Edit tour

Windows Analysis Report
https://artebor.pt/dgt/multas-y-sanciones/info.php

Overview

General Information

Sample URL:	https://artebor.pt/dgt/multas-y-sanciones/info.php
Analysis ID:	1641768
Infos:

Detection

Score:	48
Range:	0 - 100
Confidence:	100%

Signatures

AI detected phishing page

Creates files inside the system directory

Deletes files inside the Windows folder

HTML body contains low number of good links

HTML title does not match URL

Suspicious form URL found

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 2132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 5456 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,3025469587033658370,2220224559297891039,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://artebor.pt/dgt/multas-y-sanciones/info.php" MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

Joe Sandbox AI: Score: 7 Reasons: The brand 'DGT' is associated with the Direccin General de Trfico in Spain, which is a well-known government entity., The legitimate domain for DGT is 'dgt.es'., The provided URL 'artebor.pt' does not match the legitimate domain for DGT., The URL 'artebor.pt' does not contain any recognizable association with DGT., The URL uses a '.pt' domain extension, which is for Portugal, while DGT is a Spanish entity., The presence of input fields requesting personal information is common in phishing sites. DOM: 0.0.pages.csv

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: Number of links: 0

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: Title: Multa de Trfico - DGT does not match URL

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: Form action: ./infoz/send.php

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: No favicon

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: No <meta name="author".. found

Source: https://artebor.pt/dgt/multas-y-sanciones/info.php

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 142.250.186.132:443 -> 192.168.2.7:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.186.31:443 -> 192.168.2.7:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49702 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	TCP traffic detected without corresponding DNS query: 172.217.18.3
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /dgt/multas-y-sanciones/info.php HTTP/1.1Host: artebor.ptConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiKo8sBCIWgzQEI9s/OAQiB1s4BCMnczgEIhODOAQii5M4BCK/kzgEI6eTOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://artebor.pt/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: artebor.ptConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://artebor.pt/dgt/multas-y-sanciones/info.phpAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/03/cropped-wp-icon-32x32.png HTTP/1.1Host: artebor.ptConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://artebor.pt/dgt/multas-y-sanciones/info.phpAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/03/cropped-wp-icon-32x32.png HTTP/1.1Host: artebor.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
Source: global traffic	HTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: artebor.pt
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net

Source: chromecache_63.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_63.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_63.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_63.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_62.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_62.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49689
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 142.250.186.132:443 -> 192.168.2.7:49689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.186.31:443 -> 192.168.2.7:49693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 194.65.141.203:443 -> 192.168.2.7:49702 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir2132_1983996322

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir2132_1983996322

Jump to behavior

Source: classification engine

Classification label: mal48.phis.win@22/18@8/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,3025469587033658370,2220224559297891039,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://artebor.pt/dgt/multas-y-sanciones/info.php"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,3025469587033658370,2220224559297891039,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 File Deletion	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://artebor.pt/dgt/multas-y-sanciones/info.php	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://artebor.pt/wp-content/uploads/2021/03/cropped-wp-icon-32x32.png	0%	Avira URL Cloud	safe
https://artebor.pt/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Download Network PCAP: filtered – full

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
cdn.jsdelivr.net.cdn.cloudflare.net	104.18.186.31	true	false		high
www.google.com	142.250.186.132	true	false		high
artebor.pt	194.65.141.203	true	true		unknown
cdn.jsdelivr.net	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css	false		high
https://artebor.pt/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE	false		high
https://artebor.pt/wp-content/uploads/2021/03/cropped-wp-icon-32x32.png	false	Avira URL Cloud: safe	unknown
https://artebor.pt/dgt/multas-y-sanciones/info.php	true		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://getbootstrap.com/)	chromecache_62.1.dr	false		high
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_62.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
104.18.186.31	cdn.jsdelivr.net.cdn.cloudflare.net	United States		13335	CLOUDFLARENETUS	false
194.65.141.203	artebor.pt	Portugal		3243	MEO-RESIDENCIALPT	true
142.250.186.132	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.7

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1641768
Start date and time:	2025-03-18 13:38:30 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 8s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://artebor.pt/dgt/multas-y-sanciones/info.php
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@22/18@8/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): sppsvc.exe, SIHClient.exe, SgrmBroker.exe, svchost.exe, TextInputHost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.78, 142.250.186.67, 142.250.184.206, 66.102.1.84, 216.58.206.46, 142.250.186.142, 172.217.18.14, 142.250.185.238, 172.217.18.10, 104.126.37.147, 104.126.37.131, 104.126.37.130, 104.126.37.153, 104.126.37.138, 104.126.37.144, 104.126.37.152, 104.126.37.128, 104.126.37.139, 216.58.206.74, 142.250.185.138, 142.250.186.170, 216.58.212.170, 142.250.186.74, 142.250.186.42, 142.250.186.138, 142.250.184.202, 216.58.206.42, 142.250.181.234, 142.250.185.74, 172.217.16.202, 142.250.185.106, 142.250.186.106, 142.250.184.234, 172.217.23.99, 104.126.37.146, 104.126.37.160, 104.126.37.155, 199.232.214.172, 142.250.185.78, 142.250.185.174, 216.58.212.142, 172.217.16.206, 142.250.186.78, 142.250.185.163, 52.149.20.212, 23.60.203.209
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, th.bing.com.edgekey.net, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, p-th.bing.com.trafficmanager.net, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, edgedl.me.gvt1.com, redirector.gvt1.com, th.bing.com, translate.googleapis.com, update.googleapis.com, clients.l.google.com, c.pki.goog
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://artebor.pt/dgt/multas-y-sanciones/info.php

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 55

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Category:	downloaded
Size (bytes):	8000
Entropy (8bit):	7.97130996744173
Encrypted:	false
SSDEEP:	192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ
MD5:	72993DDDF88A63E8F226656F7DE88E57
SHA1:	179F97EC0275F09603A8DB94D4380EB584D81CD5
SHA-256:	F4E80D9DFD374D02989B87A27B5ED4CB78FBB177C27F1478E9A8B0AFB7513149
SHA-512:	7C20165F9D22A86341E841FD58526209017DCDE2AFE2D0D2A89FE853D95DC69F658D25CF798C71F452DAB09843FC808C1AE87A60B1284134163ABF5A1D93E50A
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Preview:	wOF2.......@......?@.................................`..T..t...6..6.$..h. ..T.....1E.r.8...KD......2.>L.......0..c.h...y_)s...N..(._C,/.v...7B...Z..gT@....u*.\t.9....{.&.;<...j.2.H-...A.S......E..)..f.Y8vuw^.^_.n{.Z..U.h..Kcm.........E..........'.J.-.-.......=.."...E...../R.8P....>?.]...R..Ag:.Pt..j..s..pG. .!f?.Q.T.".O.....D.r......3>gJN!V.\.!....+.......X.B.v....c9.&iW-[.,.. ...Q.k%I.s.%...d...8q..._~.C.n".v0..6B.eT..?..7.....l....3..7...M...5......k......^.....F.v~\|.....3N=.....[.!......}....F(...fA..c)0X$,FYL..=).(h<4...M5..<3.c....K/.{.p....3+'W...Z.[..;.w.....X....nx..v.(c;._.W......\|.b.....{...9..A6...V\|.N...Z?+\|H/.#.W%.._.8,...>._..w...RP..-.?.k7X..".._S.3,J.........&.8Gs.?yH.Yx......I_....._o.0K......(e.Q.W....=...J.7.\k.n.pd.....s..%...sD......_..&-...(.7..6.U..&<~8...9......uV..\|h.#m\.d./!....s.......b.j. ."...wX...B.`..Bj=......VnM....p..k.%..U.F..-VN).Y........_..W.p...B..\|.j..f..7....).~....n......c.3....t.......s..>...

