Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://metamaskelogines.webflow.io/

Overview

General Information

Sample URL:http://metamaskelogines.webflow.io/
Analysis ID:1642668
Infos:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish64
AI detected suspicious URL
Creates files inside the system directory
Deletes files inside the Windows folder

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6236 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2024 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 7408 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5100 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 7608 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamaskelogines.webflow.io/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
0.0.pages.csvJoeSecurity_HtmlPhish_64Yara detected HtmlPhish_64Joe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    • AV Detection
    • Phishing
    • Compliance
    • Networking
    • System Summary

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Source: http://metamaskelogines.webflow.io/Avira URL Cloud: detection malicious, Label: phishing

    Phishing

    barindex
    Source: Yara matchFile source: 0.0.pages.csv, type: HTML
    Source: http://metamaskelogines.webflow.ioJoe Sandbox AI: The URL 'metamaskelogines.webflow.io' appears to be a typosquatting attempt targeting the known brand MetaMask. The legitimate URL for MetaMask is 'https://metamask.io'. The analyzed URL uses the subdomain 'metamaskelogines', which closely resembles 'metamask'. The addition of 'elogines' could be an attempt to mimic a login page, which is a common tactic in phishing attacks. The use of 'webflow.io' as the domain extension is not directly related to MetaMask and could be used to host deceptive content. The structural similarity and the context of the subdomain suggest a high likelihood of user confusion, especially if users are not paying close attention to the URL structure.
    Source: https://metamaskelogines.webflow.ioJoe Sandbox AI: The URL 'metamaskelogines.webflow.io' appears to be attempting to spoof the legitimate MetaMask brand. The legitimate URL for MetaMask is 'metamask.io'. The analyzed URL includes 'metamask' as part of its subdomain, which is a direct reference to the brand. The addition of 'elogines' is a structural change that could confuse users into thinking it is related to login services for MetaMask. The use of 'webflow.io' as the domain extension is a legitimate platform for hosting websites, but in this context, it does not provide a clear, unrelated purpose that would justify the use of 'metamask' in the subdomain. The similarity score is high due to the inclusion of the brand name and the structural addition that suggests a login-related service, which is a common target for phishing attempts. The likelihood of this being a typosquatting attempt is also high, given the potential for user confusion and the lack of a legitimate, unrelated context for the use of the MetaMask brand name.
    Source: unknownHTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.5:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.5:49718 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.5:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.5:49720 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 52.222.232.47:443 -> 192.168.2.5:49721 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.5:49729 version: TLS 1.2
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 95.101.54.113
    Source: unknownTCP traffic detected without corresponding DNS query: 95.101.54.113
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 95.101.54.113
    Source: unknownTCP traffic detected without corresponding DNS query: 95.101.54.113
    Source: unknownTCP traffic detected without corresponding DNS query: 104.126.37.177
    Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: metamaskelogines.webflow.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.css HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://metamaskelogines.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /64d5c1800faad7036642a10a/js/webflow.24a563ff7.js HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://metamaskelogines.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10a HTTP/1.1Host: d3e54v103j8qbb.cloudfront.netConnection: keep-aliveOrigin: https://metamaskelogines.webflow.iosec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://metamaskelogines.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://metamaskelogines.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-banner.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://metamaskelogines.webflow.io/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.png HTTP/1.1Host: cdn.prod.website-files.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCLHezgEI0uDOAQiv5M4BCOLkzgEIhOXOAQiL5c4BSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: global trafficDNS traffic detected: DNS query: metamaskelogines.webflow.io
    Source: global trafficDNS traffic detected: DNS query: cdn.prod.website-files.com
    Source: global trafficDNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
    Source: chromecache_97.5.drString found in binary or memory: http://underscorejs.org
    Source: chromecache_96.5.drString found in binary or memory: https://ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581f
    Source: chromecache_96.5.drString found in binary or memory: https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-
    Source: chromecache_96.5.drString found in binary or memory: https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favico
    Source: chromecache_96.5.drString found in binary or memory: https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.c
    Source: chromecache_96.5.drString found in binary or memory: https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/js/webflow.24a563ff7.js
    Source: chromecache_96.5.drString found in binary or memory: https://cdn.prod.website-files.com/img/webclip.png
    Source: chromecache_96.5.drString found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10
    Source: chromecache_97.5.drString found in binary or memory: https://github.com/bkwld/tram
    Source: chromecache_96.5.drString found in binary or memory: https://webflow.com
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49690 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownHTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.5:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.151.8:443 -> 192.168.2.5:49718 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.5:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.161.117:443 -> 192.168.2.5:49720 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 52.222.232.47:443 -> 192.168.2.5:49721 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.18.160.117:443 -> 192.168.2.5:49729 version: TLS 1.2
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6236_586437122Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6236_586437122Jump to behavior
    Source: classification engineClassification label: mal60.phis.win@24/15@12/7
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2024 /prefetch:3
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5100 /prefetch:8
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamaskelogines.webflow.io/"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2024 /prefetch:3Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5100 /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
    Browser Extensions    		1
    Process Injection    		1
    Masquerading    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
    Process Injection    		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
    Non-Application Layer Protocol    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
    File Deletion    		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
    Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
    Ingress Tool Transfer    		Traffic DuplicationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 signatures2 2 Behavior Graph ID: 1642668 URL: http://metamaskelogines.web... Startdate: 19/03/2025 Architecture: WINDOWS Score: 60 26 Antivirus / Scanner detection for submitted sample 2->26 28 Yara detected HtmlPhish64 2->28 30 AI detected suspicious URL 2->30 6 chrome.exe 2 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 16 192.168.2.4 unknown unknown 6->16 18 192.168.2.5, 138, 443, 49346 unknown unknown 6->18 11 chrome.exe 6->11         started        14 chrome.exe 6->14         started        process5 dnsIp6 20 www.google.com 142.250.186.164, 443, 49717, 49740 GOOGLEUS United States 11->20 22 104.18.160.117, 443, 49729 CLOUDFLARENETUS United States 11->22 24 3 other IPs or domains 11->24

    Screenshots

    Download Video

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    http://metamaskelogines.webflow.io/100%Avira URL Cloudphishing

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10a0%Avira URL Cloudsafe
    https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a100%Avira URL Cloudsafe

    Domains and IPs

    Download Network PCAP: filteredfull

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    d3e54v103j8qbb.cloudfront.net
    		52.222.232.47
    		truefalse
      		high
      metamaskelogines.webflow.io
      		172.64.151.8
      		truefalse
        		high
        cdn.prod.website-files.com
        		104.18.161.117
        		truefalse
          		high
          www.google.com
          		142.250.186.164
          		truefalse
            		high

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10afalse
            • Avira URL Cloud: safe
            		unknown
            https://metamaskelogines.webflow.io/true
              		unknown
              https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.cssfalse
                		high
                https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-banner.pngfalse
                  		high
                  https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.pngfalse
                    		high
                    https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/js/webflow.24a563ff7.jsfalse
                      		high
                      https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                        		high
                        NameSourceMaliciousAntivirus DetectionReputation
                        https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10chromecache_96.5.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://underscorejs.orgchromecache_97.5.drfalse
                          		high
                          https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-chromecache_96.5.drfalse
                            		high
                            https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicochromecache_96.5.drfalse
                              		high
                              https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.cchromecache_96.5.drfalse
                                		high
                                https://cdn.prod.website-files.com/img/webclip.pngchromecache_96.5.drfalse
                                  		high
                                  https://github.com/bkwld/tramchromecache_97.5.drfalse
                                    		high
                                    https://ameddingpersusan.com/3418ba94-35fb-478e-8775-4bf99813581fchromecache_96.5.drfalse
                                      		high
                                      https://webflow.comchromecache_96.5.drfalse
                                        		high

                                        World Map of Contacted IPs

                                        • No. of IPs < 25%
                                        • 25% < No. of IPs < 50%
                                        • 50% < No. of IPs < 75%
                                        • 75% < No. of IPs

                                        Public IPs

                                        IPDomainCountryFlagASNASN NameMalicious
                                        104.18.160.117
                                        		unknownUnited States
                                        		13335CLOUDFLARENETUSfalse
                                        104.18.161.117
                                        		cdn.prod.website-files.comUnited States
                                        		13335CLOUDFLARENETUSfalse
                                        142.250.186.164
                                        		www.google.comUnited States
                                        		15169GOOGLEUSfalse
                                        172.64.151.8
                                        		metamaskelogines.webflow.ioUnited States
                                        		13335CLOUDFLARENETUSfalse
                                        52.222.232.47
                                        		d3e54v103j8qbb.cloudfront.netUnited States
                                        		16509AMAZON-02USfalse

                                        Private

                                        IP
                                        192.168.2.4
                                        192.168.2.5

                                        General Information

                                        Joe Sandbox version:42.0.0 Malachite
                                        Analysis ID:1642668
                                        Start date and time:2025-03-19 10:01:57 +01:00
                                        Joe Sandbox product:CloudBasic
                                        Overall analysis duration:0h 3m 10s
                                        Hypervisor based Inspection enabled:false
                                        Report type:full
                                        Cookbook file name:browseurl.jbs
                                        Sample URL:http://metamaskelogines.webflow.io/
                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                        Number of analysed new started processes analysed:18
                                        Number of new started drivers analysed:0
                                        Number of existing processes analysed:0
                                        Number of existing drivers analysed:0
                                        Number of injected processes analysed:0
                                        Technologies:
                                        • HCA enabled
                                        • EGA enabled
                                        • AMSI enabled
                                        Analysis Mode:default
                                        Analysis stop reason:Timeout
                                        Detection:MAL
                                        Classification:mal60.phis.win@24/15@12/7
                                        EGA Information:Failed
                                        HCA Information:
                                        • Successful, ratio: 100%
                                        • Number of executed functions: 0
                                        • Number of non-executed functions: 0
                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                        • Excluded IPs from analysis (whitelisted): 23.60.203.209, 142.250.181.238, 142.250.185.195, 142.250.185.238, 142.250.110.84, 142.250.185.206, 142.250.184.206, 142.250.185.110, 142.250.184.238, 142.250.185.67, 34.104.35.123, 172.217.18.110, 142.250.185.131, 4.175.87.197, 20.223.35.26, 150.171.27.10
                                        • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, g.bing.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, e16604.dscf.akamaiedge.net, arc.msn.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, redirector.gvt1.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net
                                        • Not all processes where analyzed, report is missing behavior information
                                        • Report size getting too big, too many NtOpenFile calls found.
                                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                        • VT rate limit hit for: http://metamaskelogines.webflow.io/

                                        Simulations

                                        Behavior and APIs

                                        No simulations

                                        Joe Sandbox View / Context

                                        IPs

                                        No context

                                        Domains

                                        No context

                                        ASNs

                                        No context

                                        JA3 Fingerprints

                                        No context

                                        Dropped Files

                                        No context

                                        Created / dropped Files

                                        Chrome Cache Entry: 92

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:PNG image data, 1409 x 721, 8-bit/color RGB, non-interlaced
                                        Category:downloaded
                                        Size (bytes):166259
                                        Entropy (8bit):7.936011444244709
                                        Encrypted:false
                                        SSDEEP:3072:1DPXf5DXRetsFvbuC8VMevhzdtTQLSypAjELqskvG//HfK6IfjYZyYzqKzXZu3SH:1VD2sJj8qevhJt8myXLqskYI7FGySH
                                        MD5:136DDCEF7791AE25E25B4B462F76F661
                                        SHA1:471ED518967C4EA50E611F076AD9C823464BF563
                                        SHA-256:61CB7AA1FD15DF767716B4ACAF6D2DED17DDB8AD45D11358774E770CAC64DBE2
                                        SHA-512:5A1AFB9041A9489C0FBD26470C86A3394EC2E175309A6241F5D2CD40A33FC9E09AE780F15DFC66BE2206D348AFB55949BC848D13B26CD60743A6A8891C62A07C
                                        Malicious:false
                                        Reputation:low
                                        URL:https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-banner.png
                                        Preview:.PNG........IHDR.....................sRGB.........gAMA......a.....pHYs..........o.d....IDATx^...xU........=...t.....I.@HBB.JB ...z....ME...9z....z..X. b?*..(J..A.HO..9.Xk.v...M....NW.k..\....c............................`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A......... .@..........@0............`...........................4............h............. ............A. Q..m...J.S..mU*.2..........4..$.jU..P{ijH.....<. ....5.....[K6..........@..A.M.*.q.fv..|v.u....4..5.U.[.r|.j...:..].Bf....Q.*b!...............o..z~\-.!V...'/...d.....Q...h.Z.E..3........^..6K....Z.jC.....@..u.K...9.......3....`..X.-...`7.....!.$...,..F.....u.W..&K.ls.j.46.p~...G...=$.A5.&..@.:Ur..|b@..S"..n....3Bgvv}.YJ.jR.........Z.....5.}.G..j.V........T`.A.`..1.6.s.g...qF...H2Zx)7lzB.V.Z....T....^.[.........w..8?...........RH....N...+..v..v..TH.A.r.J......

                                        Chrome Cache Entry: 93

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (65451)
                                        Category:downloaded
                                        Size (bytes):81369
                                        Entropy (8bit):5.291887605773591
                                        Encrypted:false
                                        SSDEEP:1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0Q/:AYh8eip3huuf6Iidl2
                                        MD5:37A252F53522A0993CE5A0C1A0A79DE1
                                        SHA1:BA57881A444FA0A98D477CE65C3B1B41845520AF
                                        SHA-256:EE8C8EE6BBB69AE67388DEECFC7C43DEF7380B84A41C3036890A84B6BFEC27EC
                                        SHA-512:A4808423220C3B964B7ECD1C60A9052BAF56CE51C8158CF5933ECEBB75C70123A69F50C6A16FFAB2DF60A333901148708DD1D67252C1610A244CF190E09448BD
                                        Malicious:false
                                        Reputation:low
                                        URL:https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10a
                                        Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o

                                        Chrome Cache Entry: 94

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                        Category:downloaded
                                        Size (bytes):2410
                                        Entropy (8bit):7.830307272635411
                                        Encrypted:false
                                        SSDEEP:48:0+TPDEZTEbAWtWgfQhNdRnQ9qJ5RV1jPvcMqP6ZupFnjQtF8HU2EA:XTrEZIkaWnndROqxcH3rUtfW
                                        MD5:F9A6101A118B399A490852F753D2BB95
                                        SHA1:EDFA1F57769C971B1DBD3EBE1CFE252EFCA88EC8
                                        SHA-256:4700D87815FC89E9164D4D3E6AA6D81554AA165FF154CC963BBF7B3391E3A1C6
                                        SHA-512:B58C323D069519EB65CEF6314741F71A365FE01F71A955E52876E5E5AEFB72F983637DC136A0466BDA09B8547B6B48128D4CAF1165D38069CA545350C3CA3A0E
                                        Malicious:false
                                        Reputation:low
                                        URL:https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.png
                                        Preview:.PNG........IHDR... ... .....szz.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........+......tIME.....7........5IDATX..{.U....{.s.3w..g.fd. 0J.Z..8*-Qc4>.4..&mj.ii.6......jI...}..X.E.B..R...88......s.....w^.hR..&..Mn..k..|......K}.ED....)...<.~-....G+.x..6r....w.{|.;!...^............_>r..9.].K.. ..`w`QW .T3.."D.....E.<..0..b2.U.;...pdi0.\..6U{A...[.v}U..--Q.^....V....*v..{g.am..Rw.Ob.>)+...x.a...O..$..Q........x.]...2..M.v..g.#w?.,.s.K.6.s#...6Z;.......4...sU...9../..{..z.....A.@.`..,......t{4..be..@n.....<a.XV. _?..+.L.yk.<.r/..)..:v..y5_p\.A)..*^..wi.t/..v.m.[...:..r.6.M...7.6...+BhG+..^..s}{{..e....O.....F.......k~.....[.}.....)z....o."...........N+V.;Uu!V.\f..`...1....0.^Z...i.|l...P.\...-...;7G.......v.{.oM!.9..7. J..1a.Q..`....]..*.......c........\D.+.......+f.........@.lWk..9..g.;`H...+ ......}.xn.[..S.R.#k/....]?..._..."...........A.+.x.I..l....A.g._....4....o.....J.....FC....U....s.u.T..;.:.5...L.$...5.

