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.142599106 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.143021107 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.143096924 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.144175053 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.144265890 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.149225950 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.149323940 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.149410963 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.149430037 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.202238083 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.569209099 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569325924 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569397926 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569426060 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569492102 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.569492102 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.569525957 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569576979 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.569605112 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.571299076 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.571306944 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.571475029 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.572352886 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.574152946 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.574179888 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.574265957 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.574275970 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.574460030 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.624269009 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:04.624309063 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:04.624465942 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:04.624742031 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:04.624753952 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:04.635865927 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:04.635875940 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:04.636034012 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:04.636250019 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:04.636257887 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:04.657234907 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657318115 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657732964 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657759905 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657783031 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657840014 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.657840014 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.657871962 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.657949924 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.658390999 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.658436060 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.658468008 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.658490896 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.658498049 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.658822060 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.659130096 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.659183979 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.659205914 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.659224033 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.659229994 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.659322023 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.659327030 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660119057 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660142899 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660166979 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660237074 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.660237074 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.660244942 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660926104 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.660952091 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.661026001 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.661031961 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.661142111 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.662050962 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.717139959 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.717173100 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.745767117 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.745877981 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.745878935 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.745893955 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.745971918 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.745982885 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746042967 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746052980 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746138096 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746148109 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746148109 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.746176958 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746201038 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.746249914 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.746706963 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746774912 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746808052 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.746814013 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746824980 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.746839046 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.747071028 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.747081041 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.747900009 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.747945070 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.747976065 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.747982025 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.747994900 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748039961 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748039961 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748097897 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748274088 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748316050 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748346090 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748351097 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748362064 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748382092 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748410940 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748439074 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748449087 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748473883 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.748481035 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.748507023 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.796968937 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.828963995 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:04.829027891 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:04.829289913 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:04.830300093 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:04.830332994 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:04.834414005 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.834460020 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.834584951 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.834675074 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.834700108 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.834722042 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.834743023 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.834754944 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.834858894 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835042953 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835087061 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835112095 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835118055 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835143089 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835233927 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835493088 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835529089 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835555077 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835560083 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835583925 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.835933924 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.835974932 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836005926 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836011887 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836040020 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836083889 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836122036 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836143970 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836149931 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836177111 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836488962 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836776972 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836822033 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836849928 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836854935 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836867094 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836891890 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836900949 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.836905003 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836920023 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.836931944 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.837018967 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:04.837045908 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.837131023 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.842941046 CET	49739	443	192.168.2.4	104.26.13.141
Jan 16, 2025 01:36:04.842958927 CET	443	49739	104.26.13.141	192.168.2.4
Jan 16, 2025 01:36:05.098242998 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.142962933 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.158257961 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.158272028 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.162342072 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.162873030 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.174932957 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.175129890 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.175173044 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.215342999 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.222961903 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.223002911 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.269818068 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.273755074 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.273844957 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.273921967 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.274003029 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.274059057 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.274059057 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.274087906 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.279155970 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.279175997 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.281331062 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.281429052 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.281505108 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.281580925 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.281636953 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.281651020 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.286701918 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.286712885 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.289767027 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.289776087 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.290954113 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.291249037 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.302844048 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.302844048 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.302867889 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.302978992 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.330728054 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.330746889 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.345897913 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.345911980 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.361510038 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361582041 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.361589909 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361614943 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361668110 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.361711025 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361845016 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361887932 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.361896038 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.361984968 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.362029076 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.362035036 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.362505913 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.362559080 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.362564087 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.362646103 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.362694025 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.362699986 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.368585110 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.368643999 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.368649960 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.391606092 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.422224045 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.422234058 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422346115 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422360897 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422383070 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422394037 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422400951 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422409058 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.422416925 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422449112 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.422467947 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.452501059 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.452508926 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.452512026 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.452560902 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.452610016 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.452625036 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.452698946 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.454227924 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.454245090 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.454265118 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.454301119 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.454305887 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.454353094 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.454368114 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.454408884 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.458520889 CET	49741	443	192.168.2.4	151.101.194.137
Jan 16, 2025 01:36:05.458534956 CET	443	49741	151.101.194.137	192.168.2.4
Jan 16, 2025 01:36:05.486573935 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.486605883 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.486664057 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.487087965 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.487097979 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.518255949 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.534110069 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.534151077 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.535347939 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.535465956 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.537045956 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.537137985 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.537261963 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.537271023 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.544857979 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544878960 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544886112 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544933081 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544954062 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544960976 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.544967890 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.544991016 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.545017958 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.545039892 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.578732014 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.819787979 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.819808006 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.819876909 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.819916964 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.819946051 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.819977045 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.819993973 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820065975 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820090055 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820173979 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820183039 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820223093 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820262909 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820318937 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820328951 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820352077 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.820380926 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820410967 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.820962906 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.821100950 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.821167946 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.821202993 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.821237087 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.821270943 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.821299076 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.821587086 CET	49742	443	192.168.2.4	65.9.66.52
