Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893

Overview

General Information

Sample URL:https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893
Analysis ID:1672169
Infos:

Detection

Score:0
Range:0 - 100
Confidence:80%

Signatures

No high impact signatures.

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 5044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2352,i,4867387030820698784,10106712663675780583,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2380 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6784 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.4:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.2.132:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.2.132:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 131.253.33.254:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893 HTTP/1.1Host: cdn.glitch.globalConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cdn.glitch.globalConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cdn.glitch.global
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: closex-amz-request-id: QPWQAXFTV4N4JD93x-amz-id-2: RfT2qnWm52ib4iWHWi5gtnHXPDTxvBkz3PwWgjtbUKqy5DvxXd3Rp0QkdgC0Ng1ZKMMxa/G0tjE=Content-Type: application/xmlServer: AmazonS3Accept-Ranges: bytesVia: 1.1 varnish, 1.1 varnishAccess-Control-Allow-Methods: GET, HEAD, POSTAccess-Control-Allow-Origin: *Content-Security-Policy: script-src 'none'Date: Wed, 23 Apr 2025 14:38:06 GMTX-Served-By: cache-iad-kcgs7200024-IAD, cache-bur-kbur8200133-BURX-Cache: MISS, MISSX-Cache-Hits: 0, 0X-Timer: S1745419086.919984,VS0,VE85transfer-encoding: chunked
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownHTTPS traffic detected: 192.178.49.196:443 -> 192.168.2.4:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.2.132:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 151.101.2.132:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 131.253.33.254:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: classification engineClassification label: clean0.win@21/4@4/3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2352,i,4867387030820698784,10106712663675780583,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2380 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2352,i,4867387030820698784,10106712663675780583,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2380 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1672169 URL: https://cdn.glitch.global/5... Startdate: 23/04/2025 Architecture: WINDOWS Score: 0 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49708 unknown unknown 5->13 10 chrome.exe 5->10         started        process4 dnsIp5 15 www.google.com 192.178.49.196, 443, 49722, 49736 GOOGLEUS United States 10->15 17 j.sni.global.fastly.net 151.101.2.132, 443, 49723, 49724 FASTLYUS United States 10->17 19 cdn.glitch.global 10->19

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=17406513228930%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
j.sni.global.fastly.net
151.101.2.132
truefalse
    		high
    www.google.com
    		192.178.49.196
    		truefalse
      		high
      cdn.glitch.global
      		unknown
      		unknownfalse
        		high

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://cdn.glitch.global/favicon.icofalse
          		high
          https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893false
            		high

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            192.178.49.196
            		www.google.comUnited States
            		15169GOOGLEUSfalse
            151.101.2.132
            		j.sni.global.fastly.netUnited States
            		54113FASTLYUSfalse

            Private

            IP
            192.168.2.4

            General Information

            Joe Sandbox version:42.0.0 Malachite
            Analysis ID:1672169
            Start date and time:2025-04-23 16:36:59 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 3m 11s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:20
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:CLEAN
            Classification:clean0.win@21/4@4/3
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 192.178.49.174, 192.178.49.195, 142.250.101.84, 142.250.69.14, 72.247.234.254, 199.232.214.172, 142.250.69.3, 184.29.183.29, 20.109.210.53
            • Excluded domains from analysis (whitelisted): a-ring-fallback.msedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, ocsp.digicert.com, update.googleapis.com, clients.l.google.com, c.pki.goog
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtOpenFile calls found.
            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
            • VT rate limit hit for: https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            Chrome Cache Entry: 48

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:PNG image data, 1617 x 811, 8-bit/color RGBA, non-interlaced
            Category:downloaded
            Size (bytes):461355
            Entropy (8bit):7.962361947881058
            Encrypted:false
            SSDEEP:12288:2Xvyyfgvi8kwShylHlUaFNjr4noQHOf4CDhUk99F:2Xvyyo68kZmHm34DhUkbF
            MD5:2E9215A3CC761CA920AD6215CF656C1F
            SHA1:A4AD74262320AB5C87C20FADEAEF700B52C999C5
            SHA-256:34C75F9885EE0FED8C39CD5437E50FA4D342E4FF99EF4F39550DAC16661A6D0A
            SHA-512:7537062594D541E4CA36B5D0C49851E9F2BE96F2D2DF2FA1EAB1F26F59CD328CCC65D7DBCA5A05AE179AB20314B4633C73D805BC6F5C82A7E1D92D65AEB40F90
            Malicious:false
            Reputation:low
            URL:https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893
            Preview:.PNG........IHDR...Q...+......k.O....sRGB.........gAMA......a.....pHYs...t...t..f.x....IDATx^...mK......#...@t...$.........!.d..B..$.|.|........HP.z.B..:Y.. ....DV....1l..Z{.s......6......?..i.nk.....?..}......`0.....`0.....`0.\...._..e0.....`0.....`0.......O......8Q...`0.....`0.....`0..........q.....`0.....`0.....`0.\.......D.....`0.....`0.....`0.....h.(..`0.....`0.....`0...Wx..`0.....`0.....`0.......8Q...`0.....`0.....`0....8Q...`0.....`0.....`0....8Q...`0.....`0.....`0.....?...U.....O.>ul0.....`0.....`.X.........O.._......~F.yB......`0.....`0.<..qBx.....q...?#.4..q9O>.B..`0.....`0.....7..Jp.(.....+>......e0.........D.?.:.....`0.....`0.|Cx..$r..=m...8Q:..._..2....'r....O~...~.....`0.....`0.....7.|$..........g..).D.`..a.(.....%r.|.p......p..w..-9.....`0.....`0........o.....s........<..4O..._..2...X..+'...n.O.........-9.....`0.....`0......._o.....q....<.3.H..q..._..v8.....u^....&..`0.....`0.....s...5......D..~&H.])..G1....`0.....`0.<6x_h;P.9.D..W.q...?