                                        Chrome Cache Entry: 95

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                        Category:dropped
                                        Size (bytes):2410
                                        Entropy (8bit):7.830307272635411
                                        Encrypted:false
                                        SSDEEP:48:0+TPDEZTEbAWtWgfQhNdRnQ9qJ5RV1jPvcMqP6ZupFnjQtF8HU2EA:XTrEZIkaWnndROqxcH3rUtfW
                                        MD5:F9A6101A118B399A490852F753D2BB95
                                        SHA1:EDFA1F57769C971B1DBD3EBE1CFE252EFCA88EC8
                                        SHA-256:4700D87815FC89E9164D4D3E6AA6D81554AA165FF154CC963BBF7B3391E3A1C6
                                        SHA-512:B58C323D069519EB65CEF6314741F71A365FE01F71A955E52876E5E5AEFB72F983637DC136A0466BDA09B8547B6B48128D4CAF1165D38069CA545350C3CA3A0E
                                        Malicious:false
                                        Reputation:low
                                        Preview:.PNG........IHDR... ... .....szz.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........+......tIME.....7........5IDATX..{.U....{.s.3w..g.fd. 0J.Z..8*-Qc4>.4..&mj.ii.6......jI...}..X.E.B..R...88......s.....w^.hR..&..Mn..k..|......K}.ED....)...<.~-....G+.x..6r....w.{|.;!...^............_>r..9.].K.. ..`w`QW .T3.."D.....E.<..0..b2.U.;...pdi0.\..6U{A...[.v}U..--Q.^....V....*v..{g.am..Rw.Ob.>)+...x.a...O..$..Q........x.]...2..M.v..g.#w?.,.s.K.6.s#...6Z;.......4...sU...9../..{..z.....A.@.`..,......t{4..be..@n.....<a.XV. _?..+.L.yk.<.r/..)..:v..y5_p\.A)..*^..wi.t/..v.m.[...:..r.6.M...7.6...+BhG+..^..s}{{..e....O.....F.......k~.....[.}.....)z....o."...........N+V.;Uu!V.\f..`...1....0.^Z...i.|l...P.\...-...;7G.......v.{.oM!.9..7. J..1a.Q..`....]..*.......c........\D.+.......+f.........@.lWk..9..g.;`H...+ ......}.xn.[..S.R.#k/....]?..._..."...........A.+.x.I..l....A.g._....4....o.....J.....FC....U....s.u.T..;.:.5...L.$...5.

                                        Chrome Cache Entry: 96

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:HTML document, ASCII text, with very long lines (2612), with no line terminators
                                        Category:downloaded
                                        Size (bytes):2612
                                        Entropy (8bit):5.368804519093411
                                        Encrypted:false
                                        SSDEEP:48:Y2Iy1kLUaU6lla7Xzb5LgnC4iGba2otb+XiWmcEn2vzStSM1ndn/pzd8:NIy+UGfa7jb5LTtbZpn2vzStS6d/td8
                                        MD5:8CBA3E2FCE6D4E11CD87E8D8E2577578
                                        SHA1:95DD31F76D8EAF892F7EB12FCB9ED0929E708613
                                        SHA-256:BFEA479A3712A6D64877E1A871419191457FC60E491CE947306A5CEE13A33A8C
                                        SHA-512:E935CD645C5A117D0FE2E108DC2960CFD4DA42785FD6420D7DB9EE79AB5A13B6DCABDBAD7EA6036331F59DF52E16B15997DAA74447B1BE0D1BD1FD9898F3D12C
                                        Malicious:false
                                        Reputation:low
                                        URL:https://metamaskelogines.webflow.io/
                                        Preview:<!DOCTYPE html> This site was created in Webflow. https://webflow.com --> Last Published: Fri Aug 11 2023 05:15:32 GMT+0000 (Coordinated Universal Time) --><html data-wf-domain="metamaskelogines.webflow.io" data-wf-page="64d5c1800faad7036642a119" data-wf-site="64d5c1800faad7036642a10a"><head><meta charset="utf-8"/><title>MetaMask|&quot;Securely Log in Your Gateway to Decentralized Finance&quot;</title><meta content="&quot;Log in to MetaMask, the leading Ethereum wallet and gateway to decentralized finance (DeFi), with enhanced security and ease. Manage your digital assets, interact with dApps, and explore the world of decentralized applications with MetaMask.&quot;" name="description"/><meta content="width=device-width, initial-scale=1" name="viewport"/><meta content="Webflow" name="generator"/><link href="https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.css" rel="stylesheet" type="text/css"/><script type="text/javascript">!func

                                        Chrome Cache Entry: 97

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (21487)
                                        Category:downloaded
                                        Size (bytes):37393
                                        Entropy (8bit):5.445369188716833
                                        Encrypted:false
                                        SSDEEP:768:55p9L796k8g5gTT3dflN5GJrU8Nkl5RpN5wEWZpuOusJHA:55p9L796lg5s5cCl5R5
                                        MD5:24A563FF7F33A526F1C5D98A4724B161
                                        SHA1:0A17FF5052DB690E6B85B142CAF2A2B8A1209BE3
                                        SHA-256:42EBE676344CE06CD4DF40F82E6CE5D899BDE9A89691EF37E8F732CABB70E1DA
                                        SHA-512:32484047F3A150B4FB6681B9C41569207783713C1D0791D2F68BC975B01AE70F06E276F3AC194CE16A44C21E339F38DF500E9677A087C7FDB64F0B1AC0F63DD7
                                        Malicious:false
                                        Reputation:low
                                        URL:https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/js/webflow.24a563ff7.js
                                        Preview:./*!. * Webflow: Front-end site library. * @license MIT. * Inline scripts may access the api using an async handler:. * var Webflow = Webflow || [];. * Webflow.push(readyFunction);. */..(()=>{var lt=(e,y)=>()=>(y||e((y={exports:{}}).exports,y),y.exports);var Pt=lt(()=>{window.tram=function(e){function y(t,n){var i=new J.Bare;return i.init(t,n)}function l(t){return t.replace(/[A-Z]/g,function(n){return"-"+n.toLowerCase()})}function A(t){var n=parseInt(t.slice(1),16),i=n>>16&255,r=n>>8&255,s=255&n;return[i,r,s]}function C(t,n,i){return"#"+(1<<24|t<<16|n<<8|i).toString(16).slice(1)}function g(){}function L(t,n){B("Type warning: Expected: ["+t+"] Got: ["+typeof n+"] "+n)}function _(t,n,i){B("Units do not match ["+t+"]: "+n+", "+i)}function R(t,n,i){if(n!==void 0&&(i=n),t===void 0)return i;var r=i;return we.test(t)||!Xt.test(t)?r=parseInt(t,10):Xt.test(t)&&(r=1e3*parseFloat(t)),0>r&&(r=0),r===r?r:i}function B(t){et.debug&&window&&window.console.warn(t)}function U(t){for(var n=-1,i=t?t.l

                                        Chrome Cache Entry: 98

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Unicode text, UTF-8 text, with very long lines (2587)
                                        Category:downloaded
                                        Size (bytes):37178
                                        Entropy (8bit):5.233392678257781
                                        Encrypted:false
                                        SSDEEP:768:oSh7f7A1ReqMrFyF54mkxWaIi1aUuF9ZlNF+FJFGFI9fmV/3P0mq1izJVmI:oSe1Req44UYcDoT/fC1q
                                        MD5:66A951CA5B058D80438F557E5B055A21
                                        SHA1:98B78E0340EAAD9FA184E8776D1BBB2393D4AADD
                                        SHA-256:85A78AE27FC4DAD59836C2D3A2F38FAF48F33B990875DD018239AE86BB326939
                                        SHA-512:885BBD469AEF736FD043F8E43B46767223EE842C4ADD53DF672EC8FE7B7A4B63858E404EA4F7C0DC67C498424E5F34E3B65B021E2921C496B244CEDE90BAED3D
                                        Malicious:false
                                        Reputation:low
                                        URL:https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.css
                                        Preview:html {. -ms-text-size-adjust: 100%;. -webkit-text-size-adjust: 100%;. font-family: sans-serif;.}..body {. margin: 0;.}..article, aside, details, figcaption, figure, footer, header, hgroup, main, menu, nav, section, summary {. display: block;.}..audio, canvas, progress, video {. vertical-align: baseline;. display: inline-block;.}..audio:not([controls]) {. height: 0;. display: none;.}..[hidden], template {. display: none;.}..a {. background-color: rgba(0, 0, 0, 0);.}..a:active, a:hover {. outline: 0;.}..abbr[title] {. border-bottom: 1px dotted;.}..b, strong {. font-weight: bold;.}..dfn {. font-style: italic;.}..h1 {. margin: .67em 0;. font-size: 2em;.}..mark {. color: #000;. background: #ff0;.}..small {. font-size: 80%;.}..sub, sup {. vertical-align: baseline;. font-size: 75%;. line-height: 0;. position: relative;.}..sup {. top: -.5em;.}..sub {. bottom: -.25em;.}..img {. border: 0;.}..svg:not(:root) {. overflow: hidden;.}..figure {. margin: 1em 40px;.}..hr {.

                                        Chrome Cache Entry: 99

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Unicode text, UTF-8 text, with very long lines (3605)
                                        Category:downloaded
                                        Size (bytes):3611
                                        Entropy (8bit):5.840116679898111
                                        Encrypted:false
                                        SSDEEP:96:QLolRsIN6666VM+JcrVBFs0ME7YHH0CAd9h1kfffffo:QyR9N6666VJkBeg7YH4d9h1
                                        MD5:9DFA2677B78B862DE74545123234C8C4
                                        SHA1:67DA84BE07BABF5F11B3FF75CC64AEEEC03B6224
                                        SHA-256:64EEC5E2EC8574A6EA107C72D7043271938603F881CBCB7F2271D61C25DED5D2
                                        SHA-512:180303DD2294A721993B373707F226F69E8B2024D39399DA35181FAFA71242E013D050FBC9EE7A1455588AD8F47C71C39E474E8A44E1876E63E4060180A0D1C5
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE
                                        Preview:)]}'.["",["konny reimanns","alte puppenfabrik nossen","k.lner haie fischtown pinguins","ps plus spiele","xrp sec","creed shadows test","goldpreis news","erdgasspeicher"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"CiAIkk4SGwoXVHJlbmRzIGJlaSBTdWNoYW5mcmFnZW4oCg\u003d\u003d","google:suggestdetail":[{"google:entityinfo":"CgwvZy8xMmJmZzZkbjASMERldXRzY2hlciBVbnRlcm5laG1lciB1bmQgRmVybnNlaHBlcnPDtm5saWNoa2VpdDL/DmRhdGE6aW1hZ2UvanBlZztiYXNlNjQsLzlqLzRBQVFTa1pKUmdBQkFRQUFBUUFCQUFELzJ3Q0VBQWtHQndnSEJna0lCd2dLQ2drTERSWVBEUXdNRFJzVUZSQVdJQjBpSWlBZEh4OGtLRFFzSkNZeEp4OGZMVDB0TVRVM09qbzZJeXMvUkQ4NFF6UTVPamNCQ2dvS0RRd05HZzhQR2pjbEh5VTNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTi8vQUFCRUlBRUFBUUFNQklnQUNFUUVERVFIL3hBQWJBQUFDQWdNQkFBQUFBQUFBQUFBQUFBQUdCd1FGQWdNSUFmL0VBRGtRQUFJQkFnUURCQWNFQ3dBQUFBQUFBQUVDQXdRUkFBVVNJUVl4UVJOUllZRUhJakp4a2FHeEZGSml3UlVqSlVKRFpIS2l3dEx3LzhRQUZ3RUFBd0VBQUFBQUFBQUFBQUFBQUFBQUFnTU