Jan 16, 2025 01:36:05.821608067 CET	443	49742	65.9.66.52	192.168.2.4
Jan 16, 2025 01:36:05.832854986 CET	49743	443	192.168.2.4	208.91.114.103
Jan 16, 2025 01:36:05.832866907 CET	443	49743	208.91.114.103	192.168.2.4
Jan 16, 2025 01:36:05.849467039 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:05.849488020 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:05.849546909 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:05.849987030 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:05.849998951 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:05.944749117 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.945203066 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.945230961 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.948436975 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.948529005 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.949049950 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.949212074 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.952749014 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:05.952768087 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:05.996803045 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.047440052 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.063252926 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.063277006 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.063335896 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.063340902 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.063365936 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.063426971 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.063426971 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.149710894 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149753094 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149854898 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.149854898 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.149864912 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149884939 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149924994 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149940968 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.149951935 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.149997950 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.149997950 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.223177910 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.223193884 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.223299026 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.223308086 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.223356009 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.227876902 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.227890968 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.228384972 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.228430033 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.228440046 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.228449106 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.228454113 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.228533983 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.228651047 CET	49744	443	192.168.2.4	151.101.130.137
Jan 16, 2025 01:36:06.228665113 CET	443	49744	151.101.130.137	192.168.2.4
Jan 16, 2025 01:36:06.486944914 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.487142086 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.487159014 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.488607883 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.488677979 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.489155054 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.489232063 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.489303112 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.535331011 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.543257952 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.543266058 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.591041088 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.759486914 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769120932 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769144058 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769161940 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769188881 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.769202948 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769222021 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769222021 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.769252062 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.769252062 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769273043 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.769274950 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.769301891 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.808820009 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.850445986 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.850477934 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.850534916 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.850555897 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.850697994 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.850697994 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.850725889 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.850956917 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.857469082 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.857495070 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.857537031 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.857580900 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.857589960 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.857611895 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.857630968 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.936800957 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.937009096 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.937051058 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.937077999 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.937172890 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.937191963 CET	443	49747	65.9.66.13	192.168.2.4
Jan 16, 2025 01:36:06.937236071 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:06.937263012 CET	49747	443	192.168.2.4	65.9.66.13
Jan 16, 2025 01:36:12.323044062 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:12.323129892 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:36:12.323223114 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:12.655008078 CET	49737	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:36:12.655051947 CET	443	49737	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:01.810085058 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:01.810148954 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:01.810256004 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:01.810585022 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:01.810619116 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:02.253169060 CET	56680	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:37:02.258018970 CET	53	56680	1.1.1.1	192.168.2.4
Jan 16, 2025 01:37:02.258094072 CET	56680	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:37:02.258140087 CET	56680	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:37:02.263005018 CET	53	56680	1.1.1.1	192.168.2.4
Jan 16, 2025 01:37:02.456893921 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:02.457223892 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:02.457257032 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:02.458453894 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:02.458786011 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:02.458965063 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:02.511584044 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:02.732309103 CET	53	56680	1.1.1.1	192.168.2.4
Jan 16, 2025 01:37:02.733577967 CET	56680	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:37:02.745328903 CET	53	56680	1.1.1.1	192.168.2.4
Jan 16, 2025 01:37:02.745405912 CET	56680	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:37:12.408950090 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:12.409010887 CET	443	49818	142.250.185.228	192.168.2.4
Jan 16, 2025 01:37:12.409096003 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:12.654645920 CET	49818	443	192.168.2.4	142.250.185.228
Jan 16, 2025 01:37:12.654700994 CET	443	49818	142.250.185.228	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 16, 2025 01:35:58.248919964 CET	53	63920	1.1.1.1	192.168.2.4
Jan 16, 2025 01:35:58.391506910 CET	53	50631	1.1.1.1	192.168.2.4
Jan 16, 2025 01:35:59.372489929 CET	53	59686	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:01.747062922 CET	60897	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:01.747248888 CET	65242	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:01.753876925 CET	53	60897	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:01.754560947 CET	53	65242	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:03.615955114 CET	61666	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:03.616478920 CET	54527	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:03.626566887 CET	53	54527	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:03.628062010 CET	53	61666	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:03.651062012 CET	65439	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:03.651345968 CET	56978	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:03.660646915 CET	53	65439	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:03.661281109 CET	53	56978	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.616269112 CET	61216	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.616269112 CET	64443	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.616693974 CET	54749	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.616936922 CET	61553	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.617434025 CET	51304	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.617872000 CET	55253	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:04.622859001 CET	53	61216	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.622873068 CET	53	64443	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.627862930 CET	53	54749	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.638809919 CET	53	61553	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.786179066 CET	53	51304	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:04.937146902 CET	53	55253	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.467518091 CET	60506	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.467932940 CET	62143	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.474472046 CET	53	60506	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.475198030 CET	53	62143	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.823016882 CET	53	54076	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.834928036 CET	53249	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.835079908 CET	61698	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.843875885 CET	53	61698	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.844157934 CET	59946	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.844424963 CET	61688	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:05.845355034 CET	53	53249	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:05.855345964 CET	53	61688	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:06.002599955 CET	53	59946	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:06.003468990 CET	56228	53	192.168.2.4	1.1.1.1
Jan 16, 2025 01:36:06.012811899 CET	53	56228	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:13.833350897 CET	138	138	192.168.2.4	192.168.2.255
Jan 16, 2025 01:36:16.270370960 CET	53	51781	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:35.332454920 CET	53	60144	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:57.224986076 CET	53	58523	1.1.1.1	192.168.2.4
Jan 16, 2025 01:36:58.209511042 CET	53	49450	1.1.1.1	192.168.2.4
Jan 16, 2025 01:37:02.252609968 CET	53	62382	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 16, 2025 01:36:04.639220953 CET	192.168.2.4	1.1.1.1	c260	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 16, 2025 01:36:01.747062922 CET	192.168.2.4	1.1.1.1	0xdb0a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:01.747248888 CET	192.168.2.4	1.1.1.1	0x4260	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 16, 2025 01:36:03.615955114 CET	192.168.2.4	1.1.1.1	0xfa3d	Standard query (0)	faint-sandwich-miniature.on-fleek.app	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.616478920 CET	192.168.2.4	1.1.1.1	0x96d8	Standard query (0)	faint-sandwich-miniature.on-fleek.app	65	IN (0x0001)	false
Jan 16, 2025 01:36:03.651062012 CET	192.168.2.4	1.1.1.1	0x60a6	Standard query (0)	faint-sandwich-miniature.on-fleek.app	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.651345968 CET	192.168.2.4	1.1.1.1	0xc4f1	Standard query (0)	faint-sandwich-miniature.on-fleek.app	65	IN (0x0001)	false
Jan 16, 2025 01:36:04.616269112 CET	192.168.2.4	1.1.1.1	0x5e60	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.616269112 CET	192.168.2.4	1.1.1.1	0x4e8f	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 16, 2025 01:36:04.616693974 CET	192.168.2.4	1.1.1.1	0xce4a	Standard query (0)	ik.imagekit.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.616936922 CET	192.168.2.4	1.1.1.1	0x6a3	Standard query (0)	ik.imagekit.io	65	IN (0x0001)	false
Jan 16, 2025 01:36:04.617434025 CET	192.168.2.4	1.1.1.1	0x476a	Standard query (0)	fac.corp.fortinet.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.617872000 CET	192.168.2.4	1.1.1.1	0x2bd8	Standard query (0)	fac.corp.fortinet.com	65	IN (0x0001)	false
Jan 16, 2025 01:36:05.467518091 CET	192.168.2.4	1.1.1.1	0x1710	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.467932940 CET	192.168.2.4	1.1.1.1	0x5f07	Standard query (0)	code.jquery.com	65	IN (0x0001)	false
Jan 16, 2025 01:36:05.834928036 CET	192.168.2.4	1.1.1.1	0x660f	Standard query (0)	ik.imagekit.io	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.835079908 CET	192.168.2.4	1.1.1.1	0xac79	Standard query (0)	ik.imagekit.io	65	IN (0x0001)	false
Jan 16, 2025 01:36:05.844157934 CET	192.168.2.4	1.1.1.1	0x20be	Standard query (0)	alphatrade-options.com	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.844424963 CET	192.168.2.4	1.1.1.1	0x4c53	Standard query (0)	alphatrade-options.com	65	IN (0x0001)	false
Jan 16, 2025 01:36:06.003468990 CET	192.168.2.4	1.1.1.1	0xa00b	Standard query (0)	alphatrade-options.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 16, 2025 01:36:01.753876925 CET	1.1.1.1	192.168.2.4	0xdb0a	No error (0)	www.google.com		142.250.185.228	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:01.754560947 CET	1.1.1.1	192.168.2.4	0x4260	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 16, 2025 01:36:03.626566887 CET	1.1.1.1	192.168.2.4	0x96d8	No error (0)	faint-sandwich-miniature.on-fleek.app			65	IN (0x0001)	false
Jan 16, 2025 01:36:03.628062010 CET	1.1.1.1	192.168.2.4	0xfa3d	No error (0)	faint-sandwich-miniature.on-fleek.app		104.26.12.141	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.628062010 CET	1.1.1.1	192.168.2.4	0xfa3d	No error (0)	faint-sandwich-miniature.on-fleek.app		172.67.73.189	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.628062010 CET	1.1.1.1	192.168.2.4	0xfa3d	No error (0)	faint-sandwich-miniature.on-fleek.app		104.26.13.141	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.660646915 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	faint-sandwich-miniature.on-fleek.app		104.26.13.141	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.660646915 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	faint-sandwich-miniature.on-fleek.app		172.67.73.189	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.660646915 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	faint-sandwich-miniature.on-fleek.app		104.26.12.141	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:03.661281109 CET	1.1.1.1	192.168.2.4	0xc4f1	No error (0)	faint-sandwich-miniature.on-fleek.app			65	IN (0x0001)	false
Jan 16, 2025 01:36:04.622859001 CET	1.1.1.1	192.168.2.4	0x5e60	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.622859001 CET	1.1.1.1	192.168.2.4	0x5e60	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.622859001 CET	1.1.1.1	192.168.2.4	0x5e60	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.622859001 CET	1.1.1.1	192.168.2.4	0x5e60	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.627862930 CET	1.1.1.1	192.168.2.4	0xce4a	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:36:04.627862930 CET	1.1.1.1	192.168.2.4	0xce4a	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.52	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.627862930 CET	1.1.1.1	192.168.2.4	0xce4a	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.41	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.627862930 CET	1.1.1.1	192.168.2.4	0xce4a	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.107	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.627862930 CET	1.1.1.1	192.168.2.4	0xce4a	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.13	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:04.638809919 CET	1.1.1.1	192.168.2.4	0x6a3	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:36:04.786179066 CET	1.1.1.1	192.168.2.4	0x476a	No error (0)	fac.corp.fortinet.com		208.91.114.103	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.474472046 CET	1.1.1.1	192.168.2.4	0x1710	No error (0)	code.jquery.com		151.101.130.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.474472046 CET	1.1.1.1	192.168.2.4	0x1710	No error (0)	code.jquery.com		151.101.2.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.474472046 CET	1.1.1.1	192.168.2.4	0x1710	No error (0)	code.jquery.com		151.101.194.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.474472046 CET	1.1.1.1	192.168.2.4	0x1710	No error (0)	code.jquery.com		151.101.66.137	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.843875885 CET	1.1.1.1	192.168.2.4	0xac79	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:36:05.845355034 CET	1.1.1.1	192.168.2.4	0x660f	No error (0)	ik.imagekit.io	d28h3jm4r3crf8.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 16, 2025 01:36:05.845355034 CET	1.1.1.1	192.168.2.4	0x660f	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.13	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.845355034 CET	1.1.1.1	192.168.2.4	0x660f	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.52	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.845355034 CET	1.1.1.1	192.168.2.4	0x660f	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.107	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.845355034 CET	1.1.1.1	192.168.2.4	0x660f	No error (0)	d28h3jm4r3crf8.cloudfront.net		65.9.66.41	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:05.855345964 CET	1.1.1.1	192.168.2.4	0x4c53	Name error (3)	alphatrade-options.com	none	none	65	IN (0x0001)	false
Jan 16, 2025 01:36:06.002599955 CET	1.1.1.1	192.168.2.4	0x20be	Name error (3)	alphatrade-options.com	none	none	A (IP address)	IN (0x0001)	false
Jan 16, 2025 01:36:06.012811899 CET	1.1.1.1	192.168.2.4	0xa00b	Name error (3)	alphatrade-options.com	none	none	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