            Chrome Cache Entry: 49

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:XML 1.0 document, ASCII text
            Category:downloaded
            Size (bytes):243
            Entropy (8bit):5.588453384245264
            Encrypted:false
            SSDEEP:6:TMVBd/ZbZjZvKtWRVzj011uR1LbRgWPxTTVptan:TMHd9BZKtWRqCR1KQxfVa
            MD5:A1D1B119E09BB3A114C2F53547E347D3
            SHA1:D7008F7A1D81901FB7A7C580CFC411A53FBEE0F5
            SHA-256:7F847FB6798CB986808BD71DC99FA6190FCFE258EB1A6688006726D89086DCB9
            SHA-512:98582DE2757B814ED27FB2A00ABA7BFDC3C17B6F0483BCE9DA6B71983CF0C9A4ECBBC7B428E03BC7F369B4DBDA4FEA21778EA51ED3586DBCC04F6AB4487E7B46
            Malicious:false
            Reputation:low
            URL:https://cdn.glitch.global/favicon.ico
            Preview:<?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>QPWQAXFTV4N4JD93</RequestId><HostId>RfT2qnWm52ib4iWHWi5gtnHXPDTxvBkz3PwWgjtbUKqy5DvxXd3Rp0QkdgC0Ng1ZKMMxa/G0tjE=</HostId></Error>