                                        Static File Info

                                        No static file info

                                        Network Behavior

                                        Download Network PCAP: filteredfull

                                        Network Port Distribution

                                        • Total Packets: 192
                                        • 443 (HTTPS)
                                        • 80 (HTTP)
                                        • 53 (DNS)
                                        TimestampSource PortDest PortSource IPDest IP
                                        Mar 19, 2025 10:02:42.786556005 CET49672443192.168.2.5204.79.197.203
                                        Mar 19, 2025 10:02:46.676542997 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:46.989453077 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:47.598850012 CET49672443192.168.2.5204.79.197.203
                                        Mar 19, 2025 10:02:47.614458084 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:48.817603111 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:51.223858118 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:56.098989010 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:02:57.208900928 CET49672443192.168.2.5204.79.197.203
                                        Mar 19, 2025 10:02:58.436356068 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:58.436398029 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:02:58.436644077 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:58.436846972 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:58.436861992 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:02:58.475790024 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:02:58.475900888 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:58.477164984 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:58.477508068 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:02:58.520889044 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:02:59.870157003 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.870207071 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:02:59.870472908 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.870472908 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.870507002 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:02:59.906090975 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:02:59.906506062 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.908107042 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.908437014 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:02:59.909044027 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:02:59.956345081 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:03:00.009049892 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:03:00.009083986 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:03:00.009176970 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:03:00.009318113 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:03:00.009641886 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:03:00.010816097 CET49718443192.168.2.5172.64.151.8
                                        Mar 19, 2025 10:03:00.010839939 CET44349718172.64.151.8192.168.2.5
                                        Mar 19, 2025 10:03:00.060453892 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.060523033 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.060652971 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.060749054 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.060796976 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.061156988 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.061177969 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.061209917 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.061657906 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.061669111 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.061703920 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.061739922 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.061886072 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.061886072 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.061912060 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.089334011 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.089886904 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.089939117 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.089957952 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.095428944 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.097268105 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.103245020 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.103559971 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.105581045 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.105588913 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.105921984 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.106985092 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.107404947 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.107516050 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.108046055 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.118892908 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.118944883 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.118987083 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.119082928 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.119107008 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.119117975 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.119296074 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.123243093 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.123317957 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.123357058 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.123373032 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.123934031 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.124608994 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.125061035 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.125117064 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.125170946 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.125180006 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.125190973 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.125327110 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.127023935 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.127078056 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.127175093 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.127186060 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.127208948 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.127454996 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.127959013 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.127983093 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.128073931 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.128160000 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.128504038 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.134017944 CET49721443192.168.2.552.222.232.47
                                        Mar 19, 2025 10:03:00.134037971 CET4434972152.222.232.47192.168.2.5
                                        Mar 19, 2025 10:03:00.151722908 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.151809931 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.151839972 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.151874065 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.151911020 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.151946068 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.151983976 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.152018070 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.152020931 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.152041912 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.152057886 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.152067900 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.152328968 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.152868032 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.152952909 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.152971029 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156395912 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156419992 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156439066 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156502008 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.156502008 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.156526089 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156877041 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156907082 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156934977 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156955957 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.156959057 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156971931 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.156985998 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.157030106 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.157628059 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.157664061 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.157685995 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.157704115 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.157727003 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.157738924 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.157768011 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.158514023 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.158538103 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.158559084 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.158648968 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.158654928 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.158855915 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.160497904 CET49719443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.160521984 CET44349719104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174673080 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174724102 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174753904 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174784899 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174793005 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.174820900 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174856901 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174884081 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174891949 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.174896955 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174921989 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.174932003 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.174954891 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.174959898 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.177298069 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.177310944 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179377079 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179419041 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179442883 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179466009 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179496050 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.179502964 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179532051 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.179722071 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179749966 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179774046 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.179779053 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179810047 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179836035 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.179836988 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.179842949 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.179879904 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.180747032 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.180811882 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.180834055 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.180877924 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.180942059 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.180948973 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.181646109 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.181735039 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.181854010 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.183056116 CET49720443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.183073044 CET44349720104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.223475933 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.223536015 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.224421978 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.224791050 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.224814892 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.236452103 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.236586094 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.236779928 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.237206936 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.237247944 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.454549074 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.454730034 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.455097914 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.455132961 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.455312014 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.455353022 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.455497980 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.455499887 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.455504894 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.455516100 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.526777029 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.526808023 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.526875019 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.526987076 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.526987076 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.527801037 CET49726443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.527825117 CET44349726104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533621073 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533663034 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533689976 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533715010 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533727884 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.533739090 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533766985 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.533786058 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.533806086 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.533813953 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.534588099 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.534615993 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.534640074 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.534651995 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.534709930 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.538520098 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.538682938 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.538754940 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.538763046 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.538789988 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.538840055 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.538876057 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.539051056 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.539096117 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.539105892 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.539184093 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.539227962 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.539235115 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.540050030 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.540101051 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.540111065 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.540173054 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.540337086 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.540344954 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.540976048 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.541024923 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.541033030 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.541126013 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.541199923 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.541204929 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.541219950 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.541269064 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.541837931 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542005062 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542063951 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.542071104 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542145014 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542186022 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.542184114 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.542191982 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542306900 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.542378902 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.542773962 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.542807102 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543622971 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543672085 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.543679953 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543802023 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543847084 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.543854952 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543939114 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.543987989 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.543994904 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.544095039 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.544137955 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.544143915 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.544245005 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.544302940 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.544320107 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545033932 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545089006 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.545097113 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545120001 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545145035 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.545151949 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545182943 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.545742035 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545800924 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.545809984 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.545851946 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.546262026 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.546313047 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.546355009 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.546415091 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.546437979 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.546498060 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.547235966 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.547292948 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.547326088 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.547446966 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.548464060 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.548528910 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.548572063 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.548638105 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.548696041 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.548748016 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549006939 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549057961 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549108982 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549156904 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549201965 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549252033 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549293041 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549341917 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549375057 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549423933 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.549926043 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.549973011 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.550020933 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.550074100 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.550105095 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.550160885 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.550741911 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.550796032 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.550847054 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.550899982 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.550959110 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551018000 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551054955 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551125050 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551153898 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551229954 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551434994 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551486015 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551562071 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551614046 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551639080 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551682949 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.551753044 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.551800966 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.553162098 CET49727443192.168.2.5104.18.161.117
                                        Mar 19, 2025 10:03:00.553184986 CET44349727104.18.161.117192.168.2.5
                                        Mar 19, 2025 10:03:00.568515062 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.568588018 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.569227934 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.569431067 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.569952965 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.612365961 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.661534071 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.661561966 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.661608934 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.661645889 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.661664009 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:00.661701918 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.662744045 CET49729443192.168.2.5104.18.160.117
                                        Mar 19, 2025 10:03:00.662760973 CET44349729104.18.160.117192.168.2.5
                                        Mar 19, 2025 10:03:03.558259010 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:03.596158028 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.596209049 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.596349001 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.596390963 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:03.596426010 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.596812963 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:03.597341061 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.598356962 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:03.598603964 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:03.602478981 CET49717443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:03.602514029 CET44349717142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:05.710887909 CET49676443192.168.2.520.189.173.14
                                        Mar 19, 2025 10:03:34.632033110 CET4968880192.168.2.5142.250.185.99
                                        Mar 19, 2025 10:03:34.632150888 CET4968780192.168.2.595.101.54.113
                                        Mar 19, 2025 10:03:34.632220984 CET4968980192.168.2.595.101.54.113
                                        Mar 19, 2025 10:03:34.637221098 CET8049688142.250.185.99192.168.2.5
                                        Mar 19, 2025 10:03:34.637281895 CET4968880192.168.2.5142.250.185.99
                                        Mar 19, 2025 10:03:34.637636900 CET804968795.101.54.113192.168.2.5
                                        Mar 19, 2025 10:03:34.637679100 CET804968995.101.54.113192.168.2.5
                                        Mar 19, 2025 10:03:34.637696028 CET4968780192.168.2.595.101.54.113
                                        Mar 19, 2025 10:03:34.637722015 CET4968980192.168.2.595.101.54.113
                                        Mar 19, 2025 10:03:35.042222977 CET49690443192.168.2.5104.126.37.177
                                        Mar 19, 2025 10:03:35.043530941 CET4969180192.168.2.52.23.77.188
                                        Mar 19, 2025 10:03:58.484049082 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:58.484091997 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:58.484160900 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:58.484323025 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:58.484337091 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:58.515019894 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:03:58.515450001 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:03:58.560326099 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:04:08.507083893 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:04:08.507201910 CET44349740142.250.186.164192.168.2.5
                                        Mar 19, 2025 10:04:08.507256985 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:04:10.345865965 CET49740443192.168.2.5142.250.186.164
                                        Mar 19, 2025 10:04:10.345886946 CET44349740142.250.186.164192.168.2.5
                                        TimestampSource PortDest PortSource IPDest IP
                                        Mar 19, 2025 10:02:53.956068039 CET53500821.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:54.083127022 CET53493461.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:54.263519049 CET53529621.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:58.428211927 CET5200453192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:58.428211927 CET6028253192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:58.435017109 CET53602821.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:58.435036898 CET53520041.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:59.825103045 CET6130253192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:59.825103998 CET5207553192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:59.833594084 CET6281753192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:59.834142923 CET5863553192.168.2.51.1.1.1
                                        Mar 19, 2025 10:02:59.835099936 CET53520751.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:59.836200953 CET53613021.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:59.843878984 CET53586351.1.1.1192.168.2.5
                                        Mar 19, 2025 10:02:59.869219065 CET53628171.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.051336050 CET6451853192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.051336050 CET4972253192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.051974058 CET5670053192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.052234888 CET5310153192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.058794975 CET53645181.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.059181929 CET53497221.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.059488058 CET53567001.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.059890985 CET53531011.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.533422947 CET6348953192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.533577919 CET6074553192.168.2.51.1.1.1
                                        Mar 19, 2025 10:03:00.540136099 CET53607451.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:00.540499926 CET53634891.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:11.265315056 CET53643111.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:30.186609983 CET53633301.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:49.902534008 CET138138192.168.2.5192.168.2.255
                                        Mar 19, 2025 10:03:52.639961004 CET53558891.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:53.706707001 CET53571831.1.1.1192.168.2.5
                                        Mar 19, 2025 10:03:56.374408960 CET53590551.1.1.1192.168.2.5

                                        DNS Queries

                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                        Mar 19, 2025 10:02:58.428211927 CET192.168.2.51.1.1.10x47dfStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:58.428211927 CET192.168.2.51.1.1.10x1308Standard query (0)www.google.com65IN (0x0001)false
                                        Mar 19, 2025 10:02:59.825103045 CET192.168.2.51.1.1.10xfe25Standard query (0)metamaskelogines.webflow.io65IN (0x0001)false
                                        Mar 19, 2025 10:02:59.825103998 CET192.168.2.51.1.1.10x370dStandard query (0)metamaskelogines.webflow.ioA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.833594084 CET192.168.2.51.1.1.10x91b3Standard query (0)metamaskelogines.webflow.ioA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.834142923 CET192.168.2.51.1.1.10x5d81Standard query (0)metamaskelogines.webflow.io65IN (0x0001)false
                                        Mar 19, 2025 10:03:00.051336050 CET192.168.2.51.1.1.10x5a66Standard query (0)cdn.prod.website-files.comA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.051336050 CET192.168.2.51.1.1.10x7924Standard query (0)cdn.prod.website-files.com65IN (0x0001)false
                                        Mar 19, 2025 10:03:00.051974058 CET192.168.2.51.1.1.10xd74eStandard query (0)d3e54v103j8qbb.cloudfront.netA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.052234888 CET192.168.2.51.1.1.10x3e48Standard query (0)d3e54v103j8qbb.cloudfront.net65IN (0x0001)false
                                        Mar 19, 2025 10:03:00.533422947 CET192.168.2.51.1.1.10x662Standard query (0)cdn.prod.website-files.comA (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.533577919 CET192.168.2.51.1.1.10x595Standard query (0)cdn.prod.website-files.com65IN (0x0001)false

                                        DNS Answers

                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                        Mar 19, 2025 10:02:58.435017109 CET1.1.1.1192.168.2.50x1308No error (0)www.google.com65IN (0x0001)false
                                        Mar 19, 2025 10:02:58.435036898 CET1.1.1.1192.168.2.50x47dfNo error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.835099936 CET1.1.1.1192.168.2.50x370dNo error (0)metamaskelogines.webflow.io172.64.151.8A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.835099936 CET1.1.1.1192.168.2.50x370dNo error (0)metamaskelogines.webflow.io104.18.36.248A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.836200953 CET1.1.1.1192.168.2.50xfe25No error (0)metamaskelogines.webflow.io65IN (0x0001)false
                                        Mar 19, 2025 10:02:59.843878984 CET1.1.1.1192.168.2.50x5d81No error (0)metamaskelogines.webflow.io65IN (0x0001)false
                                        Mar 19, 2025 10:02:59.869219065 CET1.1.1.1192.168.2.50x91b3No error (0)metamaskelogines.webflow.io172.64.151.8A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:02:59.869219065 CET1.1.1.1192.168.2.50x91b3No error (0)metamaskelogines.webflow.io104.18.36.248A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.058794975 CET1.1.1.1192.168.2.50x5a66No error (0)cdn.prod.website-files.com104.18.161.117A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.058794975 CET1.1.1.1192.168.2.50x5a66No error (0)cdn.prod.website-files.com104.18.160.117A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.059181929 CET1.1.1.1192.168.2.50x7924No error (0)cdn.prod.website-files.com65IN (0x0001)false
                                        Mar 19, 2025 10:03:00.059488058 CET1.1.1.1192.168.2.50xd74eNo error (0)d3e54v103j8qbb.cloudfront.net52.222.232.47A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.059488058 CET1.1.1.1192.168.2.50xd74eNo error (0)d3e54v103j8qbb.cloudfront.net52.222.232.144A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.059488058 CET1.1.1.1192.168.2.50xd74eNo error (0)d3e54v103j8qbb.cloudfront.net52.222.232.99A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.059488058 CET1.1.1.1192.168.2.50xd74eNo error (0)d3e54v103j8qbb.cloudfront.net52.222.232.39A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.540136099 CET1.1.1.1192.168.2.50x595No error (0)cdn.prod.website-files.com65IN (0x0001)false
                                        Mar 19, 2025 10:03:00.540499926 CET1.1.1.1192.168.2.50x662No error (0)cdn.prod.website-files.com104.18.160.117A (IP address)IN (0x0001)false
                                        Mar 19, 2025 10:03:00.540499926 CET1.1.1.1192.168.2.50x662No error (0)cdn.prod.website-files.com104.18.161.117A (IP address)IN (0x0001)false

                                        HTTP Request Dependency Graph

                                        • metamaskelogines.webflow.io
                                          • cdn.prod.website-files.com
                                          • d3e54v103j8qbb.cloudfront.net
                                        • www.google.com

                                        HTTPS Proxied Packets

                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        0192.168.2.549718172.64.151.84436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:02:59 UTC677OUTGET / HTTP/1.1
                                        Host: metamaskelogines.webflow.io
                                        Connection: keep-alive
                                        Upgrade-Insecure-Requests: 1
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        sec-ch-ua-platform: "Windows"
                                        Sec-Fetch-Site: none
                                        Sec-Fetch-Mode: navigate
                                        Sec-Fetch-User: ?1
                                        Sec-Fetch-Dest: document
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC812INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:02:59 GMT
                                        Content-Type: text/html
                                        Transfer-Encoding: chunked
                                        Connection: close
                                        CF-Ray: 922bcb48b9559f4c-FRA
                                        CF-Cache-Status: HIT
                                        Age: 196131
                                        Last-Modified: Thu, 13 Mar 2025 22:16:53 GMT
                                        content-security-policy: frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com
                                        surrogate-control: max-age=2147483647
                                        surrogate-key: metamaskelogines.webflow.io 64d5c1800faad7036642a10a pageId:64d5c1800faad7036642a119
                                        x-lambda-id: 8f056d15-b49c-4caa-9912-26f98d34c7ee
                                        vary: Accept-Encoding
                                        Set-Cookie: _cfuvid=vmRYKT7sC8P9brFIuoJQ.g94ROewp.S.LybpwGCvXNw-1742374979990-0.0.1.1-604800000; path=/; domain=.webflow.io; HttpOnly; Secure; SameSite=None
                                        Server: cloudflare
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC557INData Raw: 61 33 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 77 61 73 20 63 72 65 61 74 65 64 20 69 6e 20 57 65 62 66 6c 6f 77 2e 20 68 74 74 70 73 3a 2f 2f 77 65 62 66 6c 6f 77 2e 63 6f 6d 20 2d 2d 3e 3c 21 2d 2d 20 4c 61 73 74 20 50 75 62 6c 69 73 68 65 64 3a 20 46 72 69 20 41 75 67 20 31 31 20 32 30 32 33 20 30 35 3a 31 35 3a 33 32 20 47 4d 54 2b 30 30 30 30 20 28 43 6f 6f 72 64 69 6e 61 74 65 64 20 55 6e 69 76 65 72 73 61 6c 20 54 69 6d 65 29 20 2d 2d 3e 3c 68 74 6d 6c 20 64 61 74 61 2d 77 66 2d 64 6f 6d 61 69 6e 3d 22 6d 65 74 61 6d 61 73 6b 65 6c 6f 67 69 6e 65 73 2e 77 65 62 66 6c 6f 77 2e 69 6f 22 20 64 61 74 61 2d 77 66 2d 70 61 67 65 3d 22 36 34 64 35 63 31 38 30 30 66 61 61 64 37 30 33 36 36 34 32 61
                                        Data Ascii: a34<!DOCTYPE html>... This site was created in Webflow. https://webflow.com -->... Last Published: Fri Aug 11 2023 05:15:32 GMT+0000 (Coordinated Universal Time) --><html data-wf-domain="metamaskelogines.webflow.io" data-wf-page="64d5c1800faad7036642a
                                        2025-03-19 09:03:00 UTC1369INData Raw: 64 20 65 61 73 65 2e 20 4d 61 6e 61 67 65 20 79 6f 75 72 20 64 69 67 69 74 61 6c 20 61 73 73 65 74 73 2c 20 69 6e 74 65 72 61 63 74 20 77 69 74 68 20 64 41 70 70 73 2c 20 61 6e 64 20 65 78 70 6c 6f 72 65 20 74 68 65 20 77 6f 72 6c 64 20 6f 66 20 64 65 63 65 6e 74 72 61 6c 69 7a 65 64 20 61 70 70 6c 69 63 61 74 69 6f 6e 73 20 77 69 74 68 20 4d 65 74 61 4d 61 73 6b 2e 26 71 75 6f 74 3b 22 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 2f 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 2f 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 57 65 62 66 6c 6f 77 22 20 6e 61 6d 65 3d 22 67 65 6e 65 72
                                        Data Ascii: d ease. Manage your digital assets, interact with dApps, and explore the world of decentralized applications with MetaMask.&quot;" name="description"/><meta content="width=device-width, initial-scale=1" name="viewport"/><meta content="Webflow" name="gener
                                        2025-03-19 09:03:00 UTC693INData Raw: 31 30 37 5f 4d 65 74 61 6d 61 73 6b 2d 4c 6f 67 69 6e 2d 62 61 6e 6e 65 72 2d 70 2d 38 30 30 2e 70 6e 67 20 38 30 30 77 2c 20 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 70 72 6f 64 2e 77 65 62 73 69 74 65 2d 66 69 6c 65 73 2e 63 6f 6d 2f 36 34 64 35 63 31 38 30 30 66 61 61 64 37 30 33 36 36 34 32 61 31 30 61 2f 36 34 64 35 63 31 65 33 65 61 37 34 30 33 32 62 39 35 35 32 31 31 30 37 5f 4d 65 74 61 6d 61 73 6b 2d 4c 6f 67 69 6e 2d 62 61 6e 6e 65 72 2d 70 2d 31 30 38 30 2e 70 6e 67 20 31 30 38 30 77 2c 20 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 70 72 6f 64 2e 77 65 62 73 69 74 65 2d 66 69 6c 65 73 2e 63 6f 6d 2f 36 34 64 35 63 31 38 30 30 66 61 61 64 37 30 33 36 36 34 32 61 31 30 61 2f 36 34 64 35 63 31 65 33 65 61 37 34 30 33 32 62 39 35 35 32 31 31 30 37 5f 4d 65 74
                                        Data Ascii: 107_Metamask-Login-banner-p-800.png 800w, https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-banner-p-1080.png 1080w, https://cdn.prod.website-files.com/64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Met
                                        2025-03-19 09:03:00 UTC5INData Raw: 30 0d 0a 0d 0a
                                        Data Ascii: 0