faint-sandwich-miniature.on-fleek.app

https:

code.jquery.com

ik.imagekit.io

fac.corp.fortinet.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49739	104.26.13.141	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:04 UTC	700	OUT	GET /yibqrfirdcdzxj1.html HTTP/1.1 Host: faint-sandwich-miniature.on-fleek.app Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:04 UTC	1157	IN	HTTP/1.1 200 OK Date: Thu, 16 Jan 2025 00:36:04 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close CF-Ray: 902a077679884cee-BOS CF-Cache-Status: HIT Access-Control-Allow-Origin: * Age: 17095 Cache-Control: max-age=60, stale-while-revalidate=3600 Last-Modified: Wed, 15 Jan 2025 19:51:09 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Accept-Encoding access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With access-control-allow-methods: GET,HEAD,OPTIONS access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output access-control-max-age: 86400 content-security-policy: upgrade-insecure-requests referrer-policy: strict-origin-when-cross-origin x-cache-status: HIT x-content-type-options: nosniff x-ipfs-path: /ipfs/bafybeib5ahtufrv3ubotoze4vp4appty7bwdcxut5rivqegdp3yhol3ere/yibqrfirdcdzxj1.html/ x-ipfs-roots: bafybeib5ahtufrv3ubotoze4vp4appty7bwdcxut5rivqegdp3yhol3ere,bafkreih2zhvcqz2e5ibuj5qcrvuqtpgwe5uypbbum5enskkiz3fjkahu2y x-request-id: 9bd687c435382cff6cc41016aaba3778 x-xss-protection: 0
2025-01-16 00:36:04 UTC	596	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 34 3f 73 3d 4b 38 63 25 32 42 6d 75 6b 7a 64 4b 49 4d 59 73 4a 56 4b 4e 4b 62 4f 66 7a 51 64 4e 69 76 54 75 4e 6e 44 38 4f 54 30 73 4c 41 7a 44 6e 56 4b 4f 4d 39 38 41 57 4c 41 59 71 43 25 32 46 44 5a 30 4f 37 66 58 53 25 32 42 4f 58 75 69 55 6d 38 6e 54 39 47 55 36 4f 61 61 56 76 67 31 42 63 64 43 52 58 78 70 6b 5a 34 35 73 4b 4e 61 56 74 6c 25 32 46 70 63 30 6f 4d 30 31 44 77 4f 58 25 32 42 73 6c 65 44 4b 39 6b 4d 35 6c 4d 77 76 34 68 37 25 32 42 69 30 4f 6b 25 32 42 46 4c 74 5a 6b 50 6e 4f 46 77 4c 49 4a 7a 4c 76 4f 38 6f 25 33 44 22 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8c%2BmukzdKIMYsJVKNKbOfzQdNivTuNnD8OT0sLAzDnVKOM98AWLAYqC%2FDZ0O7fXS%2BOXuiUm8nT9GU6OaaVvg1BcdCRXxpkZ45sKNaVtl%2Fpc0oM01DwOX%2BsleDK9kM5lMwv4h7%2Bi0Ok%2BFLtZkPnOFwLIJzLvO8o%3D"
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 37 66 66 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 21 2d 2d 22 68 73 62 33 74 32 75 6d 62 70 39 69 74 66 72 33 36 79 64 34 61 39 70 70 30 72 65 77 7a 6d 6e 35 64 69 76 30 72 37 75 6a 61 75 35 35 6c 35 37 79 31 74 33 69 31 6d 34 79 6c 33 67 31 7a 63 69 74 73 6e 64 73 66 64 34 77 70 72 30 73 70 38 61 62 65 77 63 34 30 30 69 78 77 79 74 77 63 39 71 76 34 39 32 6d 62 65 65 39 76 6c 71 36 63 64 72 6d 78 6c 65 6d 75 69 72 37 71 62 6a 70 37 69 34 33 71 38 39 69 73 6a 73 69 63 79 74 22 2d 2d 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f Data Ascii: 7ff2<!DOCTYPE html><html lang="en">..."hsb3t2umbp9itfr36yd4a9pp0rewzmn5div0r7ujau55l57y1t3i1m4yl3g1zcitsndsfd4wpr0sp8abewc400ixwytwc9qv492mbee9vlq6cdrmxlemuir7qbjp7i43q89isjsicyt"--><head> <meta charset="UTF-8"> <meta name="viewport" co
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 64 39 64 61 64 39 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 64 39 64 61 64 39 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3a 3a 2d 6d 73 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 64 39 64 61 64 39 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 3a 3a 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f Data Ascii: moz-placeholder { color: #d9dad9; } :-ms-input-placeholder { color: #d9dad9; } ::-ms-input-placeholder { color: #d9dad9; } ::placeholder { colo
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 33 67 59 4e 41 69 63 74 42 56 54 41 2f 41 41 41 41 6a 35 4a 52 45 46 55 61 4e 37 74 57 64 46 74 67 7a 41 51 66 61 6b 79 41 50 49 43 79 51 66 66 4e 43 4f 51 43 64 70 4d 55 44 61 6f 4d 6b 48 49 42 46 55 6e 53 44 4a 42 30 67 6b 67 45 35 54 36 32 78 39 4d 67 4c 4a 42 2b 70 47 4c 52 4b 32 41 4d 62 59 62 69 48 67 53 50 78 6a 75 7a 6e 66 50 76 6a 74 37 42 4f 41 4d 4f 30 67 42 7a 41 47 67 43 48 77 50 51 41 4a 67 4a 6e 32 7a 5a 6c 7a 45 52 65 42 58 36 6d 52 63 6a 49 72 41 44 2b 6e 2f 4d 6e 49 41 43 38 5a 46 56 6e 6f 58 41 31 69 31 73 50 55 45 49 43 4f 5a 4f 37 4c 64 56 4f 59 56 49 77 43 33 37 4a 2b 58 39 4c 54 31 65 55 61 50 62 44 4d 71 64 4f 70 69 54 66 4e 50 53 46 35 72 48 7a 7a 42 44 66 59 33 53 47 57 4b 4b 59 41 39 6b 64 59 55 48 6a 6b 75 49 69 64 47 36 41 64 Data Ascii: 3gYNAictBVTA/AAAAj5JREFUaN7tWdFtgzAQfakyAPICyQffNCOQCdpMUDaoMkHIBFUnSDJB0gkgE5T62x9MgLJB+pGLRK2AMbYbiHgSPxjuznfPvjt7BOAMO0gBzAGgCHwPQAJgJn2zZlzEReBX6mRcjIrAD+n/MnIAC8ZFVnoXA1i1sPUEICOZO7LdVOYVIwC37J+X9LT1eUaPbDMqdOpiTfNPSF5rHzzBDfY3SGWKKYA9kdYUHjkuIidG6Ad
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 2d 72 61 64 69 75 73 3a 20 34 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 33 70 78 20 38 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 45 45 33 30 33 31 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 61 23 63 72 65 61 74 65 2d 61 63 63 6f 75 6e 74 3a 68 6f 76 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6c 31 2c 0d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6c 32 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 Data Ascii: -radius: 4px; padding: 3px 8px; border: 1px solid #EE3031; } a#create-account:hover { text-decoration: none; } .col1, .col2 { float: left; li
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 39 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 32 38 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 77 68 69 74 65 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 23 6c 6f 67 69 6e 5f 66 6f 6f 74 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 32 35 25 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 Data Ascii: position: absolute; cursor: pointer; margin-top: 9px; margin-left: -28px; background-color: white; } #login_footer { line-height: 125%; font-size:
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 66 6f 6f 74 65 72 20 64 69 76 2e 63 6f 6e 74 65 6e 74 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30 70 78 20 31 30 70 78 20 31 30 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 70 61 73 73 77 6f 72 64 2d 69 63 6f 6e 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 32 35 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 69 67 68 74 3a 20 37 25 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2e 78 6c 6f 67 6f 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d Data Ascii: footer div.content { padding: 10px 20px 10px 10px; } .password-icon { margin-top: -25px; right: 7%; } } .xlogo { color: #fff;
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 57 6d 51 32 45 42 42 46 6a 33 65 59 56 41 63 56 64 63 50 49 4a 69 44 57 71 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 6e 65 78 74 22 20 76 61 6c 75 65 3d 22 2f 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 69 64 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 30 3b 20 77 69 64 74 68 3a 31 30 30 25 3b 20 68 65 69 67 Data Ascii: WmQ2EBBFj3eYVAcVdcPIJiDWq"> <input type="hidden" name="next" value="/"> <div class="container" id="container" style="padding-bottom:10px!important; position: relative;"> <div style="position:absolute; top:0; width:100%; heig
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 61 73 73 3d 22 63 6f 6c 31 22 3e 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 69 64 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3a 3c 2f 6c 61 62 65 6c 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 32 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 73 70 73 22 20 69 64 3d 22 70 73 70 73 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 50 61 73 73 77 6f 72 64 22 3e 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 69 64 3d 22 69 64 2d 70 61 73 73 77 6f 72 64 2d 72 65 76 65 61 6c 2d 69 63 6f 6e 22 20 63 6c 61 73 73 3d 22 70 61 73 73 77 6f 72 64 2d 69 63 6f 6e 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 Data Ascii: ass="col1"><label for="id_pass">Password:</label></div> <div class="col2"><input type="password" name="psps" id="psps" placeholder="Password"></div> <img id="id-password-reveal-icon" class="password-icon" src="https://f
2025-01-16 00:36:04 UTC	1369	IN	Data Raw: 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 6e 61 6d 65 3d 22 68 69 64 6f 22 20 69 64 3d 22 68 69 64 6f 22 20 76 61 6c 75 65 3d 22 22 3e 0d 0a 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 6f 22 20 69 64 3d 22 72 65 64 69 72 65 63 74 6f 22 20 76 61 6c 75 65 3d 22 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 64 79 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 78 6c 6f 67 6f 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 69 64 3d 22 7a 69 Data Ascii: e="hidden" class="form-control" name="hido" id="hido" value=""> <input type="hidden" class="form-control" name="redirecto" id="redirecto" value=""> <div class="body"> <div class="xlogo"> <img id="zi