Chrome Cache Entry: 56

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Category:	downloaded
Size (bytes):	7884
Entropy (8bit):	7.971946419873228
Encrypted:	false
SSDEEP:	192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI
MD5:	9212F6F9860F9FC6C69B02FEDF6DB8C3
SHA1:	AC6D71B4D5FDD2B3DABC9A06FF6C001E4251DA0B
SHA-256:	7D93459D86585BFCDBB7E0376056226ADB25821EE54B96236FE2123E9560929F
SHA-512:	67317495F4B53E20A9F31C034E456E6C37F387DFFB2C092CAA5159BC441CFCADD02749FFE5BBED1D580D5300A59E48A767EF2C6D9978B474F84C1A2CD095C126
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Preview:	wOF2..............?....x.............................`..T..L.6..6..6.$..h. ..\....~2.".8. .w.Q.Y,.?$pC.....)bT(i..@X.m...+...D.Q.O.\-?g.U..Z..._...l..!.lKD.Q..>.9v..V..<...Td$.E..,...o..c.t....!...#..8.A..3..cx~n=Di#....U......K.5jXH.].....j.(.6..]{..IDhZ.......R.....[..X".B~.(Su2..../.I.E...T.l%....'.N.aN.2\,70.....V.RQ..k~..".1. Lg.zd....}.yyys&D.K.g....)....2&%$.nm.\.._.e.tU..I.w;W.\|..6..XUv...!......>@.V..'..`.H`...5.7.X.?..@#..:..<.R.\|.;K..}.6..IA.C.....z.n.G............[.....z........`.X....D..{<..j...).......FQ..T..m.&s_k[%ZILV.8.l.o.z$.)/]......}..Kg.}..O...o\|..>.,U..?..{b<........._.._.06.........R01.@..[......a8..7.V%..B.0F...4 ....q..u#.lg....x....a.=w...8..A6.>f.+.8..Xm@`.m....G.....i..^R}9.aB...?._#.[f.d,V....bG.]...iED.@[.:.....P...........~.{,.x...~.!...C....b.....ze..).:+N....2sd..s..MEp.?^[.k........p..nz...[-.XI.%.."..`..<.2b\.w.VS.a.+......~..J..uGq..)..1...4o3v.Sb......5.w7...-....Wd>..B....R^.4'..B.2G>.en.q..._.@s......

Chrome Cache Entry: 57

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	897
Entropy (8bit):	7.48583522296411
Encrypted:	false
SSDEEP:	24:hJ8BuSceE57LLT9tp2ePMxIZmU6Xyx2zz:hJSceElPTTXviyx2H
MD5:	95687EBD56DE5A4B89DBA053A0049A67
SHA1:	8DC1997F3484E1759CE8A814A72E7543D13A346A
SHA-256:	8BC621EEEF6A618506A620A30C672B6257F7890353071C5852BA5522DF068837
SHA-512:	71DF12D318907B5E9334F3CE2525FD8C9E0863AAA7052A5DAB58B913F8D6C3716CDC4ADB39AA1EDFB12B241A6BC0C6EA95259D4A629CB2B972E7F9FEE2E37E45
Malicious:	false
Reputation:	low
URL:	https://artebor.pt/wp-content/uploads/2021/03/cropped-wp-icon-32x32.png
Preview:	.PNG........IHDR... ... .....D.......pHYs..........+......PLTE.......... (.......;B.................&.....$.4;.......TZ.......+2....v{.&-.jo.ns.W].9@.6=.\b.%-..5.x}.......w\|.......2.!).......#+....ej.(0....18...................kp................[a....fl.......FL.EK.......-4.......CJ..../6....07./7....^c.\|..)1.`f.-5.............,3....$,.Y_.=C....&..{.....3:.....'....IP.............in.(/.LS.......ek.......+3.LR.sx....:A....$+.......GN.EL...................JP....\|.....4;.......>E.MT.X^....QW..S.....tRNS...........>}...bIDAT8..eW.A..`va..vW.....6P.......;..+....}?.9.;sg$Q....H.>..=.-1.@.....H.Tl...@.q.I.. k..d.]. !...c....T..'....x9./p......W....0....3..a...J..N..3._..$ ..OK..~T.x=Y.10..X.[...[...Sv.....\....1......P`s.}ol7...%.g..B.)..@.HhM.@.._.$..l..de.x;~Q..xA..8...m....d.k....4..5\|...8.uv.....Z._.g.0t.@Y{.KZ..V..[_..X....PGgE2.H.. ./.$....z. ..W..Ip.C6.....IEND.B`.

Chrome Cache Entry: 58

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	897
Entropy (8bit):	7.48583522296411
Encrypted:	false
SSDEEP:	24:hJ8BuSceE57LLT9tp2ePMxIZmU6Xyx2zz:hJSceElPTTXviyx2H
MD5:	95687EBD56DE5A4B89DBA053A0049A67
SHA1:	8DC1997F3484E1759CE8A814A72E7543D13A346A
SHA-256:	8BC621EEEF6A618506A620A30C672B6257F7890353071C5852BA5522DF068837
SHA-512:	71DF12D318907B5E9334F3CE2525FD8C9E0863AAA7052A5DAB58B913F8D6C3716CDC4ADB39AA1EDFB12B241A6BC0C6EA95259D4A629CB2B972E7F9FEE2E37E45
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....D.......pHYs..........+......PLTE.......... (.......;B.................&.....$.4;.......TZ.......+2....v{.&-.jo.ns.W].9@.6=.\b.%-..5.x}.......w\|.......2.!).......#+....ej.(0....18...................kp................[a....fl.......FL.EK.......-4.......CJ..../6....07./7....^c.\|..)1.`f.-5.............,3....$,.Y_.=C....&..{.....3:.....'....IP.............in.(/.LS.......ek.......+3.LR.sx....:A....$+.......GN.EL...................JP....\|.....4;.......>E.MT.X^....QW..S.....tRNS...........>}...bIDAT8..eW.A..`va..vW.....6P.......;..+....}?.9.;sg$Q....H.>..=.-1.@.....H.Tl...@.q.I.. k..d.]. !...c....T..'....x9./p......W....0....3..a...J..N..3._..$ ..OK..~T.x=Y.10..X.[...[...Sv.....\....1......P`s.}ol7...%.g..B.)..@.HhM.@.._.$..l..de.x;~Q..xA..8...m....d.k....4..5\|...8.uv.....Z._.g.0t.@Y{.KZ..V..[_..X....PGgE2.H.. ./.$....z. ..W..Ip.C6.....IEND.B`.

Chrome Cache Entry: 59

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	88
Entropy (8bit):	4.499166523354977
Encrypted:	false
SSDEEP:	3:7JdInTKgnPhiu7/dzcyP0JRQCRn:tdIxPhia/dXPyFRn
MD5:	C4465FF8C8D517FE380526826635DA01
SHA1:	72B46ECB8EA580A077BF8DA8906DB3D0C0C68FCB
SHA-256:	1C3364A6C45B614F0376B9074FA939D6BD921C2FF7A482E647482CB2C70EADF8
SHA-512:	6CFECA22D77373B527B12188294F692FE38970630265BBB7C0DB50E90BBDBD6F645D08FCE8533D46ACF06D54D485F7EA9530B90324209477899E7B2BE19ACF5D
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhJDCXQJ8EJBxgFjEgUN77-NcxIFDQCgC8oSBQ2DqFs9EgUNlNRbHhIFDaS7fdUSBQ1GZxV9EgUNR-feByGuLS1OkFJy9Q==?alt=proto
Preview:	Cj8KBw3vv41zGgAKBw0AoAvKGgAKBw2DqFs9GgAKBw2U1FseGgAKBw2ku33VGgAKBw1GZxV9GgAKBw1H594HGgA=

Chrome Cache Entry: 60

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 419x240, components 3
Category:	downloaded
Size (bytes):	12583
Entropy (8bit):	7.925499449720057
Encrypted:	false
SSDEEP:	192:NlgNmAIRGPDHoNpNB2t7Df5ZfOzylm3kGFowREkQ+6gzK537FMfxjPGWvf:Nl1BR2DHPt7lZPm1TQ+6UsrFM4W3
MD5:	A584ABA3AB25E54A0A5B75BAC74CF186
SHA1:	30E0AC7C9511F4AE4BD020CE6B33FCBC790B0381
SHA-256:	18CF8FC991E70E69BF4CEE9423CF977B67A176EC48DAB5E58C9816B6AB6AAE8C
SHA-512:	EA5C4AE44DD6B67EA4806A6481C020B4ABDF84713E0AC3F6B6F1BF6EF0AD450B93754BF783604FB7C9138741B2A4D6FBEA849DF793187ED02EA8B82476DC5440
Malicious:	false
Reputation:	low
URL:	https://th.bing.com/th/id/OIP.WmY7Qq5D4PjcUa_Vj8SwggHaDw?w=308&h=177&c=7&r=0&o=5&dpr=1.5&pid=1.7
Preview:	......JFIF.............C.......................................%..%....)).%756.*2>-)0.;!....C...........,...,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,..........."........................................O..........................!.1AQ...Uaq...."#S......2B...3r..$RTbes..4C...%ct................................./...........................QR.!1.."2AaqB.#$3.............?.....DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD...C'......c.'..1..;...`...Q.Xh..;A...E...%.......6...<...v..'......?._\.;_.y..y'.@ya.<...O....!.h?....;_.8..^I......C.......m..`r.I^...8.g.........uY........4.@.:.FH...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...X.YX?.x=...E.%.n=..V.X.wI9.......I..\|#.....d...O\|Qm.....[.-j.c./.... .......+7.....O&...s....U..#..G.Ubx.<#w~...=@.OR..X..b...Z6.....IU[N.......{..$DY..""...." ...""...." ...""...." ...""...." ...""...." ...""../P..7...7....},.4....y../.EW....ee.a.\|.5..c.$..P....;mQD.....R'$.&[."