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        1192.168.2.549720104.18.161.1174436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC659OUTGET /64d5c1800faad7036642a10a/css/metamaskelogines.webflow.66a951ca5.css HTTP/1.1
                                        Host: cdn.prod.website-files.com
                                        Connection: keep-alive
                                        sec-ch-ua-platform: "Windows"
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        Accept: text/css,*/*;q=0.1
                                        Sec-Fetch-Site: cross-site
                                        Sec-Fetch-Mode: no-cors
                                        Sec-Fetch-Dest: style
                                        Sec-Fetch-Storage-Access: active
                                        Referer: https://metamaskelogines.webflow.io/
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC658INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:00 GMT
                                        Content-Type: text/css
                                        Transfer-Encoding: chunked
                                        Connection: close
                                        x-amz-id-2: iJy1n/CRq+7p57/RBQTu/ctGccGupMQi3L/EGNIiCpXEW2CDdDAY6dtkyWuGOHdNl8j1ZHgd/x5zrZiMoD6GiR2onEjh8M/D4iCq801bID4=
                                        x-amz-request-id: P9CFW3VR34RVCKZH
                                        Last-Modified: Fri, 11 Aug 2023 05:15:33 GMT
                                        ETag: W/"b26795e5abeba9766201eb1a583ee59b"
                                        x-amz-server-side-encryption: AES256
                                        Cache-Control: max-age=84600, must-revalidate
                                        x-amz-version-id: kPsfFATEwDMgA8SLrkDMhb2uzGh2bsTb
                                        CF-Cache-Status: HIT
                                        Age: 32445
                                        Access-Control-Allow-Origin: *
                                        Server: cloudflare
                                        CF-RAY: 922bcb49eab103ec-FRA
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC711INData Raw: 37 64 31 65 0d 0a 68 74 6d 6c 20 7b 0a 20 20 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b 0a 20 20 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 7d 0a 0a 61 72 74 69 63 6c 65 2c 20 61 73 69 64 65 2c 20 64 65 74 61 69 6c 73 2c 20 66 69 67 63 61 70 74 69 6f 6e 2c 20 66 69 67 75 72 65 2c 20 66 6f 6f 74 65 72 2c 20 68 65 61 64 65 72 2c 20 68 67 72 6f 75 70 2c 20 6d 61 69 6e 2c 20 6d 65 6e 75 2c 20 6e 61 76 2c 20 73 65 63 74 69 6f 6e 2c 20 73 75 6d 6d 61 72 79 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 7d 0a
                                        Data Ascii: 7d1ehtml { -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; font-family: sans-serif;}body { margin: 0;}article, aside, details, figcaption, figure, footer, header, hgroup, main, menu, nav, section, summary { display: block;}
                                        2025-03-19 09:03:00 UTC1369INData Raw: 67 72 6f 75 6e 64 3a 20 23 66 66 30 3b 0a 7d 0a 0a 73 6d 61 6c 6c 20 7b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 7d 0a 0a 73 75 62 2c 20 73 75 70 20 7b 0a 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 37 35 25 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 30 3b 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 7d 0a 0a 73 75 70 20 7b 0a 20 20 74 6f 70 3a 20 2d 2e 35 65 6d 3b 0a 7d 0a 0a 73 75 62 20 7b 0a 20 20 62 6f 74 74 6f 6d 3a 20 2d 2e 32 35 65 6d 3b 0a 7d 0a 0a 69 6d 67 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 30 3b 0a 7d 0a 0a 73 76 67 3a 6e 6f 74 28 3a 72 6f 6f 74 29 20 7b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a
                                        Data Ascii: ground: #ff0;}small { font-size: 80%;}sub, sup { vertical-align: baseline; font-size: 75%; line-height: 0; position: relative;}sup { top: -.5em;}sub { bottom: -.25em;}img { border: 0;}svg:not(:root) { overflow: hidden;
                                        2025-03-19 09:03:00 UTC1369INData Raw: 2e 37 35 65 6d 3b 0a 7d 0a 0a 6c 65 67 65 6e 64 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 7d 0a 0a 74 65 78 74 61 72 65 61 20 7b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 61 75 74 6f 3b 0a 7d 0a 0a 6f 70 74 67 72 6f 75 70 20 7b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 7d 0a 0a 74 61 62 6c 65 20 7b 0a 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 20 63 6f 6c 6c 61 70 73 65 3b 0a 20 20 62 6f 72 64 65 72 2d 73 70 61 63 69 6e 67 3a 20 30 3b 0a 7d 0a 0a 74 64 2c 20 74 68 20 7b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 7d 0a 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 77 65 62 66 6c 6f 77 2d 69 63 6f 6e 73 3b 0a 20 20 73 72 63 3a 20 75 72
                                        Data Ascii: .75em;}legend { border: 0; padding: 0;}textarea { overflow: auto;}optgroup { font-weight: bold;}table { border-collapse: collapse; border-spacing: 0;}td, th { padding: 0;}@font-face { font-family: webflow-icons; src: ur
                                        2025-03-19 09:03:00 UTC1369INData Raw: 49 58 48 67 45 58 46 68 55 55 42 77 34 42 42 77 59 6a 4e 54 49 33 50 67 45 33 4e 6a 55 30 4a 79 34 42 4a 79 59 6a 4d 53 49 48 44 67 45 48 42 68 55 55 46 78 34 42 46 78 59 7a 41 67 42 71 58 56 36 4c 4b 43 67 6f 4b 49 74 65 58 57 70 71 58 56 36 4c 4b 43 67 6f 4b 49 74 65 58 57 70 56 53 6b 74 76 49 43 45 68 49 47 39 4c 53 6c 56 56 53 6b 74 76 49 43 45 68 49 47 39 4c 53 6c 56 41 4b 43 69 4c 58 6c 31 71 61 6c 31 65 69 79 67 6f 4b 43 69 4c 58 6c 31 71 61 6c 31 65 69 79 67 6f 5a 69 45 67 62 30 74 4b 56 56 56 4b 53 32 38 67 49 53 45 67 62 30 74 4b 56 56 56 4b 53 32 38 67 49 51 41 42 41 41 41 42 77 41 49 41 41 38 41 41 45 67 41 41 45 7a 51 33 50 67 45 33 4e 6a 4d 78 46 53 49 48 44 67 45 48 42 68 55 78 49 77 41 6f 4b 49 74 65 58 57 70 56 53 6b 74 76 49 43 46 6d 41
                                        Data Ascii: IXHgEXFhUUBw4BBwYjNTI3PgE3NjU0Jy4BJyYjMSIHDgEHBhUUFx4BFxYzAgBqXV6LKCgoKIteXWpqXV6LKCgoKIteXWpVSktvICEhIG9LSlVVSktvICEhIG9LSlVAKCiLXl1qal1eiygoKCiLXl1qal1eiygoZiEgb0tKVVVKS28gISEgb0tKVVVKS28gIQABAAABwAIAA8AAEgAAEzQ3PgE3NjMxFSIHDgEHBhUxIwAoKIteXWpVSktvICFmA
                                        2025-03-19 09:03:00 UTC1369INData Raw: 35 41 43 41 41 53 51 42 6a 41 47 38 41 54 51 42 76 41 47 38 41 62 67 41 75 41 41 41 41 41 77 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 3d 3d 22 29 20 66 6f 72 6d 61 74 28 22 74 72 75 65 74 79 70 65 22 29 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 7d 0a 0a 5b 63 6c 61 73 73 5e 3d 22 77 2d 69 63 6f 6e 2d 22 5d 2c 20 5b 63 6c 61 73 73 2a 3d 22 20 77 2d 69 63 6f 6e 2d 22 5d 20 7b 0a 20 20 73 70 65 61 6b 3a 20 6e 6f 6e 65 3b 0a 20 20 66 6f 6e 74 2d 76 61 72 69 61 6e 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0a 20 20 2d 77 65 62
                                        Data Ascii: 5ACAASQBjAG8ATQBvAG8AbgAuAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==") format("truetype"); font-weight: normal; font-style: normal;}[class^="w-icon-"], [class*=" w-icon-"] { speak: none; font-variant: normal; text-transform: none; -web
                                        2025-03-19 09:03:00 UTC1369INData Raw: 62 6f 74 68 3b 0a 7d 0a 0a 2e 77 2d 68 69 64 64 65 6e 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 77 2d 62 75 74 74 6f 6e 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 69 6e 68 65 72 69 74 3b 0a 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 33 38 39 38 65 63 3b 0a 20 20 62 6f 72 64 65 72 3a 20 30 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 39 70 78 20 31 35 70 78 3b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a 7d 0a 0a 69 6e 70 75 74 2e 77 2d
                                        Data Ascii: both;}.w-hidden { display: none;}.w-button { color: #fff; line-height: inherit; cursor: pointer; background-color: #3898ec; border: 0; border-radius: 0; padding: 9px 15px; text-decoration: none; display: inline-block;}input.w-
                                        2025-03-19 09:03:00 UTC1369INData Raw: 3a 20 61 75 74 6f 3b 0a 20 20 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 76 69 73 69 62 6c 65 3b 0a 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 77 2d 77 65 62 66 6c 6f 77 2d 62 61 64 67 65 20 7b 0a 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0a 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 30 20 31 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 31 29 2c 20 30 20 31 70 78 20 33 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 2e 31 29 3b 0a 20 20 76 69 73 69 62 69 6c 69 74 79 3a 20 76 69 73 69 62 6c 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 7a 2d 69 6e 64 65
                                        Data Ascii: : auto; left: auto; right: auto; overflow: visible; transform: none;}.w-webflow-badge { white-space: nowrap; cursor: pointer; box-shadow: 0 0 0 1px rgba(0, 0, 0, .1), 0 1px 3px rgba(0, 0, 0, .1); visibility: visible !important; z-inde
                                        2025-03-19 09:03:00 UTC1369INData Raw: 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 30 70 78 3b 0a 7d 0a 0a 68 36 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 7d 0a 0a 70 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 7d 0a 0a 62 6c 6f 63 6b 71 75 6f 74 65 20 7b 0a 20 20 62 6f 72 64 65 72 2d 6c 65 66 74 3a 20 35 70 78 20 73 6f 6c 69 64 20 23 65 32 65 32 65 32 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 30 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30
                                        Data Ascii: -top: 10px; font-size: 14px; line-height: 20px;}h6 { margin-top: 10px; font-size: 12px; line-height: 18px;}p { margin-top: 0; margin-bottom: 10px;}blockquote { border-left: 5px solid #e2e2e2; margin: 0 0 10px; padding: 10px 20
                                        2025-03-19 09:03:00 UTC1369INData Raw: 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 33 38 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 33 33 3b 0a 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 38 70 78 20 31 32 70 78 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 7d 0a 0a 2e 77 2d 69 6e 70 75 74 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 20 2e 77 2d 73 65 6c 65
                                        Data Ascii: 0%; height: 38px; color: #333; vertical-align: middle; background-color: #fff; border: 1px solid #ccc; margin-bottom: 10px; padding: 8px 12px; font-size: 14px; line-height: 1.42857; display: block;}.w-input:-moz-placeholder, .w-sele
                                        2025-03-19 09:03:00 UTC1369INData Raw: 65 61 3a 20 31 20 2f 20 31 20 2f 20 32 20 2f 20 32 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 3b 0a 7d 0a 0a 2e 77 2d 72 61 64 69 6f 3a 61 66 74 65 72 20 7b 0a 20 20 63 6c 65 61 72 3a 20 62 6f 74 68 3b 0a 7d 0a 0a 2e 77 2d 72 61 64 69 6f 2d 69 6e 70 75 74 20 7b 0a 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 33 70 78 20 30 20 30 20 2d 32 30 70 78 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 7d 0a 0a 2e 77 2d 66 69 6c 65 2d 75 70 6c 6f 61 64 20 7b 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 7d 0a 0a 2e 77 2d 66 69 6c 65 2d 75 70 6c 6f 61 64 2d 69 6e 70 75 74 20 7b 0a 20 20 77 69 64 74 68 3a 20 2e 31 70 78
                                        Data Ascii: ea: 1 / 1 / 2 / 2; display: table;}.w-radio:after { clear: both;}.w-radio-input { float: left; margin: 3px 0 0 -20px; line-height: normal;}.w-file-upload { margin-bottom: 10px; display: block;}.w-file-upload-input { width: .1px