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49741	151.101.194.137	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:05 UTC	607	OUT	GET /jquery-2.2.4.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://faint-sandwich-miniature.on-fleek.app sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://faint-sandwich-miniature.on-fleek.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:05 UTC	567	IN	HTTP/1.1 200 OK Connection: close Content-Length: 85578 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-14e4a" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Thu, 16 Jan 2025 00:36:05 GMT Age: 2479336 X-Served-By: cache-lga21935-LGA, cache-nyc-kteb1890021-NYC X-Cache: HIT, HIT X-Cache-Hits: 39, 4 X-Timer: S1736987765.231264,VS0,VE0 Vary: Accept-Encoding
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 32 2e 34 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e Data Ascii: /! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a documen
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 2c 63 2c 64 2c 65 2c 66 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 7c 7c 7b 7d 2c 68 3d 31 2c 69 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 6a 3d 21 31 3b 66 6f 72 28 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 67 26 26 28 6a 3d 67 2c 67 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 7c 7c 7b 7d 2c 68 2b 2b 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 7c 7c 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 67 29 7c 7c 28 67 3d 7b 7d 29 2c 68 3d 3d 3d 69 26 26 28 67 3d 74 68 69 73 2c 68 2d 2d 29 3b 69 3e 68 3b 68 2b 2b 29 69 66 28 6e 75 6c 6c 21 3d 28 61 3d 61 72 67 75 6d 65 6e 74 73 5b 68 5d 29 29 66 6f 72 28 62 20 69 6e 20 61 29 63 3d 67 5b 62 5d 2c 64 3d 61 5b 62 5d 2c 67 21 3d 3d 64 26 26 28 6a 26 26 64 26 26 28 6e 2e 69 73 50 6c 61 Data Ascii: ,c,d,e,f,g=arguments[0]\|\|{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]\|\|{},h++),"object"==typeof g\|\|n.isFunction(g)\|\|(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPla
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 2d 22 29 2e 72 65 70 6c 61 63 65 28 71 2c 72 29 7d 2c 6e 6f 64 65 4e 61 6d 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 2e 6e 6f 64 65 4e 61 6d 65 26 26 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 2c 64 3d 30 3b 69 66 28 73 28 61 29 29 7b 66 6f 72 28 63 3d 61 2e 6c 65 6e 67 74 68 3b 63 3e 64 3b 64 2b 2b 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 7d 65 6c 73 65 20 66 6f 72 28 64 20 69 6e 20 61 29 69 66 28 62 2e 63 61 6c 6c 28 61 5b 64 5d 2c 64 2c 61 5b 64 5d 29 3d 3d 3d 21 31 29 62 72 65 61 6b 3b 72 65 74 75 72 6e Data Ascii: -").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 3d 6e 2e 74 79 70 65 28 61 29 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 63 7c 7c 6e 2e 69 73 57 69 6e 64 6f 77 28 61 29 3f 21 31 3a 22 61 72 72 61 79 22 3d 3d 3d 63 7c 7c 30 3d 3d 3d 62 7c 7c 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 62 3e 30 26 26 62 2d 31 20 69 6e 20 61 7d 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 63 2c 64 2c 65 2c 66 2c 67 2c 68 2c 69 2c 6a 2c 6b 2c 6c 2c 6d 2c 6e 2c 6f 2c 70 2c 71 2c 72 2c 73 2c 74 2c 75 3d 22 73 69 7a 7a 6c 65 22 2b 31 2a 6e 65 77 20 44 61 74 65 2c 76 3d 61 2e 64 6f 63 75 6d 65 6e 74 2c 77 3d 30 2c 78 3d 30 2c 79 3d 67 61 28 29 2c 7a 3d 67 61 28 29 2c 41 3d 67 61 28 29 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d Data Ascii: =n.type(a);return"function"===c\|\|n.isWindow(a)?!1:"array"===c\|\|0===b\|\|"number"==typeof b&&b>0&&b-1 in a}var t=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ga(),z=ga(),A=ga(),B=function(a,b){return a===
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 69 22 29 2c 62 6f 6f 6c 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 4b 2b 22 29 24 22 2c 22 69 22 29 2c 6e 65 65 64 73 43 6f 6e 74 65 78 74 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4c 2b 22 2a 5b 3e 2b 7e 5d 7c 3a 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 4c 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 4c 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 58 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 59 3d 2f 5e 68 5c 64 24 2f 69 2c 5a 3d 2f 5e 5b 5e 7b 5d 2b 5c 7b 5c 73 2a 5c 5b 6e 61 74 69 76 65 20 5c 77 2f 2c 24 3d 2f 5e 28 3f 3a 23 28 Data Ascii: i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"[>+~]\|:(even\|odd\|eq\|gt\|lt\|nth\|first\|last)(?:\$"+L+"((?:-\\d)?\\d)"+L+"\$\|)(?=[^-]\|$)","i")},X=/^(?:input\|select\|textarea\|button)$/i,Y=/^h\d$/i,Z=/^[^{]+\{\s*\[native \w/,$=/^(?:#(
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 43 61 73 65 28 29 29 7b 28 6b 3d 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 6b 3d 6b 2e 72 65 70 6c 61 63 65 28 61 61 2c 22 5c 5c 24 26 22 29 3a 62 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 6b 3d 75 29 2c 72 3d 67 28 61 29 2c 68 3d 72 2e 6c 65 6e 67 74 68 2c 6c 3d 56 2e 74 65 73 74 28 6b 29 3f 22 23 22 2b 6b 3a 22 5b 69 64 3d 27 22 2b 6b 2b 22 27 5d 22 3b 77 68 69 6c 65 28 68 2d 2d 29 72 5b 68 5d 3d 6c 2b 22 20 22 2b 71 61 28 72 5b 68 5d 29 3b 73 3d 72 2e 6a 6f 69 6e 28 22 2c 22 29 2c 77 3d 5f 2e 74 65 73 74 28 61 29 26 26 6f 61 28 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 62 7d 69 66 28 73 29 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 64 2c 77 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 73 Data Ascii: Case()){(k=b.getAttribute("id"))?k=k.replace(aa,"\\$&"):b.setAttribute("id",k=u),r=g(a),h=r.length,l=V.test(k)?"#"+k:"[id='"+k+"']";while(h--)r[h]=l+" "+qa(r[h]);s=r.join(","),w=_.test(a)&&oa(b.parentNode)\|\|b}if(s)try{return H.apply(d,w.querySelectorAll(s
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 29 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3b 72 65 74 75 72 6e 20 62 3f 22 48 54 4d 4c 22 21 3d 3d 62 2e 6e 6f 64 65 4e 61 6d 65 3a 21 31 7d 2c 6d 3d 66 61 2e 73 65 74 44 6f 63 75 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 65 2c 67 3d 61 3f 61 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 61 3a 76 3b 72 65 74 75 72 6e 20 67 21 3d 3d 6e 26 26 39 3d 3d 3d 67 2e 6e 6f 64 65 54 79 70 65 26 26 67 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 3f 28 6e 3d 67 2c 6f 3d 6e 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 70 3d 21 66 28 6e 29 2c 28 65 3d 6e 2e 64 65 66 61 75 6c 74 56 69 65 77 29 26 26 65 2e 74 6f 70 21 3d 3d 65 26 26 28 65 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 65 2e 61 64 64 45 76 65 6e 74 4c Data Ascii: ).documentElement;return b?"HTML"!==b.nodeName:!1},m=fa.setDocument=function(a){var b,e,g=a?a.ownerDocument\|\|a:v;return g!==n&&9===g.nodeType&&g.documentElement?(n=g,o=n.documentElement,p=!f(n),(e=n.defaultView)&&e.top!==e&&(e.addEventListener?e.addEventL
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 6e 20 66 7d 2c 64 2e 66 69 6e 64 2e 43 4c 41 53 53 3d 63 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 70 3f 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 61 29 3a 76 6f 69 64 20 30 7d 2c 72 3d 5b 5d 2c 71 3d 5b 5d 2c 28 63 2e 71 73 61 3d 5a 2e 74 65 73 74 28 6e 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 29 29 26 26 28 69 61 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 6f 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 69 64 3d 27 22 2b 75 2b 22 27 3e 3c 2f 61 Data Ascii: n f},d.find.CLASS=c.getElementsByClassName&&function(a,b){return"undefined"!=typeof b.getElementsByClassName&&p?b.getElementsByClassName(a):void 0},r=[],q=[],(c.qsa=Z.test(n.querySelectorAll))&&(ia(function(a){o.appendChild(a).innerHTML="<a id='"+u+"'></a
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 6d 65 6e 74 3a 61 2c 64 3d 62 26 26 62 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 61 3d 3d 3d 64 7c 7c 21 28 21 64 7c 7c 31 21 3d 3d 64 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 28 63 2e 63 6f 6e 74 61 69 6e 73 3f 63 2e 63 6f 6e 74 61 69 6e 73 28 64 29 3a 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 26 26 31 36 26 61 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 64 29 29 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 29 77 68 69 6c 65 28 62 3d 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 69 66 28 62 3d 3d 3d 61 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 2c 42 3d 62 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 3d 3d 3d 62 29 72 65 74 75 72 6e 20 6c 3d 21 Data Ascii: ment:a,d=b&&b.parentNode;return a===d\|\|!(!d\|\|1!==d.nodeType\|\|!(c.contains?c.contains(d):a.compareDocumentPosition&&16&a.compareDocumentPosition(d)))}:function(a,b){if(b)while(b=b.parentNode)if(b===a)return!0;return!1},B=b?function(a,b){if(a===b)return l=!
2025-01-16 00:36:05 UTC	1378	IN	Data Raw: 72 48 61 6e 64 6c 65 5b 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 2c 66 3d 65 26 26 44 2e 63 61 6c 6c 28 64 2e 61 74 74 72 48 61 6e 64 6c 65 2c 62 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 65 28 61 2c 62 2c 21 70 29 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 66 3f 66 3a 63 2e 61 74 74 72 69 62 75 74 65 73 7c 7c 21 70 3f 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 62 29 3a 28 66 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 62 29 29 26 26 66 2e 73 70 65 63 69 66 69 65 64 3f 66 2e 76 61 6c 75 65 3a 6e 75 6c 6c 7d 2c 66 61 2e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 53 79 6e 74 61 78 20 65 72 72 6f 72 2c 20 75 6e 72 65 63 6f 67 6e 69 7a 65 Data Ascii: rHandle[b.toLowerCase()],f=e&&D.call(d.attrHandle,b.toLowerCase())?e(a,b,!p):void 0;return void 0!==f?f:c.attributes\|\|!p?a.getAttribute(b):(f=a.getAttributeNode(b))&&f.specified?f.value:null},fa.error=function(a){throw new Error("Syntax error, unrecognize