            Static File Info

            No static file info

            Network Behavior

            Download Network PCAP: filteredfull

            Network Port Distribution

            • Total Packets: 120
            • 443 (HTTPS)
            • 80 (HTTP)
            • 53 (DNS)
            TimestampSource PortDest PortSource IPDest IP
            Apr 23, 2025 16:37:51.792233944 CEST4968180192.168.2.42.17.190.73
            Apr 23, 2025 16:37:57.243557930 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:37:57.667196035 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:37:58.370418072 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:37:59.666491985 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:38:01.401359081 CEST4968180192.168.2.42.17.190.73
            Apr 23, 2025 16:38:02.167004108 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:38:03.029387951 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:03.029434919 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:03.029535055 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:03.029835939 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:03.029851913 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:03.350694895 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:03.350788116 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:03.352296114 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:03.352313042 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:03.352583885 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:03.401406050 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:04.543092012 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.543143988 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.543534994 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.543551922 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.543570042 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.543596983 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.544061899 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.544085979 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.544163942 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.544174910 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.854518890 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.854588032 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.856781006 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.856794119 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.857052088 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.857290983 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.864130020 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.864197016 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.866106033 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:04.866118908 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.866401911 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.900269985 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:04.918189049 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.275219917 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.294948101 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.294970036 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.295017004 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.295042992 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.295068026 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.295093060 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.324754953 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.324779034 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.324831963 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.324847937 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.324893951 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.435563087 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.435585022 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.435642004 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.435662031 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.435709000 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.457319021 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.457341909 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.457380056 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.457389116 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.457485914 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.476665974 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.476691008 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.476756096 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.476763010 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.476810932 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.492274046 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.492337942 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.492418051 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.492427111 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.492464066 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.582438946 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.582535982 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.582602024 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.582633018 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.582784891 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.584965944 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.595922947 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.595949888 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.595988035 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.596009016 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.596035004 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.596051931 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.608588934 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.608608007 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.608714104 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.608741999 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.608757973 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.608866930 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.620465994 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.620503902 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.620541096 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.620568991 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.620610952 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.620629072 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.630610943 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.630645990 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.630706072 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.630716085 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.630743980 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.630759954 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.640693903 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.640716076 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.640800953 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.640815020 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.640918016 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.649305105 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.649333954 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.649374962 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.649393082 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.649421930 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.649441957 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.649915934 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:05.657733917 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.657756090 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.657818079 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.657824039 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.657876968 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.679709911 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.679737091 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.679780960 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.679805994 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.679825068 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.679841995 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.730104923 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.730129957 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.730180025 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.730204105 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.730226040 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.730245113 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.737751007 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.737776995 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.737828970 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.737838030 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.737883091 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.737901926 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.745091915 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.745117903 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.745276928 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.745284081 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.745336056 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.752018929 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.752038002 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.752132893 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.752140045 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.752181053 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.758573055 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.758591890 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.758680105 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.758690119 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.758770943 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.764866114 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.764884949 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.764926910 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.764946938 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.764980078 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.764998913 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.771806002 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.771840096 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.771874905 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.771893978 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.771923065 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.771943092 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.777555943 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.777574062 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.777642965 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.777658939 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.777709961 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.782984972 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.783014059 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.783044100 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.783051014 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.783102989 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.788281918 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.788300037 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.788383007 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.788388968 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.788449049 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.793265104 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.793297052 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.793335915 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.793342113 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.793397903 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.798109055 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.798137903 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.798193932 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.798199892 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.798469067 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.802875996 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.802911043 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.802958965 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.802963972 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.803066969 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.803673029 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.803730965 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.803736925 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.803790092 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.803837061 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.804456949 CEST49723443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.804475069 CEST44349723151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.843170881 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:05.884279966 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:05.960504055 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:06.077539921 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:06.077735901 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:06.077790022 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:06.084182024 CEST49724443192.168.2.4151.101.2.132
            Apr 23, 2025 16:38:06.084201097 CEST44349724151.101.2.132192.168.2.4
            Apr 23, 2025 16:38:06.572824001 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:06.979773045 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:38:07.776649952 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:10.182847023 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:10.283555031 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.284892082 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.284892082 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.423564911 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.424844980 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.424859047 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.425693989 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.425734997 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.425802946 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.425802946 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.426975965 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.428173065 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.428191900 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.428466082 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.433057070 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.567112923 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.572989941 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.576103926 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.576126099 CEST4434970852.113.196.254192.168.2.4
            Apr 23, 2025 16:38:10.576216936 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.576267958 CEST49708443192.168.2.452.113.196.254
            Apr 23, 2025 16:38:10.738652945 CEST49728443192.168.2.4131.253.33.254
            Apr 23, 2025 16:38:10.738701105 CEST44349728131.253.33.254192.168.2.4
            Apr 23, 2025 16:38:10.738768101 CEST49728443192.168.2.4131.253.33.254
            Apr 23, 2025 16:38:10.739245892 CEST49728443192.168.2.4131.253.33.254
            Apr 23, 2025 16:38:10.739264011 CEST44349728131.253.33.254192.168.2.4
            Apr 23, 2025 16:38:11.234554052 CEST44349728131.253.33.254192.168.2.4
            Apr 23, 2025 16:38:11.234621048 CEST49728443192.168.2.4131.253.33.254
            Apr 23, 2025 16:38:13.341871023 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:13.341931105 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:13.342118979 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:13.792591095 CEST49722443192.168.2.4192.178.49.196
            Apr 23, 2025 16:38:13.792629004 CEST44349722192.178.49.196192.168.2.4
            Apr 23, 2025 16:38:14.995150089 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:38:16.587255001 CEST49671443192.168.2.4204.79.197.203
            Apr 23, 2025 16:38:24.608894110 CEST49678443192.168.2.420.189.173.27
            Apr 23, 2025 16:39:02.949912071 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:02.949961901 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:02.950036049 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:02.950251102 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:02.950268984 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:03.264066935 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:03.264409065 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:03.264431953 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:13.258768082 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:13.258830070 CEST44349736192.178.49.196192.168.2.4
            Apr 23, 2025 16:39:13.258941889 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:13.784149885 CEST49736443192.168.2.4192.178.49.196
            Apr 23, 2025 16:39:13.784188032 CEST44349736192.178.49.196192.168.2.4
            TimestampSource PortDest PortSource IPDest IP
            Apr 23, 2025 16:37:58.719217062 CEST53647091.1.1.1192.168.2.4
            Apr 23, 2025 16:37:58.745874882 CEST53611141.1.1.1192.168.2.4
            Apr 23, 2025 16:37:59.599581957 CEST53614281.1.1.1192.168.2.4
            Apr 23, 2025 16:37:59.853506088 CEST53514051.1.1.1192.168.2.4
            Apr 23, 2025 16:38:02.887033939 CEST5510153192.168.2.41.1.1.1
            Apr 23, 2025 16:38:02.887435913 CEST6363353192.168.2.41.1.1.1
            Apr 23, 2025 16:38:03.027801991 CEST53551011.1.1.1192.168.2.4
            Apr 23, 2025 16:38:03.028212070 CEST53636331.1.1.1192.168.2.4
            Apr 23, 2025 16:38:04.372987032 CEST6475253192.168.2.41.1.1.1
            Apr 23, 2025 16:38:04.373279095 CEST5142653192.168.2.41.1.1.1
            Apr 23, 2025 16:38:04.534920931 CEST53647521.1.1.1192.168.2.4
            Apr 23, 2025 16:38:04.539879084 CEST53514261.1.1.1192.168.2.4
            Apr 23, 2025 16:38:16.809093952 CEST53566021.1.1.1192.168.2.4
            Apr 23, 2025 16:38:35.756906033 CEST53651081.1.1.1192.168.2.4
            Apr 23, 2025 16:38:58.112071991 CEST53546961.1.1.1192.168.2.4
            Apr 23, 2025 16:38:58.343408108 CEST53588541.1.1.1192.168.2.4
            Apr 23, 2025 16:39:01.606031895 CEST53597901.1.1.1192.168.2.4
            Apr 23, 2025 16:39:05.439987898 CEST138138192.168.2.4192.168.2.255