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        2192.168.2.549719104.18.161.1174436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC626OUTGET /64d5c1800faad7036642a10a/js/webflow.24a563ff7.js HTTP/1.1
                                        Host: cdn.prod.website-files.com
                                        Connection: keep-alive
                                        sec-ch-ua-platform: "Windows"
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        Accept: */*
                                        Sec-Fetch-Site: cross-site
                                        Sec-Fetch-Mode: no-cors
                                        Sec-Fetch-Dest: script
                                        Sec-Fetch-Storage-Access: active
                                        Referer: https://metamaskelogines.webflow.io/
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC665INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:00 GMT
                                        Content-Type: text/javascript
                                        Transfer-Encoding: chunked
                                        Connection: close
                                        x-amz-id-2: r40mE8MD2No31ljRPwZUOYCjADAYMrUOIxJw1hnjZ/PSlTSQMYgCAeO5tRiPt3mVa6LPRmjkiP5u3C9SXS6yHCFH34tOI6KNq2Sh8TqKy6g=
                                        x-amz-request-id: P9CAG21BT6GQE1P0
                                        Last-Modified: Fri, 11 Aug 2023 05:15:33 GMT
                                        ETag: W/"a505becc886cdcc871c41d1db25b1402"
                                        x-amz-server-side-encryption: AES256
                                        Cache-Control: max-age=84600, must-revalidate
                                        x-amz-version-id: puaabLtVldZzSjPbxAcB8FowPYBPCiwK
                                        CF-Cache-Status: HIT
                                        Age: 32445
                                        Access-Control-Allow-Origin: *
                                        Server: cloudflare
                                        CF-RAY: 922bcb49ecbfdbf6-FRA
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC704INData Raw: 37 64 31 37 0d 0a 0a 2f 2a 21 0a 20 2a 20 57 65 62 66 6c 6f 77 3a 20 46 72 6f 6e 74 2d 65 6e 64 20 73 69 74 65 20 6c 69 62 72 61 72 79 0a 20 2a 20 40 6c 69 63 65 6e 73 65 20 4d 49 54 0a 20 2a 20 49 6e 6c 69 6e 65 20 73 63 72 69 70 74 73 20 6d 61 79 20 61 63 63 65 73 73 20 74 68 65 20 61 70 69 20 75 73 69 6e 67 20 61 6e 20 61 73 79 6e 63 20 68 61 6e 64 6c 65 72 3a 0a 20 2a 20 20 20 76 61 72 20 57 65 62 66 6c 6f 77 20 3d 20 57 65 62 66 6c 6f 77 20 7c 7c 20 5b 5d 3b 0a 20 2a 20 20 20 57 65 62 66 6c 6f 77 2e 70 75 73 68 28 72 65 61 64 79 46 75 6e 63 74 69 6f 6e 29 3b 0a 20 2a 2f 0a 0a 28 28 29 3d 3e 7b 76 61 72 20 6c 74 3d 28 65 2c 79 29 3d 3e 28 29 3d 3e 28 79 7c 7c 65 28 28 79 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 7d 29 2e 65 78 70 6f 72 74 73 2c 79 29 2c 79
                                        Data Ascii: 7d17/*! * Webflow: Front-end site library * @license MIT * Inline scripts may access the api using an async handler: * var Webflow = Webflow || []; * Webflow.push(readyFunction); */(()=>{var lt=(e,y)=>()=>(y||e((y={exports:{}}).exports,y),y
                                        2025-03-19 09:03:00 UTC1369INData Raw: 42 28 22 55 6e 69 74 73 20 64 6f 20 6e 6f 74 20 6d 61 74 63 68 20 5b 22 2b 74 2b 22 5d 3a 20 22 2b 6e 2b 22 2c 20 22 2b 69 29 7d 66 75 6e 63 74 69 6f 6e 20 52 28 74 2c 6e 2c 69 29 7b 69 66 28 6e 21 3d 3d 76 6f 69 64 20 30 26 26 28 69 3d 6e 29 2c 74 3d 3d 3d 76 6f 69 64 20 30 29 72 65 74 75 72 6e 20 69 3b 76 61 72 20 72 3d 69 3b 72 65 74 75 72 6e 20 77 65 2e 74 65 73 74 28 74 29 7c 7c 21 58 74 2e 74 65 73 74 28 74 29 3f 72 3d 70 61 72 73 65 49 6e 74 28 74 2c 31 30 29 3a 58 74 2e 74 65 73 74 28 74 29 26 26 28 72 3d 31 65 33 2a 70 61 72 73 65 46 6c 6f 61 74 28 74 29 29 2c 30 3e 72 26 26 28 72 3d 30 29 2c 72 3d 3d 3d 72 3f 72 3a 69 7d 66 75 6e 63 74 69 6f 6e 20 42 28 74 29 7b 65 74 2e 64 65 62 75 67 26 26 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2e 63 6f 6e
                                        Data Ascii: B("Units do not match ["+t+"]: "+n+", "+i)}function R(t,n,i){if(n!==void 0&&(i=n),t===void 0)return i;var r=i;return we.test(t)||!Xt.test(t)?r=parseInt(t,10):Xt.test(t)&&(r=1e3*parseFloat(t)),0>r&&(r=0),r===r?r:i}function B(t){et.debug&&window&&window.con
                                        2025-03-19 09:03:00 UTC1369INData Raw: 7b 72 65 74 75 72 6e 20 69 2a 74 2f 72 2b 6e 7d 5d 2c 22 65 61 73 65 2d 69 6e 2d 71 75 61 64 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 35 35 30 2c 20 30 2e 30 38 35 2c 20 30 2e 36 38 30 2c 20 30 2e 35 33 30 29 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 29 7b 72 65 74 75 72 6e 20 69 2a 28 74 2f 3d 72 29 2a 74 2b 6e 7d 5d 2c 22 65 61 73 65 2d 6f 75 74 2d 71 75 61 64 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 32 35 30 2c 20 30 2e 34 36 30 2c 20 30 2e 34 35 30 2c 20 30 2e 39 34 30 29 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 29 7b 72 65 74 75 72 6e 2d 69 2a 28 74 2f 3d 72 29 2a 28 74 2d 32 29 2b 6e 7d 5d 2c 22 65 61 73 65 2d 69 6e 2d 6f 75 74 2d 71 75 61 64 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28
                                        Data Ascii: {return i*t/r+n}],"ease-in-quad":["cubic-bezier(0.550, 0.085, 0.680, 0.530)",function(t,n,i,r){return i*(t/=r)*t+n}],"ease-out-quad":["cubic-bezier(0.250, 0.460, 0.450, 0.940)",function(t,n,i,r){return-i*(t/=r)*(t-2)+n}],"ease-in-out-quad":["cubic-bezier(
                                        2025-03-19 09:03:00 UTC1369INData Raw: 2a 74 2b 32 29 2b 6e 7d 5d 2c 22 65 61 73 65 2d 69 6e 2d 73 69 6e 65 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 37 30 2c 20 30 2c 20 30 2e 37 34 35 2c 20 30 2e 37 31 35 29 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 29 7b 72 65 74 75 72 6e 2d 69 2a 4d 61 74 68 2e 63 6f 73 28 74 2f 72 2a 28 4d 61 74 68 2e 50 49 2f 32 29 29 2b 69 2b 6e 7d 5d 2c 22 65 61 73 65 2d 6f 75 74 2d 73 69 6e 65 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 33 39 30 2c 20 30 2e 35 37 35 2c 20 30 2e 35 36 35 2c 20 31 29 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 29 7b 72 65 74 75 72 6e 20 69 2a 4d 61 74 68 2e 73 69 6e 28 74 2f 72 2a 28 4d 61 74 68 2e 50 49 2f 32 29 29 2b 6e 7d 5d 2c 22 65 61 73 65 2d 69 6e 2d 6f 75 74 2d 73 69 6e 65 22
                                        Data Ascii: *t+2)+n}],"ease-in-sine":["cubic-bezier(0.470, 0, 0.745, 0.715)",function(t,n,i,r){return-i*Math.cos(t/r*(Math.PI/2))+i+n}],"ease-out-sine":["cubic-bezier(0.390, 0.575, 0.565, 1)",function(t,n,i,r){return i*Math.sin(t/r*(Math.PI/2))+n}],"ease-in-out-sine"
                                        2025-03-19 09:03:00 UTC1369INData Raw: 72 6e 20 73 3d 3d 3d 76 6f 69 64 20 30 26 26 28 73 3d 31 2e 37 30 31 35 38 29 2c 69 2a 28 28 74 3d 74 2f 72 2d 31 29 2a 74 2a 28 28 73 2b 31 29 2a 74 2b 73 29 2b 31 29 2b 6e 7d 5d 2c 22 65 61 73 65 2d 69 6e 2d 6f 75 74 2d 62 61 63 6b 22 3a 5b 22 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 36 38 30 2c 20 2d 30 2e 35 35 30 2c 20 30 2e 32 36 35 2c 20 31 2e 35 35 30 29 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 69 2c 72 2c 73 29 7b 72 65 74 75 72 6e 20 73 3d 3d 3d 76 6f 69 64 20 30 26 26 28 73 3d 31 2e 37 30 31 35 38 29 2c 28 74 2f 3d 72 2f 32 29 3c 31 3f 69 2f 32 2a 74 2a 74 2a 28 28 28 73 2a 3d 31 2e 35 32 35 29 2b 31 29 2a 74 2d 73 29 2b 6e 3a 69 2f 32 2a 28 28 74 2d 3d 32 29 2a 74 2a 28 28 28 73 2a 3d 31 2e 35 32 35 29 2b 31 29 2a 74 2b 73 29 2b 32 29
                                        Data Ascii: rn s===void 0&&(s=1.70158),i*((t=t/r-1)*t*((s+1)*t+s)+1)+n}],"ease-in-out-back":["cubic-bezier(0.680, -0.550, 0.265, 1.550)",function(t,n,i,r,s){return s===void 0&&(s=1.70158),(t/=r/2)<1?i/2*t*t*(((s*=1.525)+1)*t-s)+n:i/2*((t-=2)*t*(((s*=1.525)+1)*t+s)+2)
                                        2025-03-19 09:03:00 UTC1369INData Raw: 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 7c 7c 58 2e 6d 73 52 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 3b 72 65 74 75 72 6e 20 74 26 26 68 2e 62 69 6e 64 3f 74 2e 62 69 6e 64 28 58 29 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 58 2e 73 65 74 54 69 6d 65 6f 75 74 28 6e 2c 31 36 29 7d 7d 28 29 2c 63 74 3d 79 2e 6e 6f 77 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 58 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2c 6e 3d 74 26 26 28 74 2e 6e 6f 77 7c 7c 74 2e 77 65 62 6b 69 74 4e 6f 77 7c 7c 74 2e 6d 73 4e 6f 77 7c 7c 74 2e 6d 6f 7a 4e 6f 77 29 3b 72 65 74 75 72 6e 20 6e 26 26 68 2e 62 69 6e 64 3f 6e 2e 62 69 6e 64 28 74 29 3a 44 61 74 65 2e 6e 6f 77 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 2b 6e 65 77 20 44 61 74 65
                                        Data Ascii: estAnimationFrame||X.msRequestAnimationFrame;return t&&h.bind?t.bind(X):function(n){X.setTimeout(n,16)}}(),ct=y.now=function(){var t=X.performance,n=t&&(t.now||t.webkitNow||t.msNow||t.mozNow);return n&&h.bind?n.bind(t):Date.now||function(){return+new Date
                                        2025-03-19 09:03:00 UTC1369INData Raw: 71 75 65 75 65 2e 70 75 73 68 28 7b 6f 70 74 69 6f 6e 73 3a 77 7d 29 3a 28 74 68 69 73 2e 74 69 6d 65 72 3d 6e 65 77 20 71 74 28 7b 64 75 72 61 74 69 6f 6e 3a 77 2c 63 6f 6e 74 65 78 74 3a 74 68 69 73 2c 63 6f 6d 70 6c 65 74 65 3a 6f 7d 29 2c 74 68 69 73 2e 61 63 74 69 76 65 3d 21 30 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 77 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 61 63 74 69 76 65 3f 28 74 68 69 73 2e 71 75 65 75 65 2e 70 75 73 68 28 7b 6f 70 74 69 6f 6e 73 3a 77 2c 61 72 67 73 3a 61 72 67 75 6d 65 6e 74 73 7d 29 2c 76 6f 69 64 28 74 68 69 73 2e 74 69 6d 65 72 2e 63 6f 6d 70 6c 65 74 65 3d 6f 29 29 3a 42 28 22 4e 6f 20 61 63 74 69 76 65 20 74 72 61 6e 73 69 74 69 6f 6e 20 74 69 6d 65 72 2e 20 55 73 65 20 73 74 61 72 74 28 29 20 6f 72 20 77 61 69 74 28
                                        Data Ascii: queue.push({options:w}):(this.timer=new qt({duration:w,context:this,complete:o}),this.active=!0)}function s(w){return this.active?(this.queue.push({options:w,args:arguments}),void(this.timer.complete=o)):B("No active transition timer. Use start() or wait(
                                        2025-03-19 09:03:00 UTC1369INData Raw: 74 74 2c 73 74 29 7d 59 26 26 6e 74 26 26 59 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 74 29 7d 66 75 6e 63 74 69 6f 6e 20 6a 28 77 29 7b 77 2e 73 74 6f 70 28 29 7d 66 75 6e 63 74 69 6f 6e 20 54 74 28 77 2c 4f 29 7b 77 2e 73 65 74 28 4f 29 7d 66 75 6e 63 74 69 6f 6e 20 67 65 28 77 29 7b 74 68 69 73 2e 24 65 6c 2e 63 73 73 28 77 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 74 28 77 2c 4f 29 7b 74 5b 77 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 63 68 69 6c 64 72 65 6e 3f 79 65 2e 63 61 6c 6c 28 74 68 69 73 2c 4f 2c 61 72 67 75 6d 65 6e 74 73 29 3a 28 74 68 69 73 2e 65 6c 26 26 4f 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 2c 74 68 69 73 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 77 2c 4f 29 7b 76 61 72 20 59 2c 4e
                                        Data Ascii: tt,st)}Y&&nt&&Y.call(this,nt)}function j(w){w.stop()}function Tt(w,O){w.set(O)}function ge(w){this.$el.css(w)}function ot(w,O){t[w]=function(){return this.children?ye.call(this,O,arguments):(this.el&&O.apply(this,arguments),this)}}function ye(w,O){var Y,N
                                        2025-03-19 09:03:00 UTC1369INData Raw: 65 6c 61 79 3a 30 7d 3b 74 2e 69 6e 69 74 3d 66 75 6e 63 74 69 6f 6e 28 6f 2c 6d 2c 78 2c 4b 29 7b 74 68 69 73 2e 24 65 6c 3d 6f 2c 74 68 69 73 2e 65 6c 3d 6f 5b 30 5d 3b 76 61 72 20 63 3d 6d 5b 30 5d 3b 78 5b 32 5d 26 26 28 63 3d 78 5b 32 5d 29 2c 48 74 5b 63 5d 26 26 28 63 3d 48 74 5b 63 5d 29 2c 74 68 69 73 2e 6e 61 6d 65 3d 63 2c 74 68 69 73 2e 74 79 70 65 3d 78 5b 31 5d 2c 74 68 69 73 2e 64 75 72 61 74 69 6f 6e 3d 52 28 6d 5b 31 5d 2c 74 68 69 73 2e 64 75 72 61 74 69 6f 6e 2c 73 2e 64 75 72 61 74 69 6f 6e 29 2c 74 68 69 73 2e 65 61 73 65 3d 69 28 6d 5b 32 5d 2c 74 68 69 73 2e 65 61 73 65 2c 73 2e 65 61 73 65 29 2c 74 68 69 73 2e 64 65 6c 61 79 3d 52 28 6d 5b 33 5d 2c 74 68 69 73 2e 64 65 6c 61 79 2c 73 2e 64 65 6c 61 79 29 2c 74 68 69 73 2e 73 70 61
                                        Data Ascii: elay:0};t.init=function(o,m,x,K){this.$el=o,this.el=o[0];var c=m[0];x[2]&&(c=x[2]),Ht[c]&&(c=Ht[c]),this.name=c,this.type=x[1],this.duration=R(m[1],this.duration,s.duration),this.ease=i(m[2],this.ease,s.ease),this.delay=R(m[3],this.delay,s.delay),this.spa
                                        2025-03-19 09:03:00 UTC1369INData Raw: 69 76 65 7c 7c 74 68 69 73 2e 6e 65 78 74 53 74 79 6c 65 29 26 26 28 74 68 69 73 2e 61 63 74 69 76 65 3d 21 31 2c 74 68 69 73 2e 6e 65 78 74 53 74 79 6c 65 3d 6e 75 6c 6c 2c 62 74 28 74 68 69 73 2e 65 6c 2c 74 68 69 73 2e 6e 61 6d 65 2c 74 68 69 73 2e 67 65 74 28 29 29 29 3b 76 61 72 20 6f 3d 74 68 69 73 2e 74 77 65 65 6e 3b 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 6f 2e 64 65 73 74 72 6f 79 28 29 7d 2c 74 2e 63 6f 6e 76 65 72 74 3d 66 75 6e 63 74 69 6f 6e 28 6f 2c 6d 29 7b 69 66 28 6f 3d 3d 22 61 75 74 6f 22 26 26 74 68 69 73 2e 61 75 74 6f 29 72 65 74 75 72 6e 20 6f 3b 76 61 72 20 78 2c 4b 3d 74 79 70 65 6f 66 20 6f 3d 3d 22 6e 75 6d 62 65 72 22 2c 63 3d 74 79 70 65 6f 66 20 6f 3d 3d 22 73 74 72 69 6e 67 22 3b 73 77 69 74 63 68 28 6d 29 7b 63 61 73 65
                                        Data Ascii: ive||this.nextStyle)&&(this.active=!1,this.nextStyle=null,bt(this.el,this.name,this.get()));var o=this.tween;o&&o.context&&o.destroy()},t.convert=function(o,m){if(o=="auto"&&this.auto)return o;var x,K=typeof o=="number",c=typeof o=="string";switch(m){case