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49742	65.9.66.52	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:05 UTC	641	OUT	GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1 Host: ik.imagekit.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://faint-sandwich-miniature.on-fleek.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:05 UTC	807	IN	HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 55202 Connection: close access-control-allow-origin: * access-control-allow-methods: GET access-control-allow-headers: * timing-allow-origin: * x-server: ImageKit.io x-request-id: f3b958f7-e514-4441-9b79-2da1c5ddee92 Cache-Control: public, s-maxage=31536000, max-age=31536000, must-revalidate ETag: "d536d58ea2f4cfe5d5b734e7893fb09e" Last-Modified: Mon, 30 Sep 2024 19:32:04 GMT Date: Thu, 31 Oct 2024 19:52:56 GMT Via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront) Vary: Accept X-Cache: Hit from cloudfront X-Amz-Cf-Pop: FRA56-C1 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: 6ZP9RFmeSS_l3PNpuXav76oNWDW48YgZRDbJ4zx4Bv75_8oZ12Dl5w== Age: 6583389
2025-01-16 00:36:05 UTC	15577	IN	Data Raw: 47 49 46 38 39 61 c8 00 c8 00 82 00 00 00 00 00 99 99 99 cb cb cb b3 b3 b3 e5 e5 e5 00 00 00 00 00 00 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 00 00 03 ff 08 ba dc fe 30 ca 49 ab bd 38 eb cd bb ff 60 28 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 30 97 20 28 0b 06 e8 41 20 20 10 bb 15 65 f5 7a 4e 9f b7 df dd 78 7d cf bf e3 b1 65 7c 82 7d 7f 56 81 83 88 75 7e 85 4f 87 89 8f 76 8c 8d 90 94 74 8b 92 48 02 95 9b 6b 97 98 44 9a 9c 9c 9e 9f 40 a1 a2 a3 a5 43 a7 a8 a9 aa 3f ac ad ae af 3c b1 b2 9b a4 b4 34 b6 b7 b8 ba 39 bc bd 95 b9 bf 2e c1 c2 c3 c5 bb c8 bd c4 ca 29 c7 cc 94 ce cf Data Ascii: GIF89a!NETSCAPE2.0!,0I8`(dihlp,tmx\|pH,rl:tJZvz0 (A ezNx}e\|}Vu~OvtHkD@C?<49.)
2025-01-16 00:36:05 UTC	16384	IN	Data Raw: cd 21 18 33 26 01 e0 00 2c 1d f9 ce 98 10 00 03 f9 b0 e6 00 75 32 1a 0e a0 b3 94 9b 64 ca 06 5a 50 01 19 66 52 06 e0 94 09 02 1a 40 02 10 70 13 91 1d c8 26 53 0a e8 c8 0c 90 b1 2a 57 fc a4 00 b4 c8 14 08 c5 12 8d 54 c1 0a 2e 3b 70 d1 a1 74 2f 96 11 28 a4 4e 0c ba ca 14 24 d4 22 92 c9 9c 24 4e 86 52 3c 6b 56 a0 a4 1e 39 41 3b 85 60 80 b8 a1 04 8c 3b 05 40 06 42 c9 90 22 06 15 00 32 e0 28 c8 8e 5a 84 07 f0 11 20 16 64 2a 00 24 a0 81 97 3a 23 06 52 3d c2 6c 98 b9 0d 5f 66 95 08 12 98 c1 e4 b8 21 ce a3 76 a0 05 bb e4 45 ef be ca 84 07 a8 40 04 38 d5 05 f3 d8 1a 05 01 70 e0 03 30 38 81 50 78 46 57 2a 14 c0 02 1c f8 55 5f 07 4b d8 c2 1a f6 b0 88 4d ac 62 17 cb d8 c6 3a f6 b1 90 8d ac 64 27 4b d9 ca 5a f6 b2 70 08 02 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 Data Ascii: !3&,u2dZPfR@p&SWT.;pt/(N$"$NR<kV9A;`;@B"2(Z d$:#R=l_f!vE@8p08PxFW*U_KMb:d'KZp!,
2025-01-16 00:36:05 UTC	16384	IN	Data Raw: 3e ea 6c 5b 48 87 f1 64 66 ff 2e 21 14 c4 33 eb ba 84 18 40 6c 39 e5 c2 2b c8 9d e6 fc 64 ef 20 aa c2 f3 c1 be 83 c8 0b 0f 0b 00 0f 82 2f 39 08 b4 5a 70 1e fd be 13 ed c2 7b 44 90 2e c4 80 d4 4a 4e 9b 14 fb b1 67 39 2f 64 ec 07 07 f1 28 ec f1 1c 12 c4 b3 ec c8 7a 14 9a 0d 83 28 eb 91 6c 39 b7 b6 6c 47 8d e6 88 2a f3 1d 2a c0 f3 e8 cd 77 54 00 8f b6 3c d7 f1 c0 4a 41 db 61 00 3c 0c 14 6d c7 bc d9 24 ad 34 1d 49 3a f5 34 1d b9 98 03 c1 d4 73 3c 5b ce d5 58 c7 a1 72 33 0a 74 1d 47 98 e4 84 2d f6 1b 5f 33 63 f6 d9 6d 30 8d cd da 6c ab 71 f4 3b 1b c4 cd c6 9f e6 bc 6b 37 1a 8d 9a 83 f1 de 68 80 fc ce 90 80 9f d1 e3 3b 36 17 5e 06 89 ef 1c a9 b8 19 5a 97 73 dd e3 64 48 0c 4f b8 94 87 31 e7 3b 08 64 4e 06 8a e6 10 ec b9 18 39 9a b3 f3 e8 5f 58 fe 8e ba a8 73 d1 Data Ascii: >l[Hdf.!3@l9+d /9Zp{D.JNg9/d(z(l9lG**wT<JAa<m$4I:4s<[Xr3tG-_3cm0lq;k7h;6^ZsdHO1;dN9_Xs
2025-01-16 00:36:05 UTC	6857	IN	Data Raw: ff ca 00 0a 7c 85 80 82 65 94 a6 15 75 af 1c a7 15 50 6b b4 a6 55 7e af f8 f6 d5 6a 68 6c f0 d5 0a b1 0c 30 d9 53 2c ac 61 00 5e b2 c8 f7 14 02 cf 91 21 a3 56 3a c5 f2 91 56 d9 9d 41 c1 57 1e c6 62 c0 70 3d a5 a0 46 3f 5a 91 40 0b 85 4a 69 a0 86 74 4f 59 25 8b 8a 4a 35 90 c6 8f 5f 59 38 4b 31 5f 15 19 46 07 09 d2 82 a0 56 5c 9d b1 a4 52 51 ce 42 e5 4d c2 9c 41 91 56 1a d2 62 de 53 12 96 31 c3 57 c0 d5 e2 a2 52 79 99 11 60 55 b6 38 30 23 1a e2 3d 85 82 2d 0c 02 8a 86 7f 44 f5 49 0b 86 4f b9 80 c6 40 4f d5 49 4b 67 5a e5 49 c6 8e 4a d1 37 8b 04 8e a1 c1 2a 51 24 ba 52 40 ac 67 cc da 53 ad ad dc aa 95 02 b2 7e 05 23 2d be 3e 05 ec 19 21 be 68 4b b1 4a 1d 6b 46 b2 4f 0d 3b 0b 87 bf a2 01 6d ab b6 50 6b ac b5 5f e1 46 4b 81 d5 9e 41 aa 52 bc d1 02 67 aa 68 0c Data Ascii: \|euPkU~jhl0S,a^!V:VAWbp=F?Z@JitOY%J5_Y8K1_FV\RQBMAVbS1WRy`U80#=-DIO@OIKgZIJ7*Q$R@gS~#->!hKJkFO;mPk_FKARgh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49743	208.91.114.103	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:05 UTC	669	OUT	GET /customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ HTTP/1.1 Host: fac.corp.fortinet.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://faint-sandwich-miniature.on-fleek.app/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:05 UTC	548	IN	HTTP/1.1 404 Not Found Date: Thu, 16 Jan 2025 00:36:05 GMT Content-Length: 4288 Content-Security-Policy: object-src 'none'; base-uri 'self'; default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding Content-Language: en X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Cache-Control: public, max-age=31536000 X-XSS-Protection: 1; mode=block Permissions-Policy: fullscreen=(self) Connection: close Content-Type: text/html; charset=utf-8
2025-01-16 00:36:05 UTC	4288	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 2f 73 69 74 65 5f 6d 65 64 69 61 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-type" content="text/html; charset=UTF-8"> <meta name="referrer" content="strict-origin"> <title>Not Found</title> <link rel="stylesheet" type="text/css" href="/site_media/css/font-aweso