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Apr 23, 2025 16:38:02.887033939 CEST192.168.2.41.1.1.10x778dStandard query (0)www.google.comA (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:02.887435913 CEST192.168.2.41.1.1.10xf4aeStandard query (0)www.google.com65IN (0x0001)false
            Apr 23, 2025 16:38:04.372987032 CEST192.168.2.41.1.1.10x80b3Standard query (0)cdn.glitch.globalA (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:04.373279095 CEST192.168.2.41.1.1.10xf555Standard query (0)cdn.glitch.global65IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Apr 23, 2025 16:38:03.027801991 CEST1.1.1.1192.168.2.40x778dNo error (0)www.google.com192.178.49.196A (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:03.028212070 CEST1.1.1.1192.168.2.40xf4aeNo error (0)www.google.com65IN (0x0001)false
            Apr 23, 2025 16:38:04.534920931 CEST1.1.1.1192.168.2.40x80b3No error (0)cdn.glitch.globalj.sni.global.fastly.netCNAME (Canonical name)IN (0x0001)false
            Apr 23, 2025 16:38:04.534920931 CEST1.1.1.1192.168.2.40x80b3No error (0)j.sni.global.fastly.net151.101.2.132A (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:04.534920931 CEST1.1.1.1192.168.2.40x80b3No error (0)j.sni.global.fastly.net151.101.66.132A (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:04.534920931 CEST1.1.1.1192.168.2.40x80b3No error (0)j.sni.global.fastly.net151.101.130.132A (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:04.534920931 CEST1.1.1.1192.168.2.40x80b3No error (0)j.sni.global.fastly.net151.101.194.132A (IP address)IN (0x0001)false
            Apr 23, 2025 16:38:04.539879084 CEST1.1.1.1192.168.2.40xf555No error (0)cdn.glitch.globalj.sni.global.fastly.netCNAME (Canonical name)IN (0x0001)false