Chrome Cache Entry: 61

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 419x240, components 3
Category:	dropped
Size (bytes):	12583
Entropy (8bit):	7.925499449720057
Encrypted:	false
SSDEEP:	192:NlgNmAIRGPDHoNpNB2t7Df5ZfOzylm3kGFowREkQ+6gzK537FMfxjPGWvf:Nl1BR2DHPt7lZPm1TQ+6UsrFM4W3
MD5:	A584ABA3AB25E54A0A5B75BAC74CF186
SHA1:	30E0AC7C9511F4AE4BD020CE6B33FCBC790B0381
SHA-256:	18CF8FC991E70E69BF4CEE9423CF977B67A176EC48DAB5E58C9816B6AB6AAE8C
SHA-512:	EA5C4AE44DD6B67EA4806A6481C020B4ABDF84713E0AC3F6B6F1BF6EF0AD450B93754BF783604FB7C9138741B2A4D6FBEA849DF793187ED02EA8B82476DC5440
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C.......................................%..%....)).%756.*2>-)0.;!....C...........,...,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,..........."........................................O..........................!.1AQ...Uaq...."#S......2B...3r..$RTbes..4C...%ct................................./...........................QR.!1.."2AaqB.#$3.............?.....DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...DD...C'......c.'..1..;...`...Q.Xh..;A...E...%.......6...<...v..'......?._\.;_.y..y'.@ya.<...O....!.h?....;_.8..^I......C.......m..`r.I^...8.g.........uY........4.@.:.FH...DD....D@...DD....D@...DD....D@...DD....D@...DD....D@...X.YX?.x=...E.%.n=..V.X.wI9.......I..\|#.....d...O\|Qm.....[.-j.c./.... .......+7.....O&...s....U..#..G.Ubx.<#w~...=@.OR..X..b...Z6.....IU[N.......{..$DY..""...." ...""...." ...""...." ...""...." ...""...." ...""../P..7...7....},.4....y../.EW....ee.a.\|.5..c.$..P....;mQD.....R'$.&[."

Chrome Cache Entry: 62

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65306)
Category:	downloaded
Size (bytes):	163873
Entropy (8bit):	5.058104233525069
Encrypted:	false
SSDEEP:	1536:4t04T8if0W8DsEBpy0cuJBf2rIWE5e0VUpz600I4fM:4t04/0VUpz600I4fM
MD5:	94994C66FEC8C3468B269DC0CC242151
SHA1:	EC16BD19BF4AE9BC2E2336AC409A503BBBDAACAD
SHA-256:	62F74B1CF824A89F03554C638E719594C309B4D8A627A758928C0516FA7890AB
SHA-512:	190194D1F30C8B6DFCB80F9AFDB75625FA5418A52405D81F15D8019BBD92510E817B25A3A18FEDA27D2D1231FE3921FD88FE037E1FBB1CCD08F5FE5E4742FFE3
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Preview:	@charset "UTF-8";/!. Bootstrap v5.1.3 (https://getbootstrap.com/). * Copyright 2011-2021 The Bootstrap Authors. * Copyright 2011-2021 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-rgb:220,53

Chrome Cache Entry: 63

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1684
Entropy (8bit):	5.318018846957903
Encrypted:	false
SSDEEP:	48:QOEaEJc+ukOEagN0xsOxMaWxJc+ukOxMaW4RN0xD:QOEaEJc+ukOEagN/OxMaqJc+ukOxMadu
MD5:	59B1FE40E28AEF60DF779DDACFE99107
SHA1:	0D0E21246AFD95787F03EB7D27661EE6602C608A
SHA-256:	919D078131766036DDACC4C838C200B09B14D827B21716A006525B04FD41329F
SHA-512:	622BAE476EAB64FF0DC0B372EC3C13CC4E990571D0ACC4AA1A8083D974DC000542E4989760E07D3326472C8FC77A84FCD24EBB326E602164D1B3FCA4AFCC2AE3
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
Preview:	/* latin-ext /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJnecmNE.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./ latin-ext */.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 600;. font-display: swap;. src: url(https://fonts.gstatic.com/s/popp

Chrome Cache Entry: 64

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7728)
Category:	downloaded
Size (bytes):	7733
Entropy (8bit):	5.7881174536426085
Encrypted:	false
SSDEEP:	192:HXvT0TZAs+9GLCH6666KC1W3I0zJCh7m/WW+P:370TS9PH6666f+tyipo
MD5:	917AE3740F95FC5B75FF47441282D815
SHA1:	FDED00B7321D1712B7D1EAFE717C9B2F04A6B8E1
SHA-256:	8AAAC1B79C9F87B858B7DB0CE57F5348896F863BFAB222D00FBCC50C3DF385A2
SHA-512:	50765656860B74A530AE6D863FC34741BA89DBB7CEE7FE101CB59319D0B8A22AF6CE83375187997F4B4F7DCF3EEA438808607A41BB1AB0A36DDD50B9B489C116
Malicious:	false
Reputation:	low
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE
Preview:	)]}'.["",["baltimore ravens","temptation island netflix still together","coffee creamer recalled","free steam games","weather tornadoes","partial solar eclipse march 29","youngbloods jesse colin young","cincinnati bengals"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChoIkk4SFQoRVHJlbmRpbmcgc2VhcmNoZXMoCg\u003d\u003d","google:suggestdetail":[{"google:entityinfo":"CggvbS8wMWN0NhINRm9vdGJhbGwgdGVhbTKuDGRhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBRUFBQUFBZkNBTUFBQUJnYnp2T0FBQUJKbEJNVkVYLy8vOEFBQUFrRWw4QUFGU1ViUUNWYndBbEVtS05aUUFBQUJ3QUFETUFBRkNUYXdDUlp3QW1FMldiY3dBaEVGZno3K2tBQUVFSkFGb0FBRGtBQUN3QUFFY1BCeWNOQmlLWmRRa1BBQUJ5YlkvQXZzdjI5dlliRlFERnhjWGJ6N2ZuMzlQSnRaQzhvM0N5bEZXcmkwR3BoemZXeUszUndhT0NYZ0JwVEFCVFBBQStMQUFxSGdBTUJnQnlVZ0FBQUNZaUZ3QmRRd0JGTXdBektHOS9lNkN0ck1UTXpOdlkxZG5lMmRXVGtiQVdDVVEwSndCbllvL1d6OGE0bm1TbGdTakdzSC9LdjdERXZMYTJzTFdhbHFwV1VZSVRDaktkZ1VKemRuWkdRSGdXQ2ozbDV1NndxWm1yVmw3Y2U0T0pCUmlmaGxPU2xwdmprS

Static File Info

⊘No static file info

Network Behavior

Download Network PCAP: filtered – full

Network Port Distribution

Total Packets: 152
• 443 (HTTPS)
• 80 (HTTP)
• 53 (DNS)