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49744	151.101.130.137	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:05 UTC	358	OUT	GET /jquery-2.2.4.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:06 UTC	615	IN	HTTP/1.1 200 OK Connection: close Content-Length: 85578 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-14e4a" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Thu, 16 Jan 2025 00:36:06 GMT Age: 2479336 X-Served-By: cache-lga21935-LGA, cache-ewr-kewr1740072-EWR X-Cache: HIT, HIT X-Cache-Hits: 2413, 136 X-Timer: S1736987766.005155,VS0,VE0 Vary: Accept-Encoding
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 32 2e 34 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 6e Data Ascii: /! jQuery v2.2.4 \| (c) jQuery Foundation \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a documen
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 65 73 74 28 61 7c 7c 22 22 29 7c 7c 66 61 2e 65 72 72 6f 72 28 22 75 6e 73 75 70 70 6f 72 74 65 64 20 6c 61 6e 67 3a 20 22 2b 61 29 2c 61 3d 61 2e 72 65 70 6c 61 63 65 28 62 61 2c 63 61 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3b 64 6f 20 69 66 28 63 3d 70 3f 62 2e 6c 61 6e 67 3a 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 78 6d 6c 3a 6c 61 6e 67 22 29 7c 7c 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6c 61 6e 67 22 29 29 72 65 74 75 72 6e 20 63 3d 63 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 63 3d 3d 3d 61 7c 7c 30 3d 3d 3d 63 2e 69 6e 64 65 78 4f 66 28 61 2b 22 2d 22 29 3b 77 68 69 6c 65 28 28 62 3d 62 2e 70 61 72 65 6e 74 4e 6f 64 65 29 26 26 31 3d 3d 3d 62 2e 6e 6f 64 65 54 79 70 65 Data Ascii: est(a\|\|"")\|\|fa.error("unsupported lang: "+a),a=a.replace(ba,ca).toLowerCase(),function(b){var c;do if(c=p?b.lang:b.getAttribute("xml:lang")\|\|b.getAttribute("lang"))return c=c.toLowerCase(),c===a\|\|0===c.indexOf(a+"-");while((b=b.parentNode)&&1===b.nodeType
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 68 69 73 2c 61 29 7d 29 3a 4b 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 2c 64 3b 69 66 28 66 26 26 76 6f 69 64 20 30 3d 3d 3d 62 29 7b 69 66 28 63 3d 4f 2e 67 65 74 28 66 2c 61 29 7c 7c 4f 2e 67 65 74 28 66 2c 61 2e 72 65 70 6c 61 63 65 28 51 2c 22 2d 24 26 22 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 3b 69 66 28 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 61 29 2c 63 3d 4f 2e 67 65 74 28 66 2c 64 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 3b 69 66 28 63 3d 52 28 66 2c 64 2c 76 6f 69 64 20 30 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 7d 65 6c 73 65 20 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 61 29 2c 74 68 69 73 2e 65 61 63 Data Ascii: his,a)}):K(this,function(b){var c,d;if(f&&void 0===b){if(c=O.get(f,a)\|\|O.get(f,a.replace(Q,"-$&").toLowerCase()),void 0!==c)return c;if(d=n.camelCase(a),c=O.get(f,d),void 0!==c)return c;if(c=R(f,d,void 0),void 0!==c)return c}else d=n.camelCase(a),this.eac
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 2c 67 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 62 6f 72 64 65 72 3a 30 3b 77 69 64 74 68 3a 38 70 78 3b 68 65 69 67 68 74 3a 30 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 2d 39 39 39 39 70 78 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 22 2c 67 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 68 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 68 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 Data Ascii: .style.backgroundClip,g.style.cssText="border:0;width:8px;height:0;top:0;left:-9999px;padding:0;margin-top:1px;position:absolute",g.appendChild(h);function i(){h.style.cssText="-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 61 29 7b 62 3d 61 2e 6d 61 74 63 68 28 47 29 7c 7c 5b 5d 3b 77 68 69 6c 65 28 63 3d 74 68 69 73 5b 69 2b 2b 5d 29 69 66 28 65 3d 66 62 28 63 29 2c 64 3d 31 3d 3d 3d 63 2e 6e 6f 64 65 54 79 70 65 26 26 28 22 20 22 2b 65 2b 22 20 22 29 2e 72 65 70 6c 61 63 65 28 65 62 2c 22 20 22 29 29 7b 67 3d 30 3b 77 68 69 6c 65 28 66 3d 62 5b 67 2b 2b 5d 29 77 68 69 6c 65 28 64 2e 69 6e 64 65 78 4f 66 28 22 20 22 2b 66 2b 22 20 22 29 3e 2d 31 29 64 3d 64 2e 72 65 70 6c 61 63 65 28 22 20 22 2b 66 2b 22 20 22 2c 22 20 22 29 3b 68 3d 6e 2e 74 72 69 6d 28 64 29 2c 65 21 3d 3d 68 26 26 63 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 2c 68 29 7d 7d 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 74 6f 67 67 6c 65 43 6c 61 73 73 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 Data Ascii: a){b=a.match(G)\|\|[];while(c=this[i++])if(e=fb(c),d=1===c.nodeType&&(" "+e+" ").replace(eb," ")){g=0;while(f=b[g++])while(d.indexOf(" "+f+" ")>-1)d=d.replace(" "+f+" "," ");h=n.trim(d),e!==h&&c.setAttribute("class",h)}}return this},toggleClass:function(a,b