            HTTP Request Dependency Graph

            • cdn.glitch.global

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            0192.168.2.449723151.101.2.1324435044C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-04-23 14:38:04 UTC731OUTGET /5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893 HTTP/1.1
            Host: cdn.glitch.global
            Connection: keep-alive
            sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
            sec-ch-ua-mobile: ?0
            sec-ch-ua-platform: "Windows"
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
            Sec-Fetch-Site: none
            Sec-Fetch-Mode: navigate
            Sec-Fetch-User: ?1
            Sec-Fetch-Dest: document
            Accept-Encoding: gzip, deflate, br, zstd
            Accept-Language: en-US,en;q=0.9
            2025-04-23 14:38:05 UTC762INHTTP/1.1 200 OK
            Connection: close
            Content-Length: 461355
            x-amz-id-2: AK0jdq4FPtgTsTtjec2ff9S5DM7VykYVVTqr5zgRo+E1FBcVJNLCXBRDEwx80E0bmMVR7RDg7yw=
            x-amz-request-id: 4FEBJQHPT63K8GPQ
            Last-Modified: Thu, 27 Feb 2025 10:15:23 GMT
            ETag: "2e9215a3cc761ca920ad6215cf656c1f"
            x-amz-server-side-encryption: AES256
            Cache-Control: max-age=31536000
            Content-Type: image/png
            Server: AmazonS3
            Via: 1.1 varnish, 1.1 varnish
            Access-Control-Allow-Methods: GET, HEAD, POST
            Access-Control-Allow-Origin: *
            Content-Security-Policy: script-src 'none'
            Accept-Ranges: bytes
            Date: Wed, 23 Apr 2025 14:38:05 GMT
            Age: 120522
            X-Served-By: cache-iad-kjyo7100090-IAD, cache-lax-kwhp1940112-LAX
            X-Cache: HIT, MISS
            X-Cache-Hits: 6, 0
            X-Timer: S1745419085.074264,VS0,VE128
            2025-04-23 14:38:05 UTC16384INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 06 51 00 00 03 2b 08 06 00 00 00 d9 6b b4 4f 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 12 74 00 00 12 74 01 de 66 1f 78 00 00 ff a5 49 44 41 54 78 5e ec fd cd ae 6d 4b 92 a5 87 ed f3 7f 23 92 0f 10 40 74 d9 c9 0a 24 aa 95 d9 11 04 09 14 04 a9 21 09 64 b1 98 42 bd 80 24 12 7c 88 7c 10 82 14 a4 16 a9 12 04 48 50 93 7a 80 42 a1 aa 3a 59 04 1f 20 82 04 05 a2 44 56 c5 bd e7 ff c8 be 31 6c b8 fb 5a 7b ef 73 cf 8d bc 99 b1 cf d9 36 f6 b6 e5 ee e6 e6 3f d3 a7 cf 69 e6 6e 6b ce f5 e4 7f f2 3f fd 9f 7d ba 19 0c 06 83 c1 60 30 18 0c 06 83 c1 60 30 18 0c 06 83 c1 60 30 18 5c e0 c9 bf f3 bf fc 5f 8d 13 65 30 18 0c 06 83 c1 60 30 18 0c 06 83
            Data Ascii: PNGIHDRQ+kOsRGBgAMAapHYsttfxIDATx^mK#@t$!dB$||HPzB:Y DV1lZ{s6?ink?}`0`0`0\_e0`0
            2025-04-23 14:38:05 UTC16384INData Raw: 02 85 d6 fb a4 95 53 11 69 5f 27 8a 74 64 4a 27 5f 61 fd d1 1a 71 e0 fa 0e 74 5f 34 24 c4 25 e0 52 d0 2a 58 51 49 22 47 ac 64 a5 93 db ce 11 a1 97 8b fc 3b 23 38 15 d8 9c 84 6f 3d cd d8 18 55 29 fd a7 cf 8c 77 8f 39 e7 91 73 9d 73 a2 31 28 e2 1c c6 b9 95 e3 b1 9e 3f 3a 57 51 f5 a9 89 a2 12 d1 07 d5 30 d0 c8 53 f7 2e 0b ff bd 6c aa 4a 14 db 5f 50 81 ef 90 3a 69 13 36 c7 90 a7 85 c0 9a 3b ed 44 91 5d c2 f1 2a b7 3e eb 9f be f0 a4 0f 1b b5 38 97 ae 1d 28 d4 25 fe 0b 9e 28 f6 78 8a 57 94 71 55 5f 2b 54 7e 91 6a 17 7f 30 f8 ba c1 75 a6 6b 5f f7 b6 9a e7 fc 57 18 27 8a 9c e3 6f df c9 91 f2 fa cd eb 9b ef bf ff e1 e6 87 1f be bf 79 fd 7b 3b 4f c6 89 32 18 3c 6e 8c 13 65 30 f8 19 a0 0d c6 5e 54 85 b4 d0 fa c9 4e 94 3f b9 f9 93 5f fe f2 e6 bb 5f 9e 4e 94 5f dc f1
            Data Ascii: Si_'tdJ'_aqt_4$%R*XQI"Gd;#8o=U)w9ss1(?:WQ0S.lJ_P:i6;D]*>8(%(xWqU_+T~j0uk_W'oy{;O2<ne0^TN?__N_