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        3192.168.2.54972152.222.232.474436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC652OUTGET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=64d5c1800faad7036642a10a HTTP/1.1
                                        Host: d3e54v103j8qbb.cloudfront.net
                                        Connection: keep-alive
                                        Origin: https://metamaskelogines.webflow.io
                                        sec-ch-ua-platform: "Windows"
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        Accept: */*
                                        Sec-Fetch-Site: cross-site
                                        Sec-Fetch-Mode: cors
                                        Sec-Fetch-Dest: script
                                        Referer: https://metamaskelogines.webflow.io/
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC551INHTTP/1.1 200 OK
                                        Content-Type: application/javascript
                                        Content-Length: 89476
                                        Connection: close
                                        Last-Modified: Mon, 20 Jul 2020 17:53:02 GMT
                                        Accept-Ranges: bytes
                                        Server: AmazonS3
                                        Date: Wed, 19 Mar 2025 00:14:30 GMT
                                        Cache-Control: max-age=84600, must-revalidate
                                        Etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
                                        Via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
                                        Age: 31712
                                        Access-Control-Allow-Origin: *
                                        X-Cache: Hit from cloudfront
                                        X-Amz-Cf-Pop: FRA56-P4
                                        X-Amz-Cf-Id: xnMFyT3TrdPYPB8Y0ZBqZHEg2Fy-7TsOpoo84Z75_V3AeXwCUoRMsg==
                                        2025-03-19 09:03:00 UTC15833INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20
                                        Data Ascii: /*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery
                                        2025-03-19 09:03:00 UTC16384INData Raw: 6e 74 4e 6f 64 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 2c 61 2c 73 2c 75 2c 6c 3d 79 21 3d 3d 6d 3f 22 6e 65 78 74 53 69 62 6c 69 6e 67 22 3a 22 70 72 65 76 69 6f 75 73 53 69 62 6c 69 6e 67 22 2c 63 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 66 3d 78 26 26 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 70 3d 21 6e 26 26 21 78 2c 64 3d 21 31 3b 69 66 28 63 29 7b 69 66 28 79 29 7b 77 68 69 6c 65 28 6c 29 7b 61 3d 65 3b 77 68 69 6c 65 28 61 3d 61 5b 6c 5d 29 69 66 28 78 3f 61 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3d 3d 3d 66 3a 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 21 31 3b 75 3d 6c 3d 22 6f 6e 6c 79 22 3d 3d 3d 68 26 26 21 75 26 26
                                        Data Ascii: ntNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&
                                        2025-03-19 09:03:00 UTC16384INData Raw: 6c 3f 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 53 2e 72 65 61 64 79 29 3a 28 45 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 42 29 2c 43 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 42 29 29 3b 76 61 72 20 24 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 2c 6f 2c 61 29 7b 76 61 72 20 73 3d 30 2c 75 3d 65 2e 6c 65 6e 67 74 68 2c 6c 3d 6e 75 6c 6c 3d 3d 6e 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 3d 77 28 6e 29 29 66 6f 72 28 73 20 69 6e 20 69 3d 21 30 2c 6e 29 24 28 65 2c 74 2c 73 2c 6e 5b 73 5d 2c 21 30 2c 6f 2c 61 29 3b 65 6c 73 65 20 69 66 28 76 6f 69 64 20 30 21 3d 3d 72 26 26 28 69 3d 21 30 2c 6d 28 72 29 7c 7c 28 61 3d 21 30 29 2c 6c 26 26 28 61
                                        Data Ascii: l?C.setTimeout(S.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var $=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)$(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a
                                        2025-03-19 09:03:00 UTC16384INData Raw: 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7d 2c 6c 29 3a 62 28 75 2e 74 65 78 74 43 6f 6e 74 65 6e 74 2e 72 65 70 6c 61 63 65 28 6a 65 2c 22 22 29 2c 75 2c 6c 29 29 7d 72 65 74 75 72 6e 20 6e 7d 66 75 6e 63 74 69 6f 6e 20 52 65 28 65 2c 74 2c 6e 29 7b 66 6f 72 28 76 61 72 20 72 2c 69 3d 74 3f 53 2e 66 69 6c 74 65 72 28 74 2c 65 29 3a 65 2c 6f 3d 30 3b 6e 75 6c 6c 21 3d 28 72 3d 69 5b 6f 5d 29 3b 6f 2b 2b 29 6e 7c 7c 31 21 3d 3d 72 2e 6e 6f 64 65 54 79 70 65 7c 7c 53 2e 63 6c 65 61 6e 44 61 74 61 28 76 65 28 72 29 29 2c 72 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 28 6e 26 26 69 65 28 72 29 26 26 79 65 28 76 65 28 72 2c 22 73 63 72 69 70 74 22 29 29 2c 72 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 72 29 29 3b 72 65 74 75 72 6e 20
                                        Data Ascii: ibute("nonce")},l):b(u.textContent.replace(je,""),u,l))}return n}function Re(e,t,n){for(var r,i=t?S.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||S.cleanData(ve(r)),r.parentNode&&(n&&ie(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return
                                        2025-03-19 09:03:00 UTC16384INData Raw: 70 65 65 64 73 5b 72 5d 7c 7c 72 2c 65 3d 65 7c 7c 22 66 78 22 2c 74 68 69 73 2e 71 75 65 75 65 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 65 2c 72 29 3b 74 2e 73 74 6f 70 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 43 2e 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 6e 29 7d 7d 29 7d 2c 72 74 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6e 70 75 74 22 29 2c 69 74 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 65 6c 65 63 74 22 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 6f 70 74 69 6f 6e 22 29 29 2c 72 74 2e 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 2c 79 2e 63 68 65 63 6b 4f 6e 3d 22 22 21 3d 3d 72 74 2e 76 61 6c 75 65 2c 79 2e 6f
                                        Data Ascii: peeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},rt=E.createElement("input"),it=E.createElement("select").appendChild(E.createElement("option")),rt.type="checkbox",y.checkOn=""!==rt.value,y.o


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        4192.168.2.549726104.18.161.1174436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC709OUTGET /64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.png HTTP/1.1
                                        Host: cdn.prod.website-files.com
                                        Connection: keep-alive
                                        sec-ch-ua-platform: "Windows"
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        Sec-Fetch-Site: cross-site
                                        Sec-Fetch-Mode: no-cors
                                        Sec-Fetch-Dest: image
                                        Sec-Fetch-Storage-Access: active
                                        Referer: https://metamaskelogines.webflow.io/
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC677INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:00 GMT
                                        Content-Type: image/png
                                        Content-Length: 2410
                                        Connection: close
                                        x-amz-id-2: q4CugPv+YsT0PeSWdLIlZ1AoApwlMNhvly8eL6L3lJq8VUMwUh/15nyuUvQ5A2DD3rVly5ktD6rr4rbOUXokb+qlqZVtvSHMWqMqRarnJLU=
                                        x-amz-request-id: P9CC3N5D807261F3
                                        Last-Modified: Fri, 11 Aug 2023 05:15:01 GMT
                                        ETag: "f9a6101a118b399a490852f753d2bb95"
                                        x-amz-server-side-encryption: AES256
                                        Cache-Control: max-age=31536000, must-revalidate
                                        x-amz-version-id: F02gy0t1z8CPn1s2OfCibLJAvstP69am
                                        CF-Cache-Status: HIT
                                        Age: 118178
                                        Accept-Ranges: bytes
                                        Access-Control-Allow-Origin: *
                                        Server: cloudflare
                                        CF-RAY: 922bcb4c3dbaa043-FRA
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC692INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 07 74 49 4d 45 07 e7 06 1c 04 37 08 cb cf 1c c7 00 00 08 35 49 44 41 54 58 c3 dd 97 7b 8c 55 d5 15 c6 7f 7b 9f 73 df 33 77 de 0f 67 18 66 64 86 20 30 4a c1 5a 11 89 38 2a 2d 51 63 34 3e d2 34 b1 ad 26 6d 6a ad 69 69 a2 36 96 a4 da 9a 86 16 ff 6a 49 ab 18 8d 7d 84 c6 58 ac 45 ad 42 ac f2 b4 80 52 a1 8a c8 38 38 8e cc 0c 0c cc 9d b9 73 df 8f b3 f7 ea 1f 77 5e 17 68 52 db c4 26 dd c9 4d 6e ee d9 6b ad ef 7c
                                        Data Ascii: PNGIHDR szz cHRMz&u0`:pQ<bKGDpHYs+tIME75IDATX{U{s3wgfd 0JZ8*-Qc4>4&mjii6jI}XEBR88sw^hR&Mnk|
                                        2025-03-19 09:03:00 UTC1369INData Raw: c4 e8 29 7a ee fa aa d3 bb 6f fb 22 b1 c6 01 d0 0a 8a 16 f6 9d b0 9c 4e 2b 56 b6 3b 55 75 21 56 9b 5c 66 b5 8d 60 b4 1b 00 31 9a fc 84 02 30 02 5e 5a e1 a0 19 cd 69 f6 7c 6c e8 1f 17 50 a5 5c 93 f6 07 2d 97 fd ea 3b 37 47 b2 89 b1 e4 b4 09 1b e6 76 b1 7b f3 6f 4d 21 9b 39 8c 88 37 db 20 4a c1 f1 31 61 eb 51 8f de 98 60 c4 c1 88 eb a0 5d 07 ed 2a b4 0b da c5 88 8b 11 87 63 b1 d2 de 8f c6 05 a5 ca fb 5c 44 10 2b 07 bf bd f1 85 f4 bc a5 2b 66 ba c0 14 0b d4 cd a9 03 9c d3 40 e1 6c 57 6b 05 e3 39 d8 d6 67 d8 3b 60 48 e5 ca 13 2b 20 99 85 bd 03 86 ed 7d 86 78 6e d6 5b 97 ed 53 e4 52 a9 23 6b 2f ab b6 b7 ac 5d 3f 03 e0 de 5f bf 84 d8 22 8e ab de b3 c6 8c 9e af b5 b4 02 cf c2 81 41 c3 2b 1f 78 e4 bc 49 86 80 6c 11 fe f2 81 c7 81 41 8b 67 cf 5f bc c4 80 8d d5 34
                                        Data Ascii: )zo"N+V;Uu!V\f`10^Zi|lP\-;7Gv{oM!97 J1aQ`]*c\D++f@lWk9g;`H+ }xn[SR#k/]?_"A+xIlAg_4
                                        2025-03-19 09:03:00 UTC349INData Raw: 6a dd dc d2 b9 f0 d1 c4 a1 57 3e 34 5b d7 d2 fa b3 21 92 bb 36 55 e5 de df b6 d0 1b ed 6f 51 c1 9a 9d 52 c8 c6 2e 78 e8 cd 69 f0 65 00 8e df 3a d9 9b 11 08 2e bc 8c ca 9e ef 91 79 e7 79 7a ef d9 42 f3 bb 07 68 68 ed 20 5a d3 e0 1f 38 7a e8 92 b1 91 c1 5a d7 1f 88 20 12 46 a9 f6 86 d6 0b e3 cd ed 5d 4f 27 e3 b1 5c fc cc 49 da e6 77 93 de ff 3b 74 b4 95 c4 6b 1b 48 ed 7c 95 e2 49 10 03 8b f6 f3 9f 2d 63 0c 22 c2 91 fd 3b 58 0e 88 88 16 11 fd c4 0f ef e6 d8 c1 3d 88 08 d6 da 4f 95 f3 53 df bd ce be e7 9d 93 50 7d 26 d7 cd ff a3 f5 4f 09 bc cd 6e d4 38 5e e7 00 00 00 25 74 45 58 74 64 61 74 65 3a 63 72 65 61 74 65 00 32 30 32 33 2d 30 36 2d 32 38 54 30 34 3a 35 34 3a 35 38 2b 30 30 3a 30 30 cc 1d e9 84 00 00 00 25 74 45 58 74 64 61 74 65 3a 6d 6f 64 69 66 79
                                        Data Ascii: jW>4[!6UoQR.xie:.yyzBhh Z8zZ F]O'\Iw;tkH|I-c";X=OSP}&On8^%tEXtdate:create2023-06-28T04:54:58+00:00%tEXtdate:modify