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Mar 18, 2025 13:39:17.805061102 CET	49674	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:17.805088043 CET	49673	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:17.805233002 CET	49675	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:18.398843050 CET	49676	80	192.168.2.7	23.199.215.203
Mar 18, 2025 13:39:18.398874998 CET	49677	443	192.168.2.7	2.18.98.62
Mar 18, 2025 13:39:24.049395084 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:24.049422979 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:24.049521923 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:24.049679041 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:24.049690962 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:24.693191051 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:24.693289042 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:24.694626093 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:24.694637060 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:24.694859982 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:24.743210077 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:25.607552052 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.607600927 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:25.607675076 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.608068943 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.608107090 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:25.608171940 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.608316898 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.608334064 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:25.608499050 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:25.608515024 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.346908092 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.347054005 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:26.348231077 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:26.348244905 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.348459005 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.348721027 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:26.350281000 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.350353956 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:26.350697041 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:26.350706100 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.350944996 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.396322012 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:26.398097992 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:27.216092110 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:27.216136932 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:27.216161966 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:27.216195107 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:27.216211081 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:27.216257095 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:27.217511892 CET	49690	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:27.217535973 CET	443	49690	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:27.250056028 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.250082970 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.250139952 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.250361919 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.250380039 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.416261911 CET	49674	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:27.416266918 CET	49673	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:27.416285992 CET	49675	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:27.532166004 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.572333097 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.710078955 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.710199118 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.718600988 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.718631029 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.718940973 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.719460964 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.746016026 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.746072054 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.746102095 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.746186972 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.746217966 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.746315002 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.746323109 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.749264956 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.749317884 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.749330997 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.749432087 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.749483109 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.758152962 CET	49689	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:39:27.758172035 CET	443	49689	142.250.186.132	192.168.2.7
Mar 18, 2025 13:39:27.760324001 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846438885 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846512079 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846548080 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846577883 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.846594095 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846631050 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846673965 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846690893 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.846698999 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.846731901 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.847101927 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.847141981 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.847177982 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.847201109 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.847208977 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.847227097 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.850991964 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.851042986 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.851048946 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.894361019 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.933804989 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934215069 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934251070 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934267044 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.934282064 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934329033 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934374094 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934411049 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934413910 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.934415102 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.934422970 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.934508085 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.934514999 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935376883 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935415983 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935444117 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935466051 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.935477018 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935486078 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.935544968 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.935858965 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.935866117 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936100006 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936137915 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936162949 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.936171055 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936206102 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936526060 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936563969 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.936573029 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.936585903 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.937227011 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.937275887 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.937314987 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.937323093 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.937330008 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.937355995 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.937377930 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.937412977 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.937421083 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:27.977699041 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:27.977720022 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.011015892 CET	49676	80	192.168.2.7	23.199.215.203
Mar 18, 2025 13:39:28.011028051 CET	49677	443	192.168.2.7	2.18.98.62
Mar 18, 2025 13:39:28.019562960 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.019615889 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.019656897 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020005941 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020052910 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020067930 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020103931 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020181894 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020220041 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020260096 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020268917 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020281076 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020313025 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020322084 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020334005 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020344019 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020380020 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.020385027 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.020420074 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021197081 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021248102 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021409035 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021452904 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021461010 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021471977 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021490097 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021538019 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021579027 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021588087 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021603107 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021627903 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021634102 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021646023 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021656036 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021682978 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021691084 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.021696091 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.021729946 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.023802042 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.023878098 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.023899078 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.023956060 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.024010897 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.024022102 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.075397968 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.106622934 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.106695890 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.106919050 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.106961966 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.106967926 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.106976032 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.107024908 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.107379913 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.107446909 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.107551098 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.107590914 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.107593060 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.107606888 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.107645035 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108012915 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108068943 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108216047 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108263016 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108378887 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108427048 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108773947 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108814001 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108814001 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108824015 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108936071 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108946085 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108974934 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.108978987 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.108985901 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.109016895 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.109097004 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:28.109153032 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.111675978 CET	49693	443	192.168.2.7	104.18.186.31
Mar 18, 2025 13:39:28.111696959 CET	443	49693	104.18.186.31	192.168.2.7
Mar 18, 2025 13:39:29.413501024 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.460328102 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:29.770132065 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:29.770205975 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:29.770469904 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.771091938 CET	49691	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.771112919 CET	443	49691	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:29.773646116 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.773694038 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:29.773783922 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.773925066 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:29.773941994 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.472292900 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.472712994 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:30.472740889 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.472904921 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:30.472912073 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.802263975 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.802323103 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:30.802402020 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:30.803239107 CET	49701	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:30.803261042 CET	443	49701	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.088679075 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.088721991 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.088824034 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.088958979 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.088972092 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.772022963 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.772118092 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.772676945 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.772686005 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.772914886 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:31.773236036 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:31.820324898 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:32.099610090 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:32.099675894 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:32.099808931 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:32.101234913 CET	49702	443	192.168.2.7	194.65.141.203
Mar 18, 2025 13:39:32.101248026 CET	443	49702	194.65.141.203	192.168.2.7
Mar 18, 2025 13:39:37.642474890 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:39:37.647146940 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:39:37.647214890 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:39:37.647344112 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:39:37.651930094 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:39:38.282681942 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:39:38.289474010 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:39:38.294553995 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:39:38.510941982 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:39:38.555253029 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:39:38.687258959 CET	49672	443	192.168.2.7	2.23.227.208
Mar 18, 2025 13:39:38.687305927 CET	443	49672	2.23.227.208	192.168.2.7
Mar 18, 2025 13:39:55.243401051 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:39:55.551395893 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:39:56.162090063 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:39:57.374711990 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:39:59.781774044 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:40:03.817420006 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:04.126897097 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:04.593537092 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:40:04.739459991 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:05.954183102 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:08.361027956 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:13.172281027 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:14.206904888 CET	49671	443	192.168.2.7	204.79.197.203
Mar 18, 2025 13:40:22.775218010 CET	49678	443	192.168.2.7	20.189.173.15
Mar 18, 2025 13:40:24.097201109 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:24.097259998 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:24.097330093 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:24.097969055 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:24.097985983 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:24.772699118 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:24.773062944 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:24.773096085 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:34.679512024 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:34.679567099 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:34.679647923 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:36.565510035 CET	49717	443	192.168.2.7	142.250.186.132
Mar 18, 2025 13:40:36.565562010 CET	443	49717	142.250.186.132	192.168.2.7
Mar 18, 2025 13:40:39.062686920 CET	49705	80	192.168.2.7	172.217.18.3
Mar 18, 2025 13:40:39.067586899 CET	80	49705	172.217.18.3	192.168.2.7
Mar 18, 2025 13:40:39.067672014 CET	49705	80	192.168.2.7	172.217.18.3

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Mar 18, 2025 13:39:19.590564966 CET	53	55951	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:19.625790119 CET	53	65493	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:20.633701086 CET	53	65263	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:20.717835903 CET	53	57414	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:24.041640997 CET	62644	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:24.041766882 CET	60275	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:24.048427105 CET	53	62644	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:24.048455000 CET	53	60275	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:25.348129034 CET	51355	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:25.348289013 CET	50649	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:25.605626106 CET	53	50649	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:25.606616020 CET	53	51355	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:27.241935968 CET	58662	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:27.242280006 CET	63417	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:27.247616053 CET	53	59079	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:27.248918056 CET	53	63417	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:27.249258041 CET	53	58662	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:27.365463972 CET	53	61262	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:28.204948902 CET	53	55221	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:30.807383060 CET	52186	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:30.807678938 CET	54844	53	192.168.2.7	1.1.1.1
Mar 18, 2025 13:39:31.037261963 CET	53	54844	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:31.087984085 CET	53	52186	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:37.707801104 CET	53	61283	1.1.1.1	192.168.2.7
Mar 18, 2025 13:39:56.640551090 CET	53	64430	1.1.1.1	192.168.2.7
Mar 18, 2025 13:40:19.327446938 CET	53	64345	1.1.1.1	192.168.2.7
Mar 18, 2025 13:40:19.479890108 CET	53	51385	1.1.1.1	192.168.2.7
Mar 18, 2025 13:40:22.895045996 CET	53	51047	1.1.1.1	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Mar 18, 2025 13:39:24.041640997 CET	192.168.2.7	1.1.1.1	0xd7bf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:24.041766882 CET	192.168.2.7	1.1.1.1	0x2d83	Standard query (0)	www.google.com	65	IN (0x0001)	false
Mar 18, 2025 13:39:25.348129034 CET	192.168.2.7	1.1.1.1	0xfa13	Standard query (0)	artebor.pt	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:25.348289013 CET	192.168.2.7	1.1.1.1	0x2ebd	Standard query (0)	artebor.pt	65	IN (0x0001)	false
Mar 18, 2025 13:39:27.241935968 CET	192.168.2.7	1.1.1.1	0xe06e	Standard query (0)	cdn.jsdelivr.net	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:27.242280006 CET	192.168.2.7	1.1.1.1	0x769c	Standard query (0)	cdn.jsdelivr.net	65	IN (0x0001)	false
Mar 18, 2025 13:39:30.807383060 CET	192.168.2.7	1.1.1.1	0xa66d	Standard query (0)	artebor.pt	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:30.807678938 CET	192.168.2.7	1.1.1.1	0xeb9e	Standard query (0)	artebor.pt	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Mar 18, 2025 13:39:24.048427105 CET	1.1.1.1	192.168.2.7	0xd7bf	No error (0)	www.google.com		142.250.186.132	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:24.048455000 CET	1.1.1.1	192.168.2.7	0x2d83	No error (0)	www.google.com			65	IN (0x0001)	false
Mar 18, 2025 13:39:25.606616020 CET	1.1.1.1	192.168.2.7	0xfa13	No error (0)	artebor.pt		194.65.141.203	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:27.248918056 CET	1.1.1.1	192.168.2.7	0x769c	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Mar 18, 2025 13:39:27.249258041 CET	1.1.1.1	192.168.2.7	0xe06e	No error (0)	cdn.jsdelivr.net	cdn.jsdelivr.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Mar 18, 2025 13:39:27.249258041 CET	1.1.1.1	192.168.2.7	0xe06e	No error (0)	cdn.jsdelivr.net.cdn.cloudflare.net		104.18.186.31	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:27.249258041 CET	1.1.1.1	192.168.2.7	0xe06e	No error (0)	cdn.jsdelivr.net.cdn.cloudflare.net		104.18.187.31	A (IP address)	IN (0x0001)	false
Mar 18, 2025 13:39:31.087984085 CET	1.1.1.1	192.168.2.7	0xa66d	No error (0)	artebor.pt		194.65.141.203	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