            2025-04-23 14:38:05 UTC16384INData Raw: 6f cc d7 a6 38 4c ee a2 65 9f 75 5d ba a6 9a 4e 39 a7 bb ff 6a c7 c7 a5 be 17 69 35 c0 e9 e9 73 49 38 78 3c c8 3c 80 58 17 82 84 27 34 55 6e ea 9e 5f 7f ac 35 b5 86 6c 1a 0c 06 8f 17 e3 44 19 0c 1e 18 fc 3c 00 70 18 25 2f 63 2f 59 07 b6 fc d7 07 6d 6c 9f c4 e2 54 1b db 5e a8 66 63 9c 4d 79 fd 90 1b f4 ee 9d 9e cc 08 bd 91 03 01 e7 c2 7e 75 97 e2 71 32 94 0c 65 96 f3 24 0e 01 6d ea ef b6 05 86 52 e3 1c 23 bb 6e 92 87 91 9f f0 8b a9 8c 76 2d 56 7a c1 72 7d aa 68 96 b6 cf 63 55 5f f9 ad 17 7e d7 25 4e 12 1d 5f 13 71 91 8f f1 74 b0 e0 4c 09 9d c7 bc 48 0e 8e 38 0d dc 26 b4 c6 3f a4 be 6d 07 c6 85 73 42 e7 a3 79 c4 19 4f 8d 6b 8f ed a2 db 8e 14 13 6d 5c 9e fb 0c 86 fe 3e 95 8c e2 2d 93 3e 8a 48 b7 c3 84 fe 74 df c4 6b 87 89 fa 95 50 54 ed 57 3a ed 53 67 fa b1
            Data Ascii: o8Leu]N9ji5sI8x<<X'4Un_5lD<p%/c/YmlT^fcMy~uq2e$mR#nv-Vzr}hcU_~%N_qtLH8&?msByOkm\>->HtkPTW:Sg
            2025-04-23 14:38:05 UTC16384INData Raw: ea fc a8 12 fa d0 8b 52 f5 45 65 7b 63 a2 a8 ce a2 c5 f9 ab 08 b4 17 b1 79 75 13 e9 22 36 ce 4b 80 78 36 d3 cf 6f 75 42 6b b3 a2 bf 15 07 2d f9 67 7e 3d 94 e5 3a 2f 75 d3 f0 c2 19 bf 0d e7 f2 e9 3e 83 73 8c 42 a4 81 8e 7b 85 0c 0a 79 97 63 aa da 2a 1f 72 f9 ca 63 b2 17 74 4e 44 38 b8 2a e4 7c 5f 50 f3 a8 53 ed 16 c1 eb 36 1c 9e 64 de d9 d7 d5 8f ea 88 fa a2 cf 7b 80 4c 5f 7f 22 18 17 75 f8 7a 88 93 04 b2 d3 c3 e7 0c 87 c8 f9 84 89 9f 3c 41 6e f3 7c ce 72 de 42 9c 2b 9e 5c a1 bc db 77 5f 38 8f fd 6d e0 2e 0b 0d 06 83 c1 e0 71 21 fa 6c e9 39 fe b4 e1 5c 84 5e ed fc e8 ab 33 2d 3b a6 ca c8 ce 6a dd 6a 27 4c c9 95 8e a1 44 a5 a4 77 4a f1 38 4d d9 e6 13 76 e6 26 fd f3 51 3a 49 44 dc 7c 2a 76 db dd bf 22 ec b9 e5 fc 78 8f 13 e5 9d 9c 28 6f fb f7 ef b6 93 c4 7c
            Data Ascii: REe{cyu"6Kx6ouBk-g~=:/u>sB{yc*rctND8*|_PS6d{L_"uz<An|rB+\w_8m.q!l9\^3-;jj'LDwJ8Mv&Q:ID|*v"x(o|
            2025-04-23 14:38:05 UTC16384INData Raw: c8 4c d1 51 00 00 ff f4 49 44 41 54 3b 0f e1 31 88 67 9e eb 6b dd 35 1e 04 41 10 04 77 1d c7 d6 2f a7 6f a5 36 3a 1f 12 d7 e1 e6 f1 9e 10 71 97 ad eb f4 4e de 27 20 1b c0 21 9c 72 5b fe da 8e ca 83 4f 8a 8f 3b a6 87 f5 5c f7 58 be 1d 26 c7 ca 6e aa 83 b8 89 7c 43 35 ed 4d 27 7f 97 17 d6 ba 8e 1f a6 57 99 87 65 2b 05 c1 db c2 6a 75 31 7c 6d 75 0c 3a 23 82 20 b8 cf 88 13 25 08 ee 18 b0 97 c4 76 52 7b ca da 5c ce 9d 6c 43 cb b7 16 78 a7 df 4d a8 9f fb 8d b4 37 d3 fe 35 1c 8c fa 7e c4 01 7f b1 47 a7 82 5f c2 d9 8e 84 47 4d 15 a7 33 c5 e4 bb 51 c8 57 44 e7 41 3b 51 0e 1c 08 be 50 5d 9d 15 d0 c5 1b a9 75 d3 64 bd 89 23 9b 2c 97 d9 78 0d 82 6c c8 65 59 a5 11 22 cf f5 51 c6 74 03 fa b8 7f 78 cc 96 9d 1c e0 43 19 42 39 43 9a ce 8b 17 4e 92 76 9a 28 7c 5c 61 d1 43
            Data Ascii: LQIDAT;1gk5Aw/o6:qN' !r[O;\X&n|C5M'We+ju1|mu:# %vR{\lCxM75~G_GM3QWDA;QP]ud#,xleY"QtxCB9CNv(|\aC
            2025-04-23 14:38:05 UTC16384INData Raw: 22 0f 75 15 82 d0 36 f4 73 be 78 2d 47 75 c0 63 62 39 da eb fa a8 ab 8f 2e 56 56 de 97 85 c6 aa eb 68 48 24 b7 d3 2e 1b 3c 05 ea 4b 47 8a 74 b6 3e 26 f7 c3 84 bc 21 03 71 12 e2 b3 8d 15 48 53 16 0c 96 4d 60 b1 01 9a 75 30 be 0c c1 0f 9d 50 a7 e8 14 84 36 5b 2f 1c 33 c6 ad e7 81 13 a8 09 06 50 3a 52 8a c6 9d 27 34 dc 5a 87 aa 8f 90 32 b4 b5 83 d6 6c 9b e5 25 b3 cb 20 9f 7d 7a 80 bb 32 c4 33 74 a4 7e d6 61 ca 83 fc f1 a8 ae 2e 5f fb 32 74 a3 9e b3 2d b5 53 7f 25 9b e3 4b a2 7a 13 70 1a 8c f5 6c bf ae d9 d0 af 1f 0d c8 d8 4f b2 03 05 0e 80 76 9c 0c 9e ca 93 4c d5 47 3e 42 e4 a1 69 c4 11 8e be 95 de d6 0d 69 8c 3d 0d df 34 a8 4f e3 b7 9c 43 2e eb 3c 18 d2 41 9d e7 47 42 ad 73 4b 32 25 77 86 6e 93 5a 36 e1 38 60 b0 2a 9f a9 4f 1f 6a 0e c7 c9 63 d1 c7 cc 60 f9
            Data Ascii: "u6sx-Gucb9.VVhH$.<KGt>&!qHSM`u0P6[/3P:R'4Z2l% }z23t~a._2t-S%KzplOvLG>Bii=4OC.<AGBsK2%wnZ68`*Ojc`