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        5192.168.2.549727104.18.161.1174436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC713OUTGET /64d5c1800faad7036642a10a/64d5c1e3ea74032b95521107_Metamask-Login-banner.png HTTP/1.1
                                        Host: cdn.prod.website-files.com
                                        Connection: keep-alive
                                        sec-ch-ua-platform: "Windows"
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                        sec-ch-ua-mobile: ?0
                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        Sec-Fetch-Site: cross-site
                                        Sec-Fetch-Mode: no-cors
                                        Sec-Fetch-Dest: image
                                        Sec-Fetch-Storage-Access: active
                                        Referer: https://metamaskelogines.webflow.io/
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC689INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:00 GMT
                                        Content-Type: image/png
                                        Content-Length: 173308
                                        Connection: close
                                        x-amz-id-2: K9bL6wEZ/BHV8aiy+IWLvab0Ngy7Ro5bVoXyEK+7u2P4iVNhdjYAlQqjvpEyqwXrSd5PK81gu6w=
                                        x-amz-request-id: P9CDJTHF9DWY9MV5
                                        Last-Modified: Fri, 11 Aug 2023 05:06:45 GMT
                                        ETag: "815f66583754c458bd1d800d1ef6d17b"
                                        x-amz-storage-class: INTELLIGENT_TIERING
                                        x-amz-server-side-encryption: AES256
                                        Cache-Control: max-age=31536000, must-revalidate
                                        x-amz-version-id: 4jD39W0BHegqWug1ca_RIzFynLgD3tJk
                                        CF-Cache-Status: HIT
                                        Age: 118176
                                        Accept-Ranges: bytes
                                        Access-Control-Allow-Origin: *
                                        Server: cloudflare
                                        CF-RAY: 922bcb4c3b14d345-FRA
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC680INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 05 81 00 00 02 d1 08 02 00 00 00 82 84 fb 9b 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 ff a5 49 44 41 54 78 5e ec fd 07 78 55 d5 f6 ef 8d ff 9f e7 be bf e7 b9 ef 3d f7 fd dd 8b 74 08 81 90 84 de 49 80 40 48 42 42 12 4a 42 20 84 96 10 7a af a1 85 2e 4d 45 8f 80 15 39 7a d0 e3 c1 02 7a 8e 8a 58 b1 20 62 3f 2a 0a 88 28 4a 15 15 41 a4 48 4f fb 8f 39 c7 58 6b cf bd 76 c9 0e 90 4d 80 ef e7 19 4e 57 99 6b ed b5 e6 5c 8b ec f1 dd 63 8e f9 ff bb 0d 00 00 00 00 00 00 00 00 00 a0 fc 81 06 01 00 00 00 00 00 00 00 00 80 60 00 0d 02 00 00 00 00 00 00 00 00 00 c1 00 1a 04 00 00 00 00 00 00 00 00 00 82 01
                                        Data Ascii: PNGIHDRsRGBgAMAapHYsodIDATx^xU=tI@HBBJB z.ME9zzX b?*(JAHO9XkvMNWk\c`
                                        2025-03-19 09:03:00 UTC1369INData Raw: 86 a6 b7 a8 1e 51 fb ca c7 68 d4 a8 5a b9 45 bd aa 33 ba d4 fe d7 e0 b0 03 f9 0d 5e 1f 16 36 4b 7f 0a d9 8c d8 5a 0d 6a 43 83 00 00 00 00 40 c5 e2 bf 9b 75 f9 4b ca f4 ff 39 f8 d1 ff 9a f4 c6 ff 33 fb f3 ff b1 60 f7 ff 58 f8 2d ac 0c b6 60 37 b5 1b b5 1e b5 21 b5 24 b5 a7 b4 2c 00 e0 46 00 1a 04 08 06 75 aa 57 1e df a1 26 4b 03 6c 73 13 6a 7f 34 36 ec 70 7e e4 a1 fc c8 b7 47 86 dd d9 3d 24 b6 41 35 aa 26 07 04 40 a3 3a 55 72 db d7 7c 62 40 bd ed 53 22 0e cd 6e f0 fd 8c c8 87 33 42 67 76 76 7d 04 59 4a e3 6a 52 1b 00 00 00 00 e0 ba f2 7f c3 5a fc af b4 f9 ff 35 ed 7d a7 47 0d bb 6a a3 56 a5 b6 a5 16 96 b6 06 00 54 60 a0 41 80 60 c0 03 31 1c 36 a3 73 ad 67 06 d4 fd 71 46 c4 e1 fc 48 32 5a 78 29 37 6c 7a 42 ed 8c 56 d5 5a d7 af e2 cb 92 9a 54 eb d3 a6 fa ca
                                        Data Ascii: QhZE3^6KZjC@uK93`X-`7!$,FuW&Klsj46p~G=$A5&@:Ur|b@S"n3Bgvv}YJjRZ5}GjVT`A`16sgqFH2Zx)7lzBVZT
                                        2025-03-19 09:03:00 UTC1369INData Raw: b7 aa 21 57 10 30 0e 0d 62 fd fa f5 b4 b1 72 e5 ca bf ff fe bb 6c d2 94 1a 07 d1 a0 41 03 d9 54 76 b6 6c d9 c2 27 69 d6 ac 99 6c f2 cb 8a 15 2b b8 be 7d f1 21 21 21 b2 cf 07 0e ad 61 e5 ca 95 b4 b1 6e dd ba e6 78 13 a2 54 0d 62 da b4 69 5c f3 95 57 5e e1 05 5f 22 02 d3 b5 6b 57 ae f6 e9 a7 9f ca 26 cd c2 85 0b 79 fb cc 99 33 65 93 3b 9e 1a 04 b5 f0 be 7d fb 78 23 04 08 00 00 00 15 81 ff 1b d6 c2 e1 fa c2 2a 8e 51 ef 48 3f 05 85 45 dd ab d9 02 41 b9 da a5 57 f2 94 f4 e0 03 da 45 15 b8 26 5d 92 5c 1c 00 d7 15 68 10 20 18 54 af 72 5b 5a d3 6a 0e 81 c0 d3 66 74 ae f5 78 a6 cc d0 f9 cb dc 08 87 06 71 60 4e bd 9f f2 23 69 d7 57 93 c2 17 24 96 3e 28 63 7c 87 9a 4d 43 ae 3c 0e e2 b3 cf 3e a3 f2 8f 3f fe a0 8d 29 29 29 e6 46 62 f0 e0 c1 5c df c1 75 d1 20 be fc f2
                                        Data Ascii: !W0brlATvl'il+}!!!anxTbi\W^_"kW&y3e;}x#*QH?EAWE&]\h Tr[Zjftxq`N#iW$>(c|MC<>?)))Fb\u
                                        2025-03-19 09:03:00 UTC1369INData Raw: 78 c5 57 16 09 07 65 d2 20 8e 1c 51 7f 81 de 79 e7 1d 5e b5 07 3b 4c 9f ee ef af ac 9d 93 b2 61 c3 86 f6 a8 13 82 e7 e9 0c 50 83 e0 ec 18 df 7e fb 2d af 36 68 d0 80 8f 5a b1 62 05 6f f1 45 ef de bd 79 e0 06 73 ea d4 a9 d9 b3 67 cb 3e 1f d8 63 31 18 fb 43 41 c5 47 6b 10 01 3a c0 81 e2 df 37 0e 02 19 a3 c7 24 c8 a2 83 8c 31 a3 7d ec 09 2e 0e 2f 4e ad 96 bd 17 fc b7 73 69 8e e2 80 31 a3 bd 4c 03 a4 c8 1e 33 a6 ad 2c 5e 4f b4 06 f1 fd 33 b2 46 37 a4 f4 97 5b 40 86 b8 e1 9e de 1b 88 ff 39 f8 51 87 c7 7b cd cd a9 41 28 53 ba 40 c9 f1 93 c6 96 f2 b3 1b 5e 83 a0 3e 92 de 2a 37 bc a6 a2 bc f0 60 54 d1 6f bb 2f 3c d4 4e ad de db e0 fc 3d e1 6a e3 43 ed 8a 7e dd 49 bb ec 6a 81 db a5 57 24 29 78 59 e1 99 32 90 9c 12 5c 5f a0 41 80 e0 d1 a8 4e e5 3d b3 ea d8 9a 02 db
                                        Data Ascii: xWe Qy^;LaP~-6hZboEysg>c1CAGk:7$1}./Nsi1L3,^O3F7[@9Q{A(S@^>*7`To/<N=jC~IjW$)xY2\_AN=
                                        2025-03-19 09:03:00 UTC1369INData Raw: b7 c3 e3 bd e6 e6 43 83 d0 31 05 da a5 57 15 1c e3 32 94 ff cf d2 80 43 68 28 3c 69 0b 0a a6 d0 a0 f5 02 1f b1 0f c6 b2 12 0e 5c 02 84 63 af e7 65 cc da 5f 68 7f 84 5a 76 dc 85 f3 43 cb cd 16 ec 96 de 2a 37 ce 7a cc 88 71 e9 d5 99 97 df 59 76 fe ae 3a 25 97 ce aa e7 ce a2 f8 ec b1 f3 77 85 5e 7e f7 8e 4b af ce 70 1c 52 aa 95 14 49 a0 6e 99 29 2a a4 c3 e9 22 e5 72 01 b8 1e 40 83 00 41 a2 41 48 e5 cf a6 38 07 62 b0 7d 37 a3 de fb 23 22 6c 19 e2 e3 61 8d 3e 1c da e8 ab d1 0d 0f b9 6b 10 bb a6 86 d3 de f5 fd 1a 7f 34 b4 21 d7 fc cf c8 86 df 4c 0d df e7 3e 64 c3 b6 d9 5d ab cb 67 97 05 87 06 e1 a0 a2 69 10 e7 ce 9d a3 6a 87 0e 1d 92 c1 1e 16 7c f8 5d 77 dd 25 f5 3c 70 68 10 0e 02 d1 20 f6 ef df 4f 15 7e fb ed 37 f9 48 0b 3e f0 c9 27 9f 94 7a 81 11 1f 1f cf 07
                                        Data Ascii: C1W2Ch(<i\ce_hZvC*7zqYv:%w^~KpRIn)*"r@AAH8b}7#"la>k4!L>d]gij|]w%<ph O~7H>'z
                                        2025-03-19 09:03:00 UTC1369INData Raw: aa 41 10 b6 0c 71 fe fc 79 3f f9 2f c0 75 c4 bb 06 e1 cd 9d e0 68 73 c2 d3 19 d0 27 71 39 0c ce 0a 0e b7 4d 3b 78 d6 c9 1d 1a 84 37 f7 66 fe 42 b7 55 8d 8f cb f6 44 4d 00 51 21 66 79 70 c7 cb 6d ba 5a c9 d1 f8 da 7f b3 2a 9b 6d 6b 2c 1b ee 9c e0 76 94 7f f4 5c 0c 15 62 c2 05 37 4c 21 80 d0 32 84 d5 2c fe 9e 4f 13 bb 9d bd 28 32 86 97 eb 7c 9c f4 67 f9 70 8f bd 34 f5 42 f3 c9 77 7e ca ad f1 f4 6a fc dc be 97 f6 f7 d7 c8 5e b6 18 4f fb 95 73 1d e6 e6 d4 31 0e 5e b6 d8 fe bf 5e 35 43 12 d4 19 8c 0a 5a 1a 70 3f 43 80 1a 84 9c ca 25 43 e8 55 eb 40 c7 e7 6a 89 c1 a8 ac a4 10 c7 45 12 41 d0 20 ae db dc 9c 0f b4 d1 73 73 46 ab d5 bb c3 94 d9 73 73 3e d0 da ae 16 b8 61 6e 4e 70 43 03 0d 02 04 83 a4 a6 55 4f 2f 71 0a 04 0e fb 21 df 4d 50 d8 33 33 f4 80 bb 06 b1 3f
                                        Data Ascii: Aqy?/uhs'q9M;x7fBUDMQ!fypmZ*mk,v\b7L!2,O(2|gp4Bw~j^Os1^^5CZp?C%CU@jEA ssFss>anNpCUO/q!MP33?
                                        2025-03-19 09:03:00 UTC1369INData Raw: 00 00 80 6b ce ff 4a 9b ef f0 7b 61 15 c7 a8 77 a4 9f ca 9f 49 09 5e b2 42 94 87 05 28 43 b0 00 41 46 17 26 97 08 c0 f5 03 1a 04 08 06 b5 aa 55 de 90 5d cf 21 10 b0 ed 9a 14 f9 c9 b0 86 5f 8c 68 f4 66 76 e4 c1 59 6a cb 4f b3 23 3e 9e 58 f7 a7 f9 75 3f 9b 5a e7 b3 29 75 3e d5 f6 ed ac 3a 3b a6 87 fe b2 20 f4 50 7e 7d 3e f0 a3 51 a2 41 bc 3b 44 0e f4 b4 3e ad ca 9c 93 12 00 00 00 00 e0 ca f8 bf 61 2d 1c 7e 2f ac e2 18 f5 8e f4 53 50 f0 9a 9c b2 3c ec d2 2b 79 7e 72 43 d0 2e 1e 82 41 86 54 94 a0 82 00 0d 02 04 89 fc c4 da 0e 81 c0 b6 f7 86 45 2a 0d 22 27 f2 90 96 12 0e cd 6d 7a 60 69 fc f2 61 f1 2d ea 57 6f 6e 58 cb c8 90 37 17 a4 1f 58 18 cd 47 ed 98 a4 34 88 f7 87 34 f8 21 cf 75 2a d3 3e 1d 1f de b8 4e 99 e7 e6 04 00 00 00 00 b8 62 fe df 3e 77 3a 5c 5f 58
                                        Data Ascii: kJ{awI^B(CAF&U]!_hfvYjO#>Xu?Z)u>:; P~}>QA;D>a-~/SP<+y~rC.ATE*"'mz`ia-WonX7XG44!u*>Nb>w:\_X
                                        2025-03-19 09:03:00 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 08 06 d0 20 00 00 00 00 00 00 00 00 00 10 0c a0 41 00 00 00 00 00 00 00 00 00 20 18 40 83 00 00 00 00 00 00 00 00 00 40 30 80 06 01 00 00 00 00 00 00 00 00 80 60 00 0d 02 00 00 00 00 00 00 00 00 00 c1 00 1a 04 00 00 00 00 00 00 00 00 00 82 01 34 08 00 00 00 00 00 00 00 00 00 04 03 68 10 00 00 00 00 00 00 00 00 00 08 06 d0 20 00 00 00 00 00 00 00 00 00 10 0c a0 41 00 00 00 00 00 00 00 00 00 20 18 40 83 00 00 00 00 00 00 00 00 00 40 30 80 06 01 00 00 00 00 00 00 00 00 80 60 00 0d 02 00 00 00 00 00 00 00 00 00 c1 00 1a 04 00 00 00 00 00 00 00 00 00 82 01 34 08 00 00 00 00 00 00 00 00 00 04 03 68 10 00 00 00 00 00 00 00 00 00 08 06 d0 20 00 00 00 00 00 00 00 00 00 10 0c a0 41 00 00 00 00 00 00 00 00 00 20 18 40 83 00 00 00 00 00 00
                                        Data Ascii: A @@0`4h A @@0`4h A @
                                        2025-03-19 09:03:00 UTC1369INData Raw: b8 45 e9 d1 a3 c7 6b af bd 26 42 c2 55 f3 d5 57 5f 8d 1e 3d 5a 4e 0d 00 00 c0 1b d0 20 00 00 00 00 00 c0 ad c8 90 21 43 b6 6f df 2e fa c1 35 e2 d8 b1 63 73 e7 ce 95 0f 00 00 00 e0 01 34 08 00 00 00 00 00 70 cb 91 93 93 f3 ed b7 df 8a 72 70 4d 39 7b f6 ec bc 79 f3 e4 63 00 00 00 b8 03 0d 02 00 00 00 00 00 dc 5a 64 64 64 94 29 02 a2 e8 fc 81 8b 07 1f 92 95 00 38 71 e2 c4 e4 c9 93 e5 c3 00 00 00 18 40 83 00 00 00 00 00 00 b7 10 4d 9a 34 29 53 0e 88 a2 f3 87 ce 6c 8d 3c b5 f9 2f 17 0f dc 2f 9b 02 60 cf 9e 3d 69 69 69 f2 91 00 00 00 2c a0 41 00 00 00 00 00 80 5b 88 95 2b 57 8a 4e 10 00 b6 00 c1 56 26 19 62 e3 c6 8d 11 11 11 f2 a9 00 00 00 34 d0 20 00 00 00 00 00 c0 ad 42 56 56 d6 89 13 27 44 24 28 0d 87 00 71 05 32 c4 9c 39 73 e4 83 01 00 00 68 a0 41 00 00 00
                                        Data Ascii: Ek&BUW_=ZN !Co.5cs4prpM9{ycZddd)8q@M4)Sl<//`=iii,A[+WNV&b4 BVV'D$(q29shA
                                        2025-03-19 09:03:00 UTC1369INData Raw: 59 02 00 80 1b 16 68 10 00 00 00 00 00 e0 66 a3 6e db 19 b5 9b 0c e1 65 f6 ff db b6 6d 7b fc f8 71 51 05 7c 53 f0 fb bb a7 de fa bf a6 ca 70 66 5b b3 a2 8b 3f d3 ae 8b 07 ee 37 b7 93 9d fd 22 dd cf 10 0c 9b a1 43 87 f2 35 f0 f5 5c 19 55 aa 85 46 74 f9 87 ac 00 00 c0 0d 0b 34 08 00 00 00 00 00 70 c3 53 2f 7a ae 1d f8 40 54 ae 52 4b 96 2c 0d 82 58 bf 7e bd a8 02 7e 29 38 f6 c6 a9 b7 fe 8f a9 35 9c f9 a0 d9 85 ef e7 9b 5b c8 ce 7e 99 19 88 00 b1 73 e7 ce c6 8d 1b f3 05 c8 05 5d 29 95 ab d7 95 25 4d dd b6 33 ab d4 68 20 2b 00 00 70 83 00 0d 02 00 00 00 00 00 dc e8 54 ae 11 91 5a b9 7a 98 ac b9 c3 fe 3f 31 62 c4 08 11 06 4a c3 33 1a c2 61 01 46 40 10 2b 56 ac 90 8f bf 6a 0d c2 8d ca 55 ea b4 18 57 a5 46 84 ac 02 00 c0 0d 02 34 08 00 00 00 00 00 70 e3 51 ab 41
                                        Data Ascii: Yhfnem{qQ|Spf[?7"C5\UFt4pS/z@TRK,X~~)85[~s])%M3h +pTZz?1bJ3aF@+VjUWF4pQA