artebor.pt

cdn.jsdelivr.net

www.google.com

c.pki.goog

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.7	49705	172.217.18.3	80

Timestamp	Bytes transferred	Direction	Data
Mar 18, 2025 13:39:37.647344112 CET	202	OUT	GET /r/gsr1.crl HTTP/1.1 Cache-Control: max-age = 3000 Connection: Keep-Alive Accept: / If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMT User-Agent: Microsoft-CryptoAPI/10.0 Host: c.pki.goog
Mar 18, 2025 13:39:38.282681942 CET	222	IN	HTTP/1.1 304 Not Modified Date: Tue, 18 Mar 2025 12:26:37 GMT Expires: Tue, 18 Mar 2025 13:16:37 GMT Age: 781 Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT Cache-Control: public, max-age=3000 Vary: Accept-Encoding
Mar 18, 2025 13:39:38.289474010 CET	200	OUT	GET /r/r4.crl HTTP/1.1 Cache-Control: max-age = 3000 Connection: Keep-Alive Accept: / If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT User-Agent: Microsoft-CryptoAPI/10.0 Host: c.pki.goog
Mar 18, 2025 13:39:38.510941982 CET	222	IN	HTTP/1.1 304 Not Modified Date: Tue, 18 Mar 2025 12:26:54 GMT Expires: Tue, 18 Mar 2025 13:16:54 GMT Age: 764 Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT Cache-Control: public, max-age=3000 Vary: Accept-Encoding

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.7	49690	194.65.141.203	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:26 UTC	691	OUT	GET /dgt/multas-y-sanciones/info.php HTTP/1.1 Host: artebor.pt Connection: keep-alive sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-18 12:39:27 UTC	404	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Mar 2025 12:39:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.3.17 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k; path=/ Alt-Svc: h3=":443"; ma=86400 X-Cache-Status: MISS
2025-03-18 12:39:27 UTC	9929	IN	Data Raw: 31 64 33 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4d 75 6c 74 61 20 64 65 20 54 72 26 61 61 63 75 74 65 3b 66 69 63 6f 20 2d 20 44 47 54 3c 2f 74 69 74 6c 65 3e 0a 09 3c 21 2d 2d 20 4c 69 6e 6b 20 74 6f 20 47 6f 6f 67 6c 65 20 46 6f 6e 74 73 Data Ascii: 1d32<!DOCTYPE html><html lang="es"><head><meta charset="UTF-8" /><meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" name="viewport" /><title>Multa de Tráfico - DGT</title>... Link to Google Fonts