            2025-04-23 14:38:05 UTC16384INData Raw: 10 dc 31 60 89 ae a5 ba 16 eb 2b fc ee 81 f1 43 60 1d d7 2f 6e df ef 45 dd 9b 96 cb ea 2b 28 1b 98 4f 06 cc 99 cb cb 4b 86 1e 5b 60 cd 3b 04 7e 79 83 b1 bf e9 f1 72 c1 c7 c3 de f8 7f da 8f a3 9a 77 25 98 9c 2f a3 35 8c d5 f3 f1 55 2e b3 51 fe 90 6c bc 3e 2b f9 d3 08 2e 03 38 f2 49 6d e8 b7 2c 10 5e d4 8d d0 06 f6 69 04 97 d3 40 a4 bc 5d 7b c8 a3 bc 2a 07 b5 e1 9f fc 68 83 24 63 37 c8 f0 1d 1a 1a 8b 7d ff 57 c2 fc e4 3c 2d 02 98 0f 79 2d 13 f5 dd b6 fb 0a 9d ec 58 51 7a f6 dd 63 b2 3a 0a ec 1c 18 fa a2 9c a4 fe 98 7c ec c0 47 e7 16 d2 ad c3 20 1a fb 5b ce 03 cb 11 3f db 2d 9e a1 77 a5 55 67 71 a4 a1 2d de 85 a1 3b 31 90 3e f7 b1 6e 19 88 23 6f ea d6 75 2b cf e3 2d f9 18 93 ae d7 fd 3d a4 d9 d7 23 63 64 f9 25 d3 65 48 af 77 d8 8c fc 6e 77 be a7 a4 f8 c0 7b
            Data Ascii: 1`+C`/nE+(OK[`;~yrw%/5U.Ql>+.8Im,^i@]{*h$c7}W<-y-XQzc:|G [?-wUgq-;1>n#ou+-=#cd%eHwnw{
            2025-04-23 14:38:05 UTC16384INData Raw: c8 c9 95 59 32 78 81 8e 53 20 10 58 cd 88 4d 94 40 60 05 c1 3f 9f ea c7 69 bb 60 f3 87 7d 47 9a fb 09 2d 17 05 02 81 40 20 f0 e6 d1 a8 d3 c2 a9 57 e8 e2 8f 0e d2 c9 ef 9e a1 d9 b9 a6 3c 44 54 ae 65 0b 75 6a 4c 9c a3 e9 97 5f a5 b1 ef 3d 4f e3 27 66 68 6e 46 84 02 dc 6d d1 37 d8 43 7d 03 7a 47 49 47 7d 96 ea 93 13 34 76 62 8a 2e 9d af d3 dc 34 2b 2f 1c a7 8b ec 63 e2 d2 a4 7e d3 9e dd e2 39 0f d5 be 75 b4 ae b3 42 dd 3f a9 4d 94 6b 0d ec ba 34 6b 54 bf 70 8c 26 7e f4 3d 3a f6 95 af d0 2b 4c 2f 27 74 f0 4f bf 46 47 bf fb 2c 5d 3c 36 46 f5 d9 37 73 9b 4b 1b e0 79 31 7b 36 50 05 0f d9 2f db ec a1 d2 43 d5 f5 3b 68 e8 ae 47 68 cf 27 3f 4b 37 7e ea 13 b4 eb bd 07 68 ed ba 3e aa 56 b9 17 3b 4b dc b7 fd d4 dd 33 44 7d d5 5e c2 b3 f0 df d6 07 86 c6 1c 2d cc 8e 53
            Data Ascii: Y2xS XM@`?i`}G-@ W<DTeujL_=O'fhnFm7C}zGIG}4vb.4+/c~9uB?Mk4kTp&~=:+L/'tOFG,]<6F7sKy1{6P/C;hGh'?K7~h>V;K3D}^-S
            2025-04-23 14:38:05 UTC16384INData Raw: ae 06 60 60 00 00 ff f4 49 44 41 54 20 10 08 04 8a d0 f9 3f 36 52 90 a6 33 26 7c 2a d0 cf 06 fa 27 33 2c 7e e1 99 95 ce af 0a da 81 40 60 b5 40 57 47 02 81 c0 8a 80 5c 98 85 d2 85 0f ac be 29 cf 4a 02 d5 91 9c 94 03 d7 07 7c 11 cc 0e 9e 02 59 1c 4f 2b 14 16 43 99 64 41 11 8b 6a 58 60 64 aa 54 2b 54 ae 54 24 2f 0b 6f be 70 8f 45 bb 4c b7 2c 54 12 82 ae 2e cc e7 8b 87 ba e8 96 92 2c 62 1a 49 b9 b0 70 68 f1 48 3e 2f 6b aa cd 71 02 0f ed 70 78 3b 00 f8 d2 f2 95 2f 3f 99 7f ce fb 22 37 e0 31 b9 4f 5d 9c cc fd 09 1f ff 88 33 59 8c 2c 90 f4 95 f6 1d 36 30 b0 71 e1 a9 f6 2b c8 37 56 90 62 b1 d3 f4 5c 26 79 d5 57 3b f4 b1 1d 0b e3 eb f1 e1 38 d0 97 69 7f 3a 99 6d 85 8f 67 b5 0b 9b 28 15 f9 56 ba c4 c5 fa 5e 47 be c9 a3 7e dd 36 af 5b eb d5 36 43 a6 24 3e b8 5c b1
            Data Ascii: ``IDAT ?6R3&|*'3,~@`@WG\)J|YO+CdAjX`dT+TT$/opEL,T.,bIphH>/kqpx;/?"71O]3Y,60q+7Vb\&yW;8i:mg(V^G~6[6C$>\
            2025-04-23 14:38:05 UTC16384INData Raw: 94 f4 6e 14 8e 05 9b 84 18 df e9 5d 56 7e 17 16 74 bc 7f 91 c2 27 e2 f7 e3 e3 9b 2f 52 7d 02 f0 59 60 25 97 6a dc 88 d5 25 80 fb f7 36 b9 54 f8 5c f4 be 6c 07 af 42 74 b2 fa 1c ea cb fd a3 9c bb 2a ca f4 5c d0 3a 25 76 86 c6 aa 7a 85 80 19 6c c9 32 b5 01 f4 ae 1f 2b 30 c4 4e ff 51 92 57 ad 0b 7d 05 81 f3 74 02 9f d7 e5 7a 0c f0 cc 36 03 cb a4 6e fc 99 0d c2 e8 e8 f0 0f cd 79 10 aa 23 26 b9 cf 2b 40 db df 99 f5 07 fc c1 52 a3 c0 2b fa 2c f7 07 ff a8 47 32 19 54 e6 63 1a d0 fe d0 f7 86 dc 56 e3 77 28 db c7 92 be 66 71 73 31 3d 46 e0 42 23 b5 17 a0 98 d6 c1 7f c8 69 d9 7c 19 e4 f8 89 79 e2 c3 f4 54 5f e3 f3 3a 50 ab ba 75 19 f2 0a a9 d6 e4 a8 13 40 19 10 7b ce 6a 39 f7 27 1c 75 c8 c8 79 8a 54 8f b9 99 9e fb c8 79 12 a3 e6 84 87 3f e1 80 c9 2a 79 bd a2 c4 c8
            Data Ascii: n]V~t'/R}Y`%j%6T\lBt*\:%vzl2+0NQW}tz6ny#&+@R+,G2TcVw(fqs1=FB#i|yT_:Pu@{j9'uyTy?*y