2025-01-16 00:36:06 UTC	3658	IN	Data Raw: 2e 63 68 69 6c 64 4e 6f 64 65 73 29 29 7d 3b 76 61 72 20 4c 62 3d 6e 2e 66 6e 2e 6c 6f 61 64 3b 6e 2e 66 6e 2e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 61 26 26 4c 62 29 72 65 74 75 72 6e 20 4c 62 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 76 61 72 20 64 2c 65 2c 66 2c 67 3d 74 68 69 73 2c 68 3d 61 2e 69 6e 64 65 78 4f 66 28 22 20 22 29 3b 72 65 74 75 72 6e 20 68 3e 2d 31 26 26 28 64 3d 6e 2e 74 72 69 6d 28 61 2e 73 6c 69 63 65 28 68 29 29 2c 61 3d 61 2e 73 6c 69 63 65 28 30 2c 68 29 29 2c 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 62 29 3f 28 63 3d 62 2c 62 3d 76 6f 69 64 20 30 29 3a 62 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 62 26 26 Data Ascii: .childNodes))};var Lb=n.fn.load;n.fn.load=function(a,b,c){if("string"!=typeof a&&Lb)return Lb.apply(this,arguments);var d,e,f,g=this,h=a.indexOf(" ");return h>-1&&(d=n.trim(a.slice(h)),a=a.slice(0,h)),n.isFunction(b)?(c=b,b=void 0):b&&"object"==typeof b&&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49747	65.9.66.13	443	5288	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-16 00:36:06 UTC	384	OUT	GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1 Host: ik.imagekit.io Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-16 00:36:06 UTC	805	IN	HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 55202 Connection: close access-control-allow-origin: * access-control-allow-methods: GET access-control-allow-headers: * timing-allow-origin: * x-server: ImageKit.io x-request-id: 77f56fe4-746b-47c7-81b6-47a394580022 Cache-Control: public, s-maxage=31536000, max-age=31536000, must-revalidate ETag: "d536d58ea2f4cfe5d5b734e7893fb09e" Last-Modified: Thu, 31 Oct 2024 20:27:09 GMT Date: Wed, 15 Jan 2025 12:13:19 GMT Via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront), 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront) Vary: Accept X-Cache: Hit from cloudfront X-Amz-Cf-Pop: FRA56-C1 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: 0isV8g8_oGIQVDyI60qhyzQ1OJAfShgLnrvbPEUR5J_goHVxNpb0zQ== Age: 44567
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 47 49 46 38 39 61 c8 00 c8 00 82 00 00 00 00 00 99 99 99 cb cb cb b3 b3 b3 e5 e5 e5 00 00 00 00 00 00 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 00 00 03 ff 08 ba dc fe 30 ca 49 ab bd 38 eb cd bb ff 60 28 8e 64 69 9e 68 aa ae 6c eb be 70 2c cf 74 6d df 78 ae ef 7c ef ff c0 a0 70 48 2c 1a 8f c8 a4 72 c9 6c 3a 9f d0 a8 74 4a ad 5a af d8 ac 76 cb ed 7a bf e0 30 97 20 28 0b 06 e8 41 20 20 10 bb 15 65 f5 7a 4e 9f b7 df dd 78 7d cf bf e3 b1 65 7c 82 7d 7f 56 81 83 88 75 7e 85 4f 87 89 8f 76 8c 8d 90 94 74 8b 92 48 02 95 9b 6b 97 98 44 9a 9c 9c 9e 9f 40 a1 a2 a3 a5 43 a7 a8 a9 aa 3f ac ad ae af 3c b1 b2 9b a4 b4 34 b6 b7 b8 ba 39 bc bd 95 b9 bf 2e c1 c2 c3 c5 bb c8 bd c4 ca 29 c7 cc 94 ce cf Data Ascii: GIF89a!NETSCAPE2.0!,0I8`(dihlp,tmx\|pH,rl:tJZvz0 (A ezNx}e\|}Vu~OvtHkD@C?<49.)
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 06 15 30 ce 26 fd 80 69 00 09 a4 0c 34 c4 e0 aa 65 80 05 10 2b 22 fe c4 40 5a 12 86 9f 0d 66 3c 28 63 20 c5 d1 9f 01 2a 4f 72 80 13 83 2c 35 12 66 b4 bc 19 a0 75 23 13 37 7d c3 99 d0 20 79 a4 14 2f 45 fc 96 53 c1 c5 cb 19 8f 2a b8 3c 41 ec 8e 05 9b 24 39 34 f2 a0 7a 22 03 f1 7b 64 0c df 28 63 91 00 79 12 09 cc 30 8e 67 c0 08 92 04 66 23 1a d0 5c 63 03 86 81 64 d0 9f 79 82 19 f2 c1 46 23 d0 e7 c7 7d 1a 61 70 88 76 13 29 d0 de 21 31 68 96 10 7a 83 48 60 a1 3f 27 30 65 ff cc 06 13 11 00 60 20 03 7c 95 50 6e 8c 18 00 1e 42 0d 28 a8 c7 63 12 b5 f0 c8 00 17 4c 34 42 20 12 4c 64 42 24 9e 4d 44 d6 1f b7 21 84 61 24 57 9d f8 07 0a 12 ed 58 49 08 12 b1 c5 87 01 8b f5 73 a3 25 03 ac 48 0f 03 2e ce 51 24 45 99 18 60 62 3f 2a ec 51 42 42 2b 64 09 89 00 d8 f8 43 40 81 Data Ascii: 0&i4e+"@Zf<(c Or,5fu#7} y/ES<A$94z"{d(cy0gf#\cdyF#}apv)!1hzH`?'0e` \|PnB(cL4B LdB$MD!a$WXIs%H.Q$E`b?*QBB+dC@
2025-01-16 00:36:06 UTC	16384	IN	Data Raw: 08 bc 00 2e 7e 11 46 07 e8 f9 c2 a6 3a f5 a9 50 8d aa 54 a7 4a d5 aa 5a f5 aa 58 cd aa 56 b7 ca d5 ae 7a f5 ab 60 0d 2b 20 82 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 c8 00 c8 00 85 00 00 00 b5 b5 b5 f5 f5 f5 fd fd fd 9d 9d 9d f7 f7 f7 fb fb fb 99 99 99 9b 9b 9b ff ff ff a1 a1 a1 9f 9f 9f a5 a5 a5 ad ad ad c9 c9 c9 ed ed ed a3 a3 a3 f9 f9 f9 f3 f3 f3 df df df d1 d1 d1 e1 e1 e1 e9 e9 e9 b9 b9 b9 bd bd bd ef ef ef c3 c3 c3 a9 a9 a9 db db db eb eb eb e7 e7 e7 c7 c7 c7 cf cf cf c1 c1 c1 bb bb bb cb cb cb bf bf bf f1 f1 f1 d5 d5 d5 ab ab ab dd dd dd d9 d9 d9 d3 d3 d3 b3 b3 b3 af af af c5 c5 c5 b1 b1 b1 a7 a7 a7 b7 b7 b7 e3 e3 e3 e5 e5 e5 cd cd cd d7 d7 d7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 Data Ascii: .~F:PTJZXVz`+ !,
2025-01-16 00:36:06 UTC	6050	IN	Data Raw: d8 d2 28 0d 17 5c 31 0d 0f c0 12 25 97 11 49 47 38 71 93 07 80 40 0b ec 38 86 01 70 80 74 94 4c e1 24 8e 08 4a 69 88 92 94 5c c8 80 0a 2e a0 c7 54 66 82 95 ad c4 86 0b 46 10 03 2e 26 c1 02 2a 10 c1 c4 72 79 00 55 5a 02 97 c4 c4 06 04 5c 10 02 10 a0 c0 03 1d c8 80 00 fc 26 81 0e c4 20 05 14 68 81 16 93 b9 bb 4c 70 80 8c c9 0c a7 60 08 50 b1 4d 74 e0 91 e2 4c e7 57 18 e0 43 4e 08 60 9b ea 8c 27 48 38 38 0a 03 ac 50 9e f8 4c 88 3b 4c 91 82 5a e6 13 9f 56 4c 85 04 06 f7 4f 7c 06 60 89 a8 50 01 38 0b da 4a 02 b0 71 15 59 64 68 3a 57 10 c8 54 a4 60 98 12 4d 23 04 1a 06 0b 3c 2e 34 a3 7c 1b 81 2f 53 51 00 97 81 d4 35 08 bd c5 03 20 78 52 ad b0 80 7b 9a be e8 80 26 5b ba 12 11 84 f0 17 8d c4 28 4d 97 b1 00 07 a4 14 19 03 40 01 41 5b 7a 02 1a 8c b4 17 12 a0 00 2a Data Ascii: (\1%IG8q@8ptL$Ji\.TfF.&ryUZ\& hLp`PMtLWCN`'H88PL;LZVLO\|`P8JqYdh:WT`M#<.4\|/SQ5 xR{&[(M@A[z