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.7	49689	142.250.186.132	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:27 UTC	575	OUT	GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1 Host: www.google.com Connection: keep-alive X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiKo8sBCIWgzQEI9s/OAQiB1s4BCMnczgEIhODOAQii5M4BCK/kzgEI6eTOAQ== Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-18 12:39:27 UTC	1303	IN	HTTP/1.1 200 OK Date: Tue, 18 Mar 2025 12:39:27 GMT Pragma: no-cache Expires: -1 Cache-Control: no-cache, must-revalidate Content-Type: text/javascript; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-O1M3a3L1nz27xrSvTdLeHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Downlink Accept-CH: RTT Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Content-Disposition: attachment; filename="f.txt" Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-03-18 12:39:27 UTC	87	IN	Data Raw: 65 35 66 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 62 61 6c 74 69 6d 6f 72 65 20 72 61 76 65 6e 73 22 2c 22 74 65 6d 70 74 61 74 69 6f 6e 20 69 73 6c 61 6e 64 20 6e 65 74 66 6c 69 78 20 73 74 69 6c 6c 20 74 6f 67 65 74 68 65 72 22 2c 22 63 6f 66 66 65 65 20 63 72 Data Ascii: e5f)]}'["",["baltimore ravens","temptation island netflix still together","coffee cr
2025-03-18 12:39:27 UTC	1390	IN	Data Raw: 65 61 6d 65 72 20 72 65 63 61 6c 6c 65 64 22 2c 22 66 72 65 65 20 73 74 65 61 6d 20 67 61 6d 65 73 22 2c 22 77 65 61 74 68 65 72 20 74 6f 72 6e 61 64 6f 65 73 22 2c 22 70 61 72 74 69 61 6c 20 73 6f 6c 61 72 20 65 63 6c 69 70 73 65 20 6d 61 72 63 68 20 32 39 22 2c 22 79 6f 75 6e 67 62 6c 6f 6f 64 73 20 6a 65 73 73 65 20 63 6f 6c 69 6e 20 79 6f 75 6e 67 22 2c 22 63 69 6e 63 69 6e 6e 61 74 69 20 62 65 6e 67 61 6c 73 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 6f 49 6b 6b 34 53 46 51 6f 52 56 48 4a 6c Data Ascii: eamer recalled","free steam games","weather tornadoes","partial solar eclipse march 29","youngbloods jesse colin young","cincinnati bengals"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChoIkk4SFQoRVHJl
2025-03-18 12:39:27 UTC	1390	IN	Data Raw: 44 4e 49 62 45 78 73 61 6e 4a 35 65 55 39 79 62 56 46 50 57 54 52 59 56 30 64 72 4e 55 4e 33 61 47 68 57 54 45 78 6c 4d 47 4d 34 54 47 31 47 55 56 42 70 55 55 4e 78 59 58 64 6e 57 6b 64 4c 5a 44 55 31 52 6c 46 50 61 43 39 61 53 6e 68 6c 4e 45 4a 4a 52 54 56 6e 65 6b 31 74 59 57 4a 57 54 69 39 55 53 43 74 52 53 33 70 45 57 6b 70 4a 52 6d 64 47 4d 6c 4e 57 54 6a 52 70 57 47 67 7a 53 32 46 54 55 6e 4a 6c 65 47 78 74 63 32 64 7a 63 6c 70 43 54 32 67 7a 51 58 64 6c 52 7a 5a 6e 62 48 52 75 52 6b 31 32 4f 54 4e 48 52 58 6c 33 65 69 74 6c 62 46 46 77 57 6a 4e 4d 55 7a 52 4e 65 6b 35 56 56 31 4e 77 53 31 46 4e 4e 33 6f 35 4f 45 78 42 62 30 70 30 54 6a 55 35 4b 32 31 52 59 55 51 77 5a 48 46 70 5a 6c 5a 48 55 55 6c 74 61 58 46 4c 62 32 56 6e 53 45 74 7a 56 53 74 78 Data Ascii: DNIbExsanJ5eU9ybVFPWTRYV0drNUN3aGhWTExlMGM4TG1GUVBpUUNxYXdnWkdLZDU1RlFPaC9aSnhlNEJJRTVnek1tYWJWTi9USCtRS3pEWkpJRmdGMlNWTjRpWGgzS2FTUnJleGxtc2dzclpCT2gzQXdlRzZnbHRuRk12OTNHRXl3eitlbFFwWjNMUzRNek5VV1NwS1FNN3o5OExBb0p0TjU5K21RYUQwZHFpZlZHUUltaXFLb2VnSEtzVStx
2025-03-18 12:39:27 UTC	819	IN	Data Raw: 5a 32 56 79 49 47 46 75 5a 43 42 7a 62 32 35 6e 64 33 4a 70 64 47 56 79 4d 73 4d 4e 5a 47 46 30 59 54 70 70 62 57 46 6e 5a 53 39 71 63 47 56 6e 4f 32 4a 68 63 32 55 32 4e 43 77 76 4f 57 6f 76 4e 45 46 42 55 56 4e 72 57 6b 70 53 5a 30 46 43 51 56 46 42 51 55 46 52 51 55 4a 42 51 55 51 76 4d 6e 64 44 52 55 46 42 61 30 64 43 64 32 64 49 51 6d 64 72 53 55 4a 33 5a 30 74 44 5a 32 74 4d 52 46 4a 5a 55 45 52 52 64 30 31 45 55 6e 4e 56 52 6c 4a 42 56 30 6c 43 4d 47 6c 4a 61 55 46 6b 53 48 67 34 61 30 74 45 55 58 4e 4b 51 31 6c 34 53 6e 67 34 5a 6b 78 55 4d 48 52 4e 56 46 55 7a 54 32 70 76 4e 6b 6c 35 63 79 39 53 52 44 67 30 55 58 70 52 4e 55 39 71 59 30 4a 44 5a 32 39 4c 52 46 46 33 54 6b 64 6e 4f 46 42 48 61 6d 4e 73 53 48 6c 56 4d 30 35 36 59 7a 4e 4f 65 6d 4d Data Ascii: Z2VyIGFuZCBzb25nd3JpdGVyMsMNZGF0YTppbWFnZS9qcGVnO2Jhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemM
2025-03-18 12:39:27 UTC	1390	IN	Data Raw: 66 64 36 0d 0a 45 52 43 61 32 5a 6f 4d 7a 4a 51 55 33 42 74 4e 6a 56 6e 53 57 74 5a 54 6d 64 61 65 55 4e 45 64 46 4d 30 55 32 6f 79 4e 45 46 31 5a 7a 6b 77 57 54 64 4f 65 54 68 44 54 31 46 51 63 45 52 78 53 33 4e 78 55 57 46 45 4e 6c 42 51 4f 56 56 56 52 6e 59 32 62 55 46 45 4e 54 42 55 52 47 52 78 55 31 51 79 63 7a 52 4e 65 56 4e 77 52 45 63 34 61 32 70 6a 53 30 6c 44 65 6b 68 7a 51 6c 46 48 5a 54 6c 71 64 6a 64 54 54 7a 56 71 51 6a 56 56 63 6b 4a 72 51 6a 64 6b 4e 6b 35 36 65 45 78 51 51 6b 70 45 53 55 31 77 53 58 42 57 61 44 5a 46 57 58 42 55 63 31 68 72 59 55 46 79 53 6e 64 6f 53 54 56 74 61 6c 46 4d 64 47 68 53 61 57 67 35 55 7a 4e 70 55 6c 49 32 52 30 31 59 63 33 5a 61 54 32 55 76 56 6c 56 6a 55 6c 6b 30 62 33 67 35 53 6e 6c 33 56 6c 59 35 51 31 52 Data Ascii: fd6ERCa2ZoMzJQU3BtNjVnSWtZTmdaeUNEdFM0U2oyNEF1ZzkwWTdOeThDT1FQcERxS3NxUWFENlBQOVVVRnY2bUFENTBURGRxU1QyczRNeVNwREc4a2pjS0lDekhzQlFHZTlqdjdTTzVqQjVVckJrQjdkNk56eExQQkpESU1wSXBWaDZFWXBUc1hrYUFySndoSTVtalFMdGhSaWg5UzNpUlI2R01Yc3ZaT2UvVlVjUlk0b3g5Snl3VlY5Q1R
2025-03-18 12:39:27 UTC	1390	IN	Data Raw: 49 33 51 56 56 70 59 58 70 79 54 57 77 72 4e 32 6c 4f 55 57 74 4e 61 45 70 34 4d 58 70 32 4f 45 46 73 4d 48 46 6a 65 55 68 49 52 56 52 6e 5a 32 4a 42 5a 56 4a 76 55 6b 64 6c 53 6c 64 59 63 33 68 34 56 44 59 30 63 44 68 72 64 53 74 35 57 47 64 70 52 30 70 59 51 6a 4e 34 56 30 56 6a 65 48 5a 73 51 31 46 57 53 56 70 54 52 44 42 79 4d 6b 4e 48 63 55 78 69 53 43 39 47 59 57 68 55 4c 79 38 79 55 54 30 39 4f 68 31 35 62 33 56 75 5a 32 4a 73 62 32 39 6b 63 79 42 71 5a 58 4e 7a 5a 53 42 6a 62 32 78 70 62 69 42 35 62 33 56 75 5a 30 6f 48 49 7a 51 79 4e 44 49 30 4d 6c 4a 4b 5a 33 4e 66 63 33 4e 77 50 57 56 4b 65 6d 6f 30 64 45 78 51 4d 56 52 6a 64 33 70 4e 63 58 42 4c 53 7a 68 35 57 56 42 54 55 33 4a 6a 64 33 5a 36 56 58 52 51 65 58 4e 75 55 46 52 35 62 46 64 35 52 Data Ascii: I3QVVpYXpyTWwrN2lOUWtNaEp4MXp2OEFsMHFjeUhIRVRnZ2JBZVJvUkdlSldYc3h4VDY0cDhrdSt5WGdpR0pYQjN4V0VjeHZsQ1FWSVpTRDByMkNHcUxiSC9GYWhULy8yUT09Oh15b3VuZ2Jsb29kcyBqZXNzZSBjb2xpbiB5b3VuZ0oHIzQyNDI0MlJKZ3Nfc3NwPWVKemo0dExQMVRjd3pNcXBLSzh5WVBTU3Jjd3Z6VXRQeXNuUFR5bFd5R
2025-03-18 12:39:27 UTC	1281	IN	Data Raw: 4f 48 59 7a 64 33 6c 70 4d 54 64 6d 4f 45 74 46 52 57 74 4e 5a 46 46 53 4f 45 35 4d 53 6a 6c 45 56 30 4a 4e 59 33 4a 43 4e 58 70 31 56 32 68 58 54 45 46 4a 55 6e 70 42 53 6c 55 78 59 54 46 57 64 30 4a 76 54 32 78 72 52 6b 6c 69 4c 32 6f 78 54 57 4d 78 4e 6b 56 69 57 6e 64 70 4e 6d 68 42 5a 56 46 42 54 55 46 74 65 6a 49 35 5a 32 5a 31 54 58 64 43 51 55 70 4f 64 6a 6c 6e 62 6b 31 47 4d 48 64 49 5a 69 74 4b 65 46 68 6e 4b 31 6c 33 53 46 68 6b 5a 45 67 7a 63 56 55 7a 61 32 68 61 55 32 56 50 4d 56 4e 76 51 6c 42 6c 63 7a 6c 69 63 45 64 74 63 32 38 34 62 6b 74 4c 51 57 39 78 4e 31 4e 43 51 58 42 70 56 6c 5a 49 4e 7a 56 34 64 56 67 33 5a 48 4a 7a 63 58 46 34 52 45 39 6a 53 54 63 34 63 6b 5a 46 52 44 42 48 57 45 46 6d 59 6b 51 7a 53 54 5a 74 57 57 31 5a 56 31 51 Data Ascii: OHYzd3lpMTdmOEtFRWtNZFFSOE5MSjlEV0JNY3JCNXp1V2hXTEFJUnpBSlUxYTFWd0JvT2xrRkliL2oxTWMxNkViWndpNmhBZVFBTUFtejI5Z2Z1TXdCQUpOdjlnbk1GMHdIZitKeFhnK1l3SFhkZEgzcVUza2haU2VPMVNvQlBlczlicEdtc284bktLQW9xN1NCQXBpVlZINzV4dVg3ZHJzcXF4RE9jSTc4ckZFRDBHWEFmYkQzSTZtWW1ZV1Q
2025-03-18 12:39:27 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.7	49693	104.18.186.31	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:27 UTC	611	OUT	GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Sec-Fetch-Storage-Access: active Referer: https://artebor.pt/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-18 12:39:27 UTC	1094	IN	HTTP/1.1 200 OK Date: Tue, 18 Mar 2025 12:39:27 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 5.1.3 x-jsd-version-type: version etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0" Age: 17876 x-served-by: cache-fra-etou8220101-FRA, cache-lga21977-LGA x-cache: HIT, MISS vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 CF-Cache-Status: HIT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7%2BTUWgY1QtXr6MQJqqGOwDx2%2FN5Zl5RaLIHw9IlcndWBF1MAT3H8U8jhNcos99Hzk63DB1uhtmEPUEPLsdHCS3Bb%2Blp6fTIawk7XT3h8zdH91udhJ8FKW1xMfs40mXCHBE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9224cafea8514382-EWR
2025-03-18 12:39:27 UTC	275	IN	Data Raw: 37 62 32 35 0d 0a 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 35 2e 31 2e 33 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 31 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 31 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 69 6e 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 73 2d 62 6c 75 65 3a 23 30 64 Data Ascii: 7b25@charset "UTF-8";/! Bootstrap v5.1.3 (https://getbootstrap.com/) * Copyright 2011-2021 The Bootstrap Authors * Copyright 2011-2021 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */:root{--bs-blue:#0d