            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
            1192.168.2.449724151.101.2.1324435044C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampBytes transferredDirectionData
            2025-04-23 14:38:05 UTC661OUTGET /favicon.ico HTTP/1.1
            Host: cdn.glitch.global
            Connection: keep-alive
            sec-ch-ua-platform: "Windows"
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
            sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
            sec-ch-ua-mobile: ?0
            Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
            Sec-Fetch-Site: same-origin
            Sec-Fetch-Mode: no-cors
            Sec-Fetch-Dest: image
            Referer: https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893
            Accept-Encoding: gzip, deflate, br, zstd
            Accept-Language: en-US,en;q=0.9
            2025-04-23 14:38:06 UTC607INHTTP/1.1 403 Forbidden
            Connection: close
            x-amz-request-id: QPWQAXFTV4N4JD93
            x-amz-id-2: RfT2qnWm52ib4iWHWi5gtnHXPDTxvBkz3PwWgjtbUKqy5DvxXd3Rp0QkdgC0Ng1ZKMMxa/G0tjE=
            Content-Type: application/xml
            Server: AmazonS3
            Accept-Ranges: bytes
            Via: 1.1 varnish, 1.1 varnish
            Access-Control-Allow-Methods: GET, HEAD, POST
            Access-Control-Allow-Origin: *
            Content-Security-Policy: script-src 'none'
            Date: Wed, 23 Apr 2025 14:38:06 GMT
            X-Served-By: cache-iad-kcgs7200024-IAD, cache-bur-kbur8200133-BUR
            X-Cache: MISS, MISS
            X-Cache-Hits: 0, 0
            X-Timer: S1745419086.919984,VS0,VE85
            transfer-encoding: chunked
            2025-04-23 14:38:06 UTC4INData Raw: 66 33 0d 0a
            Data Ascii: f3
            2025-04-23 14:38:06 UTC243INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 45 72 72 6f 72 3e 3c 43 6f 64 65 3e 41 63 63 65 73 73 44 65 6e 69 65 64 3c 2f 43 6f 64 65 3e 3c 4d 65 73 73 61 67 65 3e 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 4d 65 73 73 61 67 65 3e 3c 52 65 71 75 65 73 74 49 64 3e 51 50 57 51 41 58 46 54 56 34 4e 34 4a 44 39 33 3c 2f 52 65 71 75 65 73 74 49 64 3e 3c 48 6f 73 74 49 64 3e 52 66 54 32 71 6e 57 6d 35 32 69 62 34 69 57 48 57 69 35 67 74 6e 48 58 50 44 54 78 76 42 6b 7a 33 50 77 57 67 6a 74 62 55 4b 71 79 35 44 76 78 58 64 33 52 70 30 51 6b 64 67 43 30 4e 67 31 5a 4b 4d 4d 78 61 2f 47 30 74 6a 45 3d 3c 2f 48 6f 73 74 49 64 3e 3c 2f 45 72 72 6f 72 3e
            Data Ascii: <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>QPWQAXFTV4N4JD93</RequestId><HostId>RfT2qnWm52ib4iWHWi5gtnHXPDTxvBkz3PwWgjtbUKqy5DvxXd3Rp0QkdgC0Ng1ZKMMxa/G0tjE=</HostId></Error>
            2025-04-23 14:38:06 UTC7INData Raw: 0d 0a 30 0d 0a 0d 0a
            Data Ascii: 0


            Statistics

            CPU Usage

            020406080s020406080100

            Click to jump to process

            Memory Usage

            020406080s0.0050100MB

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:1
            Start time:10:37:53
            Start date:23/04/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false
            Show Windows behavior

            File Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            COM Activities

            Show Windows behavior

            Process Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Memory Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Process Token Activities


            General

            Target ID:2
            Start time:10:37:57
            Start date:23/04/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2352,i,4867387030820698784,10106712663675780583,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2380 /prefetch:3
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false
            Show Windows behavior

            File Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            Show Windows behavior

            Memory Activities

            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

            General

            Target ID:4
            Start time:10:38:03
            Start date:23/04/2025
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cdn.glitch.global/5b037211-36a1-4f5d-9c5a-a90c4c22c413/protec1.png?v=1740651322893"
            Imagebase:0x7ff786830000
            File size:3'388'000 bytes
            MD5 hash:E81F54E6C1129887AEA47E7D092680BF
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

            Disassembly

            No disassembly