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        6192.168.2.549729104.18.160.1174436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:00 UTC461OUTGET /64d5c1800faad7036642a10a/64d5c3d2bf0d6ee6999d30fb_metamask_favicon-.png HTTP/1.1
                                        Host: cdn.prod.website-files.com
                                        Connection: keep-alive
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        Accept: */*
                                        Sec-Fetch-Site: none
                                        Sec-Fetch-Mode: cors
                                        Sec-Fetch-Dest: empty
                                        Sec-Fetch-Storage-Access: active
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:00 UTC677INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:00 GMT
                                        Content-Type: image/png
                                        Content-Length: 2410
                                        Connection: close
                                        x-amz-id-2: q4CugPv+YsT0PeSWdLIlZ1AoApwlMNhvly8eL6L3lJq8VUMwUh/15nyuUvQ5A2DD3rVly5ktD6rr4rbOUXokb+qlqZVtvSHMWqMqRarnJLU=
                                        x-amz-request-id: P9CC3N5D807261F3
                                        Last-Modified: Fri, 11 Aug 2023 05:15:01 GMT
                                        ETag: "f9a6101a118b399a490852f753d2bb95"
                                        x-amz-server-side-encryption: AES256
                                        Cache-Control: max-age=31536000, must-revalidate
                                        x-amz-version-id: F02gy0t1z8CPn1s2OfCibLJAvstP69am
                                        CF-Cache-Status: HIT
                                        Age: 118178
                                        Accept-Ranges: bytes
                                        Access-Control-Allow-Origin: *
                                        Server: cloudflare
                                        CF-RAY: 922bcb4ceaa79bdc-FRA
                                        alt-svc: h3=":443"; ma=86400
                                        2025-03-19 09:03:00 UTC692INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 07 74 49 4d 45 07 e7 06 1c 04 37 08 cb cf 1c c7 00 00 08 35 49 44 41 54 58 c3 dd 97 7b 8c 55 d5 15 c6 7f 7b 9f 73 df 33 77 de 0f 67 18 66 64 86 20 30 4a c1 5a 11 89 38 2a 2d 51 63 34 3e d2 34 b1 ad 26 6d 6a ad 69 69 a2 36 96 a4 da 9a 86 16 ff 6a 49 ab 18 8d 7d 84 c6 58 ac 45 ad 42 ac f2 b4 80 52 a1 8a c8 38 38 8e cc 0c 0c cc 9d b9 73 df 8f b3 f7 ea 1f 77 5e 17 68 52 db c4 26 dd c9 4d 6e ee d9 6b ad ef 7c
                                        Data Ascii: PNGIHDR szz cHRMz&u0`:pQ<bKGDpHYs+tIME75IDATX{U{s3wgfd 0JZ8*-Qc4>4&mjii6jI}XEBR88sw^hR&Mnk|
                                        2025-03-19 09:03:00 UTC1369INData Raw: c4 e8 29 7a ee fa aa d3 bb 6f fb 22 b1 c6 01 d0 0a 8a 16 f6 9d b0 9c 4e 2b 56 b6 3b 55 75 21 56 9b 5c 66 b5 8d 60 b4 1b 00 31 9a fc 84 02 30 02 5e 5a e1 a0 19 cd 69 f6 7c 6c e8 1f 17 50 a5 5c 93 f6 07 2d 97 fd ea 3b 37 47 b2 89 b1 e4 b4 09 1b e6 76 b1 7b f3 6f 4d 21 9b 39 8c 88 37 db 20 4a c1 f1 31 61 eb 51 8f de 98 60 c4 c1 88 eb a0 5d 07 ed 2a b4 0b da c5 88 8b 11 87 63 b1 d2 de 8f c6 05 a5 ca fb 5c 44 10 2b 07 bf bd f1 85 f4 bc a5 2b 66 ba c0 14 0b d4 cd a9 03 9c d3 40 e1 6c 57 6b 05 e3 39 d8 d6 67 d8 3b 60 48 e5 ca 13 2b 20 99 85 bd 03 86 ed 7d 86 78 6e d6 5b 97 ed 53 e4 52 a9 23 6b 2f ab b6 b7 ac 5d 3f 03 e0 de 5f bf 84 d8 22 8e ab de b3 c6 8c 9e af b5 b4 02 cf c2 81 41 c3 2b 1f 78 e4 bc 49 86 80 6c 11 fe f2 81 c7 81 41 8b 67 cf 5f bc c4 80 8d d5 34
                                        Data Ascii: )zo"N+V;Uu!V\f`10^Zi|lP\-;7Gv{oM!97 J1aQ`]*c\D++f@lWk9g;`H+ }xn[SR#k/]?_"A+xIlAg_4
                                        2025-03-19 09:03:00 UTC349INData Raw: 6a dd dc d2 b9 f0 d1 c4 a1 57 3e 34 5b d7 d2 fa b3 21 92 bb 36 55 e5 de df b6 d0 1b ed 6f 51 c1 9a 9d 52 c8 c6 2e 78 e8 cd 69 f0 65 00 8e df 3a d9 9b 11 08 2e bc 8c ca 9e ef 91 79 e7 79 7a ef d9 42 f3 bb 07 68 68 ed 20 5a d3 e0 1f 38 7a e8 92 b1 91 c1 5a d7 1f 88 20 12 46 a9 f6 86 d6 0b e3 cd ed 5d 4f 27 e3 b1 5c fc cc 49 da e6 77 93 de ff 3b 74 b4 95 c4 6b 1b 48 ed 7c 95 e2 49 10 03 8b f6 f3 9f 2d 63 0c 22 c2 91 fd 3b 58 0e 88 88 16 11 fd c4 0f ef e6 d8 c1 3d 88 08 d6 da 4f 95 f3 53 df bd ce be e7 9d 93 50 7d 26 d7 cd ff a3 f5 4f 09 bc cd 6e d4 38 5e e7 00 00 00 25 74 45 58 74 64 61 74 65 3a 63 72 65 61 74 65 00 32 30 32 33 2d 30 36 2d 32 38 54 30 34 3a 35 34 3a 35 38 2b 30 30 3a 30 30 cc 1d e9 84 00 00 00 25 74 45 58 74 64 61 74 65 3a 6d 6f 64 69 66 79
                                        Data Ascii: jW>4[!6UoQR.xie:.yyzBhh Z8zZ F]O'\Iw;tkH|I-c";X=OSP}&On8^%tEXtdate:create2023-06-28T04:54:58+00:00%tEXtdate:modify


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        7192.168.2.549717142.250.186.1644436292C:\Program Files\Google\Chrome\Application\chrome.exe
                                        TimestampBytes transferredDirectionData
                                        2025-03-19 09:03:03 UTC579OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1
                                        Host: www.google.com
                                        Connection: keep-alive
                                        X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlqHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCLHezgEI0uDOAQiv5M4BCOLkzgEIhOXOAQiL5c4B
                                        Sec-Fetch-Site: none
                                        Sec-Fetch-Mode: no-cors
                                        Sec-Fetch-Dest: empty
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                        Accept-Encoding: gzip, deflate, br, zstd
                                        Accept-Language: en-US,en;q=0.9
                                        2025-03-19 09:03:03 UTC1303INHTTP/1.1 200 OK
                                        Date: Wed, 19 Mar 2025 09:03:03 GMT
                                        Pragma: no-cache
                                        Expires: -1
                                        Cache-Control: no-cache, must-revalidate
                                        Content-Type: text/javascript; charset=UTF-8
                                        Strict-Transport-Security: max-age=31536000
                                        Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-3xjCbPU7YHwwqX476K-YDg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                        Accept-CH: Sec-CH-Prefers-Color-Scheme
                                        Accept-CH: Downlink
                                        Accept-CH: RTT
                                        Accept-CH: Sec-CH-UA-Form-Factors
                                        Accept-CH: Sec-CH-UA-Platform
                                        Accept-CH: Sec-CH-UA-Platform-Version
                                        Accept-CH: Sec-CH-UA-Full-Version
                                        Accept-CH: Sec-CH-UA-Arch
                                        Accept-CH: Sec-CH-UA-Model
                                        Accept-CH: Sec-CH-UA-Bitness
                                        Accept-CH: Sec-CH-UA-Full-Version-List
                                        Accept-CH: Sec-CH-UA-WoW64
                                        Permissions-Policy: unload=()
                                        Content-Disposition: attachment; filename="f.txt"
                                        Server: gws
                                        X-XSS-Protection: 0
                                        X-Frame-Options: SAMEORIGIN
                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                        Accept-Ranges: none
                                        Vary: Accept-Encoding
                                        Connection: close
                                        Transfer-Encoding: chunked
                                        2025-03-19 09:03:03 UTC75INData Raw: 65 31 62 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 6b 6f 6e 6e 79 20 72 65 69 6d 61 6e 6e 73 22 2c 22 61 6c 74 65 20 70 75 70 70 65 6e 66 61 62 72 69 6b 20 6e 6f 73 73 65 6e 22 2c 22 6b c3 b6 6c 6e 65 72 20 68 61 69 65 20 66 69
                                        Data Ascii: e1b)]}'["",["konny reimanns","alte puppenfabrik nossen","klner haie fi
                                        2025-03-19 09:03:03 UTC1378INData Raw: 73 63 68 74 6f 77 6e 20 70 69 6e 67 75 69 6e 73 22 2c 22 70 73 20 70 6c 75 73 20 73 70 69 65 6c 65 22 2c 22 78 72 70 20 73 65 63 22 2c 22 63 72 65 65 64 20 73 68 61 64 6f 77 73 20 74 65 73 74 22 2c 22 67 6f 6c 64 70 72 65 69 73 20 6e 65 77 73 22 2c 22 65 72 64 67 61 73 73 70 65 69 63 68 65 72 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 69 41 49 6b 6b 34 53 47 77 6f 58 56 48 4a 6c 62 6d 52 7a 49 47 4a 6c 61 53 42 54 64 57 4e 6f 59 57 35 6d 63 6d 46 6e 5a 57 34 6f 43 67 5c 75 30 30 33 64 5c 75 30 30 33
                                        Data Ascii: schtown pinguins","ps plus spiele","xrp sec","creed shadows test","goldpreis news","erdgasspeicher"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"CiAIkk4SGwoXVHJlbmRzIGJlaSBTdWNoYW5mcmFnZW4oCg\u003d\u003
                                        2025-03-19 09:03:03 UTC1378INData Raw: 52 75 52 30 70 55 56 48 46 50 62 31 67 79 51 6b 39 47 4e 32 78 59 53 46 64 61 4d 44 6c 5a 61 6c 70 34 4d 6c 5a 55 55 30 35 7a 4e 33 42 47 62 32 74 71 4c 30 56 4d 52 33 68 49 5a 55 78 59 4e 32 70 6d 57 58 4e 4d 56 55 70 42 63 46 56 6f 64 7a 46 70 52 31 68 72 59 6d 70 75 61 47 6c 68 57 58 52 35 4d 54 4a 6a 4d 6a 68 4c 4e 57 4a 4d 4b 32 74 5a 53 33 6c 78 63 44 56 72 61 47 70 6a 54 6b 55 33 53 31 5a 57 62 6b 63 30 4e 54 67 72 56 30 77 76 55 44 5a 77 63 48 46 6e 64 33 46 34 4d 45 78 36 4f 46 52 70 4d 7a 52 6e 65 6e 56 6d 54 30 31 77 62 7a 68 36 62 56 4a 68 5a 57 78 54 55 57 6c 43 52 6b 5a 6e 65 46 42 78 4c 31 46 49 52 6b 4a 46 62 33 46 61 62 6d 52 36 4e 6d 35 4f 61 6d 6c 6c 4b 32 46 49 4e 47 34 34 55 33 5a 77 63 57 46 68 64 57 35 4e 59 31 70 4c 55 6b 77 33 56
                                        Data Ascii: RuR0pUVHFPb1gyQk9GN2xYSFdaMDlZalp4MlZUU05zN3BGb2tqL0VMR3hIZUxYN2pmWXNMVUpBcFVodzFpR1hrYmpuaGlhWXR5MTJjMjhLNWJMK2tZS3lxcDVraGpjTkU3S1ZWbkc0NTgrV0wvUDZwcHFnd3F4MEx6OFRpMzRnenVmT01wbzh6bVJhZWxTUWlCRkZneFBxL1FIRkJFb3FabmR6Nm5OamllK2FING44U3ZwcWFhdW5NY1pLUkw3V
                                        2025-03-19 09:03:03 UTC787INData Raw: 54 46 68 52 4e 6c 59 34 4b 7a 68 6c 52 30 49 79 55 32 6c 73 63 44 55 7a 61 57 35 53 62 7a 56 47 54 6d 35 56 63 6e 42 4a 55 47 70 71 4d 56 6b 35 63 6a 6c 4e 51 6b 68 71 53 6d 52 74 4d 7a 56 4d 5a 6c 4e 45 4e 32 67 76 4d 47 39 61 64 46 4e 35 54 57 31 6a 55 6e 42 74 52 56 52 4e 56 7a 46 70 4d 47 4e 70 57 44 5a 44 4d 33 46 72 5a 55 5a 32 55 45 52 4b 4e 46 6f 30 64 33 6c 6d 55 48 64 46 63 44 55 72 65 48 46 69 62 54 42 46 4f 57 78 6a 4b 7a 64 6c 65 44 59 34 64 44 68 6a 4b 7a 5a 6b 53 79 74 6b 61 6d 70 48 55 31 55 32 61 45 64 32 54 48 49 30 4e 47 55 34 59 33 4e 75 56 6e 52 49 4c 79 39 61 4f 67 31 4c 62 32 35 75 65 53 42 53 5a 57 6c 74 59 57 35 75 53 67 63 6a 4d 6a 41 30 4d 7a 63 31 55 6a 31 6e 63 31 39 7a 63 33 41 39 5a 55 70 36 61 6a 52 30 52 6c 41 78 65 6d 4d
                                        Data Ascii: TFhRNlY4KzhlR0IyU2lscDUzaW5SbzVGTm5VcnBJUGpqMVk5cjlNQkhqSmRtMzVMZlNEN2gvMG9adFN5TW1jUnBtRVRNVzFpMGNpWDZDM3FrZUZ2UERKNFo0d3lmUHdFcDUreHFibTBFOWxjKzdleDY4dDhjKzZkSytkampHU1U2aEd2THI0NGU4Y3NuVnRILy9aOg1Lb25ueSBSZWltYW5uSgcjMjA0Mzc1Uj1nc19zc3A9ZUp6ajR0RlAxemM
                                        2025-03-19 09:03:03 UTC5INData Raw: 30 0d 0a 0d 0a
                                        Data Ascii: 0


                                        Statistics

                                        CPU Usage

                                        020406080s020406080100

                                        Click to jump to process

                                        Memory Usage

                                        020406080s0.0050100MB

                                        Click to jump to process

                                        Behavior

                                        Click to jump to process

                                        System Behavior

                                        General

                                        Target ID:4
                                        Start time:05:02:46
                                        Start date:19/03/2025
                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                        Imagebase:0x7ff606830000
                                        File size:3'388'000 bytes
                                        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:false
                                        Show Windows behavior

                                        File Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        Show Windows behavior

                                        COM Activities

                                        Show Windows behavior

                                        Process Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        Show Windows behavior

                                        Memory Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        Show Windows behavior

                                        Process Token Activities


                                        General

                                        Target ID:5
                                        Start time:05:02:52
                                        Start date:19/03/2025
                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2024 /prefetch:3
                                        Imagebase:0x7ff606830000
                                        File size:3'388'000 bytes
                                        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:false
                                        Show Windows behavior

                                        File Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        Show Windows behavior

                                        Memory Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                        General

                                        Target ID:8
                                        Start time:05:02:55
                                        Start date:19/03/2025
                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1996,i,5993580300498680488,7072494285391065197,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5100 /prefetch:8
                                        Imagebase:0x7ff606830000
                                        File size:3'388'000 bytes
                                        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:false
                                        Show Windows behavior

                                        File Activities

                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        Show Windows behavior

                                        Memory Activities


                                        General

                                        Target ID:11
                                        Start time:05:02:58
                                        Start date:19/03/2025
                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://metamaskelogines.webflow.io/"
                                        Imagebase:0x7ff606830000
                                        File size:3'388'000 bytes
                                        MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true
                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                        There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                        Disassembly

                                        No disassembly