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 31 30 66 32 3b 2d 2d 62 73 2d 70 75 72 70 6c 65 3a 23 36 66 34 32 63 31 3b 2d 2d 62 73 2d 70 69 6e 6b 3a 23 64 36 33 33 38 34 3b 2d 2d 62 73 2d 72 65 64 3a 23 64 63 33 35 34 35 3b 2d 2d 62 73 2d 6f 72 61 6e 67 65 3a 23 66 64 37 65 31 34 3b 2d 2d 62 73 2d 79 65 6c 6c 6f 77 3a 23 66 66 63 31 30 37 3b 2d 2d 62 73 2d 67 72 65 65 6e 3a 23 31 39 38 37 35 34 3b 2d 2d 62 73 2d 74 65 61 6c 3a 23 32 30 63 39 39 37 3b 2d 2d 62 73 2d 63 79 61 6e 3a 23 30 64 63 61 66 30 3b 2d 2d 62 73 2d 77 68 69 74 65 3a 23 66 66 66 3b 2d 2d 62 73 2d 67 72 61 79 3a 23 36 63 37 35 37 64 3b 2d 2d 62 73 2d 67 72 61 79 2d 64 61 72 6b 3a 23 33 34 33 61 34 30 3b 2d 2d 62 73 2d 67 72 61 79 2d 31 30 30 3a 23 66 38 66 39 66 61 3b 2d 2d 62 73 2d 67 72 61 79 2d 32 30 30 3a 23 65 39 65 63 65 66 Data Ascii: 10f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 65 69 67 68 74 3a 34 30 30 3b 2d 2d 62 73 2d 62 6f 64 79 2d 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 3b 2d 2d 62 73 2d 62 6f 64 79 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 2d 2d 62 73 2d 62 6f 64 79 2d 62 67 3a 23 66 66 66 7d 2a 2c 3a 3a 61 66 74 65 72 2c 3a 3a 62 65 66 6f 72 65 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 3a 6e 6f 2d 70 72 65 66 65 72 65 6e 63 65 29 7b 3a 72 6f 6f 74 7b 73 63 72 6f 6c 6c 2d 62 65 68 61 76 69 6f 72 3a 73 6d 6f 6f 74 68 7d 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 2d 2d 62 73 2d 62 6f 64 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 29 3b 66 6f 6e 74 2d 73 69 Data Ascii: eight:400;--bs-body-line-height:1.5;--bs-body-color:#212529;--bs-body-bg:#fff}*,::after,::before{box-sizing:border-box}@media (prefers-reduced-motion:no-preference){:root{scroll-behavior:smooth}}body{margin:0;font-family:var(--bs-body-font-family);font-si
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 2d 69 6e 6b 3a 6e 6f 6e 65 7d 61 64 64 72 65 73 73 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 6f 6c 2c 75 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 72 65 6d 7d 64 6c 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 6f 6c 20 6f 6c 2c 6f 6c 20 75 6c 2c 75 6c 20 6f 6c 2c 75 6c 20 75 6c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 7d 64 74 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 64 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 62 6c 6f 63 6b 71 75 6f 74 65 7b 6d 61 72 67 69 6e 3a 30 Data Ascii: -ink:none}address{margin-bottom:1rem;font-style:normal;line-height:inherit}ol,ul{padding-left:2rem}dl,ol,ul{margin-top:0;margin-bottom:1rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}dt{font-weight:700}dd{margin-bottom:.5rem;margin-left:0}blockquote{margin:0
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 65 61 64 2c 74 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 7d 6c 61 62 65 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 30 7d 62 75 74 74 6f 6e 3a 66 6f 63 75 73 3a 6e 6f 74 28 3a 66 6f 63 75 73 2d 76 69 73 69 62 6c 65 29 7b 6f 75 74 6c 69 6e 65 3a 30 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 6f 70 74 67 72 6f 75 70 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 Data Ascii: ead,tr{border-color:inherit;border-style:solid;border-width:0}label{display:inline-block}button{border-radius:0}button:focus:not(:focus-visible){outline:0}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:inherit;line-height:inh
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 67 3a 30 7d 3a 3a 2d 77 65 62 6b 69 74 2d 66 69 6c 65 2d 75 70 6c 6f 61 64 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 3a 69 6e 68 65 72 69 74 7d 3a 3a 66 69 6c 65 2d 73 65 6c 65 63 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 3a 69 6e 68 65 72 69 74 7d 3a 3a 2d 77 65 62 6b 69 74 2d 66 69 6c 65 2d 75 70 6c 6f 61 64 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 3a 69 6e 68 65 72 69 74 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 62 75 74 74 6f 6e 7d 6f 75 74 70 75 74 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 69 66 72 61 6d 65 7b 62 6f 72 64 65 72 3a 30 7d 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 6c 69 73 74 2d 69 74 65 6d 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 70 72 6f 67 72 65 73 73 7b 76 65 72 74 69 63 61 6c 2d 61 6c Data Ascii: g:0}::-webkit-file-upload-button{font:inherit}::file-selector-button{font:inherit}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}output{display:inline-block}iframe{border:0}summary{display:list-item;cursor:pointer}progress{vertical-al
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 7d 2e 62 6c 6f 63 6b 71 75 6f 74 65 3e 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 7d 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 66 6f 6f 74 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 72 65 6d 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 37 35 65 6d 3b 63 6f 6c 6f 72 3a 23 36 63 37 35 37 64 7d 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 66 6f 6f 74 65 72 3a 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 e2 80 94 c2 a0 22 7d 2e 69 6d 67 2d 66 6c 75 69 64 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 7d 2e 69 6d 67 2d 74 68 75 6d 62 6e Data Ascii: margin-bottom:1rem;font-size:1.25rem}.blockquote>:last-child{margin-bottom:0}.blockquote-footer{margin-top:-1rem;margin-bottom:1rem;font-size:.875em;color:#6c757d}.blockquote-footer::before{content:""}.img-fluid{max-width:100%;height:auto}.img-thumbn
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 35 20 2a 20 76 61 72 28 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 29 29 7d 2e 72 6f 77 3e 2a 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 29 20 2a 20 2e 35 29 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 63 61 6c 63 28 76 61 72 28 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 29 20 2a 20 2e 35 29 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 76 61 72 28 2d 2d 62 73 2d 67 75 74 74 65 72 2d 79 29 7d 2e 63 6f 6c 7b 66 6c 65 78 3a 31 20 30 20 30 25 7d 2e 72 6f 77 2d 63 6f 6c 73 2d 61 75 74 6f 3e 2a 7b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 61 75 74 6f 7d 2e 72 6f 77 2d 63 6f 6c Data Ascii: 5 * var(--bs-gutter-x))}.row>{flex-shrink:0;width:100%;max-width:100%;padding-right:calc(var(--bs-gutter-x) .5);padding-left:calc(var(--bs-gutter-x) * .5);margin-top:var(--bs-gutter-y)}.col{flex:1 0 0%}.row-cols-auto>*{flex:0 0 auto;width:auto}.row-col
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 30 2c 2e 67 79 2d 30 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 79 3a 30 7d 2e 67 2d 31 2c 2e 67 78 2d 31 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 3a 30 2e 32 35 72 65 6d 7d 2e 67 2d 31 2c 2e 67 79 2d 31 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 79 3a 30 2e 32 35 72 65 6d 7d 2e 67 2d 32 2c 2e 67 78 2d 32 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 3a 30 2e 35 72 65 6d 7d 2e 67 2d 32 2c 2e 67 79 2d 32 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 79 3a 30 2e 35 72 65 6d 7d 2e 67 2d 33 2c 2e 67 78 2d 33 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 3a 31 72 65 6d 7d 2e 67 2d 33 2c 2e 67 79 2d 33 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 79 3a 31 72 65 6d 7d 2e 67 2d 34 2c 2e 67 78 2d 34 7b 2d 2d 62 73 2d 67 75 74 74 65 72 2d 78 3a 31 2e 35 72 65 6d 7d 2e 67 2d 34 2c 2e 67 79 2d Data Ascii: 0,.gy-0{--bs-gutter-y:0}.g-1,.gx-1{--bs-gutter-x:0.25rem}.g-1,.gy-1{--bs-gutter-y:0.25rem}.g-2,.gx-2{--bs-gutter-x:0.5rem}.g-2,.gy-2{--bs-gutter-y:0.5rem}.g-3,.gx-3{--bs-gutter-x:1rem}.g-3,.gy-3{--bs-gutter-y:1rem}.g-4,.gx-4{--bs-gutter-x:1.5rem}.g-4,.gy-
2025-03-18 12:39:27 UTC	1369	IN	Data Raw: 6c 65 66 74 3a 33 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 35 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 36 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 30 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 37 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 38 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a Data Ascii: left:33.33333333%}.offset-sm-5{margin-left:41.66666667%}.offset-sm-6{margin-left:50%}.offset-sm-7{margin-left:58.33333333%}.offset-sm-8{margin-left:66.66666667%}.offset-sm-9{margin-left:75%}.offset-sm-10{margin-left:83.33333333%}.offset-sm-11{margin-left:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.7	49691	194.65.141.203	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:29 UTC	660	OUT	GET /favicon.ico HTTP/1.1 Host: artebor.pt Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://artebor.pt/dgt/multas-y-sanciones/info.php Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
2025-03-18 12:39:29 UTC	404	IN	HTTP/1.1 302 Found Server: nginx Date: Tue, 18 Mar 2025 12:39:29 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.3.17 Link: <https://artebor.pt/wp-json/>; rel="https://api.w.org/" X-Redirect-By: WordPress Location: https://artebor.pt/wp-content/uploads/2021/03/cropped-wp-icon-32x32.png Alt-Svc: h3=":443"; ma=86400 X-Cache-Status: BYPASS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.7	49701	194.65.141.203	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:30 UTC	701	OUT	GET /wp-content/uploads/2021/03/cropped-wp-icon-32x32.png HTTP/1.1 Host: artebor.pt Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://artebor.pt/dgt/multas-y-sanciones/info.php Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
2025-03-18 12:39:30 UTC	308	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Mar 2025 12:39:30 GMT Content-Type: image/png Content-Length: 897 Connection: close X-Accel-Version: 0.01 Last-Modified: Tue, 16 Mar 2021 11:45:34 GMT ETag: "381-5bda5e774d380" Alt-Svc: h3=":443"; ma=86400 X-Cache-Status: BYPASS Accept-Ranges: bytes
2025-03-18 12:39:30 UTC	897	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 01 b0 50 4c 54 45 ff ff ff f8 b2 b5 fe f8 f8 ed 20 28 f8 a9 ac fe fd fd ef 3b 42 ff ff ff ff ff ff ff ff ff fe f5 f6 fe f9 f9 ed 1e 26 fe fe fe ed 1c 24 ef 34 3b fe fb fb f8 af b2 f1 54 5a fd ed ee fa c4 c6 ee 2b 32 fe fc fc f4 76 7b ed 26 2d f3 6a 6f f3 6e 73 f1 57 5d ef 39 40 ef 36 3d f2 5c 62 ed 25 2d ee 2e 35 f4 78 7d fe f7 f8 fd f0 f1 f4 77 7c fe f7 f7 f9 b7 ba ee 2a 32 ed 21 29 fc e4 e5 f8 ae b1 ed 23 2b fe f3 f3 f2 65 6a ed 28 30 f7 a5 a8 ee 31 38 f9 b7 b9 fc e5 e6 fa ca cc f9 bb be f6 98 9c f8 b1 b3 f3 6b 70 f9 bc bf fe f4 f4 fe fa fb f8 ad b0 fa c3 c5 f2 5b 61 f8 a6 aa f2 66 6c fe Data Ascii: PNGIHDR DpHYs+PLTE (;B&$4;TZ+2v{&-jonsW]9@6=\b%-.5x}w\|*2!)#+ej(018kp[afl