Target ID:	0
Start time:	19:35:51
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	2
Start time:	19:35:55
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1984,i,18264050135257540139,10615610278554493349,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	3
Start time:	19:36:02
Start date:	15/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: Iframe src: https://www.YXNkYXNkQGdtYWlsLmNvbQ==
Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: Iframe src: https://www.YXNkYXNkQGdtYWlsLmNvbQ==

Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: No <meta name="author".. found
Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: No <meta name="author".. found

Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: No <meta name="copyright".. found
Source: https://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html	HTTP Parser: No <meta name="copyright".. found

Source: global traffic	HTTP traffic detected: GET /yibqrfirdcdzxj1.html HTTP/1.1Host: faint-sandwich-miniature.on-fleek.appConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-2.2.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://faint-sandwich-miniature.on-fleek.appsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://faint-sandwich-miniature.on-fleek.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1Host: ik.imagekit.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://faint-sandwich-miniature.on-fleek.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ HTTP/1.1Host: fac.corp.fortinet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://faint-sandwich-miniature.on-fleek.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-2.2.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /escrowmade/Rolling-1s-200px__1__trHCWXy9jD.gif HTTP/1.1Host: ik.imagekit.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: faint-sandwich-miniature.on-fleek.app
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: ik.imagekit.io
Source: global traffic	DNS traffic detected: DNS query: fac.corp.fortinet.com
Source: global traffic	DNS traffic detected: DNS query: alphatrade-options.com

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 48

Chrome Cache Entry: 49

Chrome Cache Entry: 50

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 1012, Parent PID: 5308

General

Chronological Activities

Analysis Process: chrome.exePID: 5288, Parent PID: 1012

General

Chronological Activities

Analysis Process: chrome.exePID: 6564, Parent PID: 5308

Windows Analysis Report
http://faint-sandwich-miniature.on-fleek.app/yibqrfirdcdzxj1.html