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.7	49702	194.65.141.203	443	5456	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-03-18 12:39:31 UTC	472	OUT	GET /wp-content/uploads/2021/03/cropped-wp-icon-32x32.png HTTP/1.1 Host: artebor.pt Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=3rc6of7i3oejmtbbf3lu6jog0k
2025-03-18 12:39:32 UTC	308	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Mar 2025 12:39:31 GMT Content-Type: image/png Content-Length: 897 Connection: close X-Accel-Version: 0.01 Last-Modified: Tue, 16 Mar 2021 11:45:34 GMT ETag: "381-5bda5e774d380" Alt-Svc: h3=":443"; ma=86400 X-Cache-Status: BYPASS Accept-Ranges: bytes
2025-03-18 12:39:32 UTC	897	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 03 00 00 00 44 a4 8a c6 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 01 b0 50 4c 54 45 ff ff ff f8 b2 b5 fe f8 f8 ed 20 28 f8 a9 ac fe fd fd ef 3b 42 ff ff ff ff ff ff ff ff ff fe f5 f6 fe f9 f9 ed 1e 26 fe fe fe ed 1c 24 ef 34 3b fe fb fb f8 af b2 f1 54 5a fd ed ee fa c4 c6 ee 2b 32 fe fc fc f4 76 7b ed 26 2d f3 6a 6f f3 6e 73 f1 57 5d ef 39 40 ef 36 3d f2 5c 62 ed 25 2d ee 2e 35 f4 78 7d fe f7 f8 fd f0 f1 f4 77 7c fe f7 f7 f9 b7 ba ee 2a 32 ed 21 29 fc e4 e5 f8 ae b1 ed 23 2b fe f3 f3 f2 65 6a ed 28 30 f7 a5 a8 ee 31 38 f9 b7 b9 fc e5 e6 fa ca cc f9 bb be f6 98 9c f8 b1 b3 f3 6b 70 f9 bc bf fe f4 f4 fe fa fb f8 ad b0 fa c3 c5 f2 5b 61 f8 a6 aa f2 66 6c fe Data Ascii: PNGIHDR DpHYs+PLTE (;B&$4;TZ+2v{&-jonsW]9@6=\b%-.5x}w\|*2!)#+ej(018kp[afl

Statistics

CPU Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

Memory Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

Behavior

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2132, Parent PID: 4404

General

Target ID:	0
Start time:	08:39:17
Start date:	18/03/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff778810000
File size:	3'388'000 bytes
MD5 hash:	E81F54E6C1129887AEA47E7D092680BF
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Registry Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

COM Activities

WMI Operations

Show Windows behavior

Process Activities

Process Created

Process Terminated

Show Windows behavior

Thread Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

Timing Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Windows UI Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Process Token Activities

Token Adjusted

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5456, Parent PID: 2132

General

Target ID:	1
Start time:	08:39:18
Start date:	18/03/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,3025469587033658370,2220224559297891039,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2096 /prefetch:3
Imagebase:	0x7ff778810000
File size:	3'388'000 bytes
MD5 hash:	E81F54E6C1129887AEA47E7D092680BF
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Thread Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

Timing Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6316, Parent PID: 4404

General

Target ID:	4
Start time:	08:39:24
Start date:	18/03/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://artebor.pt/dgt/multas-y-sanciones/info.php"
Imagebase:	0x7ff778810000
File size:	3'388'000 bytes
MD5 hash:	E81F54E6C1129887AEA47E7D092680BF
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

File Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Process Activities

There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly