Edit tour

Windows Analysis Report
http://fishing-lake-vip.pics/

Overview

General Information

Sample URL:	http://fishing-lake-vip.pics/
Analysis ID:	1520330
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4912 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1908,i,15464833917151204251,9950897790861386087,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6796 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://fishing-lake-vip.pics/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://fishing-lake-vip.pics/

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://fishing-lake-vip.pics/lander/slava2/api.js	Avira URL Cloud: Label: phishing
Source: https://fishing-lake-vip.pics/lander/slava2/images/tg-day.jpg	Avira URL Cloud: Label: phishing
Source: https://fishing-lake-vip.pics/lander/slava2/images/logo.jpg	Avira URL Cloud: Label: phishing
Source: https://fishing-lake-vip.pics/lander/slava2/images/favicon.png	Avira URL Cloud: Label: phishing
Source: https://fishing-lake-vip.pics/lander/slava2/css/style.css	Avira URL Cloud: Label: phishing

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49734 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/css/style.css HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://fishing-lake-vip.pics/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/favicon.png HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fishing-lake-vip.pics/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/logo.jpg HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fishing-lake-vip.pics/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/api.js HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://fishing-lake-vip.pics/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/tg-day.jpg HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fishing-lake-vip.pics/lander/slava2/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/favicon.png HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/logo.jpg HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/api.js HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lander/slava2/images/tg-day.jpg HTTP/1.1Host: fishing-lake-vip.picsConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: fishing-lake-vip.pics
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_72.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49734 version: TLS 1.2

Source: classification engine

Classification label: mal56.win@17/30@8/5

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1908,i,15464833917151204251,9950897790861386087,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://fishing-lake-vip.pics/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1908,i,15464833917151204251,9950897790861386087,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://fishing-lake-vip.pics/	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://fishing-lake-vip.pics/lander/slava2/api.js	100%	Avira URL Cloud	phishing
https://fishing-lake-vip.pics/lander/slava2/images/tg-day.jpg	100%	Avira URL Cloud	phishing
https://fishing-lake-vip.pics/lander/slava2/images/logo.jpg	100%	Avira URL Cloud	phishing
https://fishing-lake-vip.pics/lander/slava2/images/favicon.png	100%	Avira URL Cloud	phishing
https://fishing-lake-vip.pics/lander/slava2/css/style.css	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
fishing-lake-vip.pics	188.114.97.3	true	false	unknown
www.google.com	142.250.186.132	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://fishing-lake-vip.pics/	false		unknown
https://fishing-lake-vip.pics/lander/slava2/api.js	false	Avira URL Cloud: phishing	unknown
https://fishing-lake-vip.pics/lander/slava2/images/tg-day.jpg	false	Avira URL Cloud: phishing	unknown
https://fishing-lake-vip.pics/lander/slava2/images/logo.jpg	false	Avira URL Cloud: phishing	unknown
https://fishing-lake-vip.pics/lander/slava2/images/favicon.png	false	Avira URL Cloud: phishing	unknown
https://fishing-lake-vip.pics/lander/slava2/css/style.css	false	Avira URL Cloud: phishing	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	fishing-lake-vip.pics	European Union	13335	CLOUDFLARENETUS	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1520330
Start date and time:	2024-09-27 08:19:59 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 15s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://fishing-lake-vip.pics/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.win@17/30@8/5
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.185.238, 64.233.167.84, 34.104.35.123, 142.250.184.234, 142.250.185.99, 216.58.212.138, 142.250.185.202, 142.250.185.74, 142.250.186.106, 142.250.186.74, 142.250.185.106, 142.250.185.138, 172.217.18.10, 142.250.185.234, 142.250.186.138, 142.250.186.42, 142.250.185.170, 172.217.16.202, 172.217.18.106, 142.250.74.202, 13.85.23.86, 93.184.221.240, 192.229.221.95, 13.85.23.206, 52.165.164.15, 172.217.23.99
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://fishing-lake-vip.pics/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://fishing-lake-vip.pics/ Model: jbxai	{ "brand":["Telegram"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Input

Output

URL: https://fishing-lake-vip.pics/ Model: jbxai

{
"brand":["Telegram"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 05:20:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.977867258025548
Encrypted:	false
SSDEEP:	48:8K+0doTM4KcHKidAKZdA1oehwiZUklqehekJy+3:8bXvp/Yy
MD5:	035E6F1BD9D20ACA1F6680740EE2C4D6
SHA1:	30336E20F0A789D52D3F2F677F57A3654B5ED287
SHA-256:	898646B3F7441DA70543CD3B1E63B8B4A23B0C5A1BF733DE07BCE46C0027C835
SHA-512:	3B7B4AC17CEA9CFFFFC54EBBFA564C70E54B953ED196B78A0BDEA5A623D5EA55D2ECC80FE83074DB5180330113316EF7F331420211650A46DA81F7EC801DD16C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......=k....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 05:20:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.993877925794786
Encrypted:	false
SSDEEP:	48:8a+0doTM4KcHKidAKZdA1leh/iZUkAQkqehvkJy+2:8rXv79Q0Yy
MD5:	7A38B503568DEBCC992EF4583D7D8091
SHA1:	886AFF1971DFDE16E025E2C0C4B949B494D937B4
SHA-256:	DF13AA25839F073423746D0C5050A63858C7C1D1F4EE16D20158BC5923F79413
SHA-512:	F0F22740736443E596AB7F82429592F1E771F8B7397D3AB84FFD1561BD6B7468537BCC2FE83D5CE0ABC160A8E7BDA2947E495A945A7B5DB9FEF194969A50F363
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......,k....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.00740617685755
Encrypted:	false
SSDEEP:	48:80+0doTM4bHKidAKZdA14t5eh7sFiZUkmgqeh7s9kJy+BX:8dXvvnjYy
MD5:	CE9B386B957FA3F56B837250A469431A
SHA1:	B1DF90A1264A982A05DE13DD62CA0F49DDB5DF45
SHA-256:	47954219EA8627CC31C1A90B9A56FE31B8C4FD357A7BFC28030EB6308F066588
SHA-512:	7D5E59F976BBF95FF61DB0B47EC7FE903D063302065F39532708A8FC7EFA7E16659A01B2A0B9568AD8BDC1183CD9F274D660A53B4348D6EA255747A7EEA412C3
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....C..b...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VEW.@...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 05:20:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9904145983370705
Encrypted:	false
SSDEEP:	48:89+0doTM4KcHKidAKZdA16ehDiZUkwqehLkJy+R:8sXvolYy
MD5:	4D266F9F586DFF6D6BC9302F4483FB09
SHA1:	891B4B86332A09AD47D940825E0B6D73A594D436
SHA-256:	5573BE5EF5ED8BDC21B02AAB0A1AC246E36E6E5B1382081D97C1CD96233B81E6
SHA-512:	AFF9F1B79D2C5424D42D073F8A0E1427011F2485CED39C774F13C1A8A4A671B50432264FE3E07BFF59731182AF20670ED4100CC8A0B97307BEE12B76D3F3D2DE
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,...._.'k....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 05:20:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.980152635048231
Encrypted:	false
SSDEEP:	48:8i+0doTM4KcHKidAKZdA1UehBiZUk1W1qehRkJy+C:8TXv49xYy
MD5:	8DD6D216F703BD9D1F09AFDDCC66AC6E
SHA1:	BF1A9717A3B6F88C97382A7884D768EED39193A3
SHA-256:	F43EE3CEF1CCA5533D21320F4A1C162A72B8D7B7839238E8CCD2190956326F6A
SHA-512:	193087994EE8FCE69987510F3EAC3041681F48FFF497E3BD565CD9C5419C20092DAF06076FFCC103BD563B13DAE40A15B1323AA4910C01F542F86772A2625C06
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......4k....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 05:20:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9895302932661383
Encrypted:	false
SSDEEP:	48:8D+0doTM4KcHKidAKZdA1duTrehOuTbbiZUk5OjqehOuTbjkJy+yT+:8SXvVTYTbxWOvTbjYy7T
MD5:	3EAF87BD41D7E1D6AF89077235D03BB7
SHA1:	5E365B81F4E1719D41E794ED0C5D518955C68913
SHA-256:	C58B1102230EDFF6BB4A3B15F3A0474B584A38B8C82A2B9677BD7AB82776A8E3
SHA-512:	70D80063BB602695355351EC4BC877F72FEB8D5BF0DD2D9697E4451139680EFC778C5B1426375BB516551D217BD8C52784D60702B03F11EE5E111A33612E8155
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....td.k....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.I;Y.2....B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}.m.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 65

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1755x861, components 3
Category:	dropped
Size (bytes):	123247
Entropy (8bit):	7.88817635684997
Encrypted:	false
SSDEEP:	3072:yzBAcQGdtpIxcyhRVTmV9VOnP0vM6RDorf6o0ylS:qRdacyhijVoPIM6xoryo02S
MD5:	ED7286C055D4878A52FDE2144681E6FB
SHA1:	A4AD75268D5FD5D557267A231C9EED7C6013C6E7
SHA-256:	1037BB26F5E4F71665C1E49C69289DC6108EDA524B52A676BBE25042BBA5B987
SHA-512:	5EC5C9DC56FB02A604BF948868C36EDBB98DBAEFFC7308F8C82EC7AAF61919243B1E55CE33DDB7534DF2312B289D59FB6D60666182E6CB5DB9BCDCA3A951487A
Malicious:	false
Reputation:	low
Preview:	......JFIF.....x.x.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......]...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...9g#...0.n4.QV;...i.$....\.d9HY.p...O,.....F.....m....94...T....R.X.:...).. ..h...MD.G.o.....DA=F....7.8.t.U}.4...l_s.M...@.=....@A..).].F.?N..jhh..c}@.X....pT...?:.%...M?.b..E:.@..TRH....;......F...Q......X.JW..v.\m..V......<.W%...2wr....Y....".....0;.@.[s...{P!.......4..w...C....x...J.#...E>.....i..dg...0 ..a\..0.S.Pi\.a.q./..K..J..~9..Y..p...<......$

Chrome Cache Entry: 66

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1755x861, components 3
Category:	downloaded
Size (bytes):	123247
Entropy (8bit):	7.88817635684997
Encrypted:	false
SSDEEP:	3072:yzBAcQGdtpIxcyhRVTmV9VOnP0vM6RDorf6o0ylS:qRdacyhijVoPIM6xoryo02S
MD5:	ED7286C055D4878A52FDE2144681E6FB
SHA1:	A4AD75268D5FD5D557267A231C9EED7C6013C6E7
SHA-256:	1037BB26F5E4F71665C1E49C69289DC6108EDA524B52A676BBE25042BBA5B987
SHA-512:	5EC5C9DC56FB02A604BF948868C36EDBB98DBAEFFC7308F8C82EC7AAF61919243B1E55CE33DDB7534DF2312B289D59FB6D60666182E6CB5DB9BCDCA3A951487A
Malicious:	false
Reputation:	low
URL:	https://fishing-lake-vip.pics/lander/slava2/images/tg-day.jpg
Preview:	......JFIF.....x.x.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......]...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...9g#...0.n4.QV;...i.$....\.d9HY.p...O,.....F.....m....94...T....R.X.:...).. ..h...MD.G.o.....DA=F....7.8.t.U}.4...l_s.M...@.=....@A..).].F.?N..jhh..c}@.X....pT...?:.%...M?.b..E:.@..TRH....;......F...Q......X.JW..v.\m..V......<.W%...2wr....Y....".....0;.@.[s...{P!.......4..w...C....x...J.#...E>.....i..dg...0 ..a\..0.S.Pi\.a.q./..K..J..~9..Y..p...<......$

Chrome Cache Entry: 67

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	798
Entropy (8bit):	4.685453805401048
Encrypted:	false
SSDEEP:	24:25UUpEqDXRqz/XqgElHxLHCV4yRRjHRRaL95Q25Dhh:2fRy/agEeV4ynHMC25lh
MD5:	760951A0C651F95D834B02157949A91F
SHA1:	A337AEDE4342DE146DFB9FC546A1B5459B277C98
SHA-256:	38E74EA018AE272F68E7B52F8EE13F9F326078A5DCB7432E9D5219FC40831F71
SHA-512:	BE2701478DE3BA4931A6598A6E0E04A6A7205926E48CC9E5D371B18C4CFC6DB08C0BB3FD7C3B61D9A39E749FD36EEAB103D582A4766D49BBF0B2961DC8C0CE47
Malicious:	false
Reputation:	low
URL:	https://fishing-lake-vip.pics/lander/slava2/api.js
Preview:	let fbcValue = "";. let fbpValue = "";. function checkCookiesAndSetValues() {. let cookies = document.cookie;. let cookiesArray = cookies.split(";");. cookiesArray.forEach(cookie => {. cookie = cookie.trim();. if (cookie.startsWith("_fbc")) {. let parts = cookie.split("=");. fbcValue = parts[1];. }. else if (cookie.startsWith("_fbp")) {. let parts = cookie.split("=");. fbpValue = parts[1];. }. });. console.log("_fbc:", fbcValue);. console.log("_fbp:", fbpValue);. document.getElementById("fbc").value = fbcValue;. document.getElementById("fbp").value = fbpValue;. if (fbcValue !== "" && fbpValue !== "") {. clearInterval(intervalId);. }. }.const intervalId = setInterval(checkCookiesAndSetValues, 50);

Chrome Cache Entry: 68

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Category:	downloaded
Size (bytes):	18536
Entropy (8bit):	7.986571198050597
Encrypted:	false
SSDEEP:	384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc
MD5:	8EFF0B8045FD1959E117F85654AE7770
SHA1:	227FEE13CEB7C410B5C0BB8000258B6643CB6255
SHA-256:	89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
SHA-512:	2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......Hh..........H..............................Z..\|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.\|.......%..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.+.M E..`......R.$T

Chrome Cache Entry: 69

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1280, components 3
Category:	downloaded
Size (bytes):	240563
Entropy (8bit):	7.992055856010928
Encrypted:	true
SSDEEP:	6144:TSH1DTQJMavyg5EjvWrd6D0XCeGbli2X1mwZke:q1DTQJDyUE7WrocCeGJhXB
MD5:	2E760170AE87790AA7D60E1CAF30B41B
SHA1:	D04A5BA07CACBD696AFDCEFCD85DDE5F62C868F2
SHA-256:	550F47707EF089EFFFC36A137DA2F45D208140FC2C86FDA2F0BC6F52656A707F
SHA-512:	27CE87E8C60C771750D63A0B8062ADB0A1B682B014A09A4F006ABB295CDE2D431F22824E01AD94456C5B52F56FC7350FA121FBEAE800F56E95BBB6DFEC9ACB75
Malicious:	false
Reputation:	low
URL:	https://fishing-lake-vip.pics/lander/slava2/images/logo.jpg
Preview:	......JFIF.....H.H.....C....................................................................C............................................................................".................................................................................y.ez.]P^.&.v.\...\...'j.Y.:+c...zpK;...;$H........5Uh.{..)...4^j.[....k...t.3..D@Iq$. .8O....A.. \|......P.K.,.....J..GJ..ww.wps\..j...<......V.....j.Np.'!X6.....x....-.7LH.{.....8I.....,..G.=HK. ds..j.3.sd/......^-.N.N...%s..+js.i..]8.e...t...J.<k..._1P...R[.7....a..7..\7.......P.....NN6q&.\t...R.....X..P.@P{.!J.!....]\|...G.....Q.r..pwr... ..c%...h.yZ.^.s...d.f.D..9....^.h...x.Di...H.i9..e...&........be.!F......:..Qx\..T...*.De...%..3.....8.ax\|.p.X.AZ.t...A..A...V;.n.w.<.4..j.21..<Om......t-Fw....o..bX0u.".3.m$td.........^N).5..Uo...DV.3....y.q.....B..f....a..dG .j...k%...s....Y.I....' .e.......v=o.m.9.+^..P...o.B....4.C...Q(.V..Z7..i....x....l.ZBg.....9....x\7..d.#d.?..........F....Q?....N..(.{...

Chrome Cache Entry: 70

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	5238
Entropy (8bit):	5.092492265395979
Encrypted:	false
SSDEEP:	96:bN0bS1orxRglmidmmji68uo4I7Dm3fND0QUraUjlJD:JlorwmOmmjh8v4Gm3fNXUraUjlJD
MD5:	8D9AEE0E250182EE7935F1241CD2F2F2
SHA1:	ACD00F1F58FAD83EB8FE68880FF74D692A3C66E8
SHA-256:	8C0D27EBF6E927362B4D117E07E0F482CEFE206B07764CA1A249369B7B596F8F
SHA-512:	D8BC413A0834AF3954CFB7F8B327BE38AFB4D5971AB9213BBEB0AFF39D611FC25ABA91552385FD228EC95C902EF64A3348796C4B42B3F1EC0F067C01D039C8A2
Malicious:	false
Reputation:	low
URL:	https://fishing-lake-vip.pics/lander/slava2/css/style.css
Preview:	html {. box-sizing: border-box;..}..body {. margin: 0;. padding: 0;. font-family: 'Roboto', sans-serif;..}..p,.h1,.h2,.h3,.h4,.h5,.h6,.a {. margin: 0;. padding: 0;. font-family: 'Roboto', sans-serif;.}..button {. appearance: none;. -webkit-appearance: none;. /* ... ......... ......-......... (Chrome, Safari) /. -moz-appearance: none;. / ... ......... ........ Firefox /. / ...... ........, ....... .. ...... ........ .. ....... /. border: none;. / ....... ....... /. background: none;. / ....... ... /. / .............. ..... .. ...... .......... /. cursor: pointer;.}..,.::before,.::after {. box-sizing: inherit;.}...blok1 {. background-image: url(../images/tg-day.jpg);. background-size: cover;. /* ... 'contain' . .......... ... ......

Chrome Cache Entry: 71

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1043
Entropy (8bit):	7.790525114776183
Encrypted:	false
SSDEEP:	12:6v/7io0yyONqsMXYTT/PgpI38dq2RITHDh6fmDz5l+Wj4SvUYNo7RQzrGQqN1sTH:+yaMXYTTwa3zHTHV6fmBlblFk1sTRyXa
MD5:	16A75C7824B5223B8E22864354E9E33F
SHA1:	2C35E76EBE2D8002369D582B32BD70374552C574
SHA-256:	7F3E38478D53875C1F35D67FC035067274BACF9DF8285889AD04FB143DFDDDD8
SHA-512:	BD09744894646081E02B9E730C68C82354E3907C419578BDCB45D52C99D909D78EE084C8948B99D14AC6C8DFB343C9EB9197AF039C5AC99D356440EFD10A4EE8
Malicious:	false
Reputation:	low
URL:	https://fishing-lake-vip.pics/lander/slava2/images/favicon.png
Preview:	.PNG........IHDR... ... .....szz.....IDATx.....{W.....;.Q.......A....J.......6.7...$.;.h....w^.s...0[s.d..4F.SUQV....%._.`pp......O2..Y.}Z..[.p.%3`.d.5[.).:.D.....j...)...l.h.$.%.$l2...fx.p&9.[.!f4.>@6......q$.K....=.t.#)I.(.....%`..&yI:.1\|8.g.N<E..=.8.@k..}....8v2.C..l.....n.H7..}.[)..c._..Q.........6...Yb.........8..G....^vL!X..Z.b..o.".Y..vH.........#....<>...O...-Y`.R.u.e.@.c\ .$4.'.`....N.._..3...%...d<.O......\..Rj.rJ..h...~0.....;..%...s........<.[.i\.q.ox....OQ..cq....)I.T%.t.%...,>...ye..2n.6..'..M.._._....g.V....p.........b..\|70...N...X}.5.0..../P",e....[...zC<)..'l..;..a..0N.....E........-P..!'a)..5..`....(..4....N..A.j...../..fnP..S...#4.e..B......[.,...\.n.......;H&t...p.p....Gf....[\....m.K........N.......]b.+/....>.A%.)?.y..>........?........U..^....+.i..)1[...#......q..>....*6.Oa.W.f./.Z.%.L...6..W\|...K.<`(..-A..m.=b..4.p@...FX/..^..6.&fIk..e... l..........I.dN:I.$.x..%..j....]............c.w.......5/..$.../j...>i..~..O&.

Chrome Cache Entry: 72

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	11692
Entropy (8bit):	5.3948692263720925
Encrypted:	false
SSDEEP:	192:rNYbN8NjNY3YNON+FNkNP6NfNANk3FNNN8YNY5NmpNgNjNS3mNuN8fN/NFXNVNe2:RYhKZ22EUiPA1uCrDDWmvOZAMkEVFdbR
MD5:	C719FD0FB391B8CDFB1D4046C9249643
SHA1:	432C9C518D53144B32AEB73D64C9850CE792AB8E
SHA-256:	CB86D971DED6B3F73F6BE5AD76AFD08C70099363C2AA64F29343E2A447A5404F
SHA-512:	793C87444D3818216521BFD76C10D52439B54AD6EC646C704EE03756008FD814547514110C13330E635426195771ECA9FB5A9F4C2DCFF2224696614AED943453
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.g

Chrome Cache Entry: 73

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Category:	downloaded
Size (bytes):	18588
Entropy (8bit):	7.988601596032928
Encrypted:	false
SSDEEP:	384:WF9srt3EJfKy7iOpqErJeqQhzsaZqPTPabcoqYdBTKYPvS9BlTf:Wn6UhKYieqAiPQTwclYQLlTf
MD5:	115C2D84727B41DA5E9B4394887A8C40
SHA1:	44F495A7F32620E51ACCA2E78F7E0615CB305781
SHA-256:	AE0E442895406E9922237108496C2CD60F4947649A826463E2DA9860B5C25DD6
SHA-512:	00402945111722B041F317B082B7103BCC470C2112D86847EAC44674053FC0642C5DF72015DCB57C65C4FFABB7B03ECE7E5F889190F09A45CEF1F3E35F830F45
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......H........ ..H8................................\|.`..J.\..<........-..Z...x.6.$..0. .... ..S.7.5..K!.;..../.`..Sn.J.e.52P.(.....=9....f.....$....fZ.p...N...t....6.lfS.Ju.i.o.g..<....T"O.o..4..4....M/N.>.K..."[.P...W.u.>]................A.9z....IN^....z..Y.{....m=...+X9<?.......(IAG8rD....52L0.p .EJ..p....=.......[U...pz..g...../L.U.......P..W.U..q$L..6......C.M.0..R..........D(.ilX.Y..SZ.R...Q..j.6.@\."\|.l......3....,.T.....L...ap0......6.j.\&O.z`.$._+vwnr...,....?W.T....!.J...L#%.......A}........\.....l...:....U..u.J.0....O......&.!.)4.V..:.}.0f....:W......?U.....%...b...!....yA.sw.....5..T .}{.t!F.G....{"..pQ.S.v.S....t......U.Y\|.v.@....\|..(..V.........^....../.7......K......J.Uq/L.T-.`.O........;........';vWq.+....J...J..p.....sB`(1LC.k....?Z{...v>dS....F..........\.....UetU........6.V...vE....._.../...%.q...^.l...>^.z..l..p....j..@H...`X.p...KQ. .<@...I...BF.......L..6...y.2=.P....8;..@`.m.....R.B.L.r.*T.T..l@.6.Y....}g.....F.n...

Chrome Cache Entry: 74

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1043
Entropy (8bit):	7.790525114776183
Encrypted:	false
SSDEEP:	12:6v/7io0yyONqsMXYTT/PgpI38dq2RITHDh6fmDz5l+Wj4SvUYNo7RQzrGQqN1sTH:+yaMXYTTwa3zHTHV6fmBlblFk1sTRyXa
MD5:	16A75C7824B5223B8E22864354E9E33F
SHA1:	2C35E76EBE2D8002369D582B32BD70374552C574
SHA-256:	7F3E38478D53875C1F35D67FC035067274BACF9DF8285889AD04FB143DFDDDD8
SHA-512:	BD09744894646081E02B9E730C68C82354E3907C419578BDCB45D52C99D909D78EE084C8948B99D14AC6C8DFB343C9EB9197AF039C5AC99D356440EFD10A4EE8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....IDATx.....{W.....;.Q.......A....J.......6.7...$.;.h....w^.s...0[s.d..4F.SUQV....%._.`pp......O2..Y.}Z..[.p.%3`.d.5[.).:.D.....j...)...l.h.$.%.$l2...fx.p&9.[.!f4.>@6......q$.K....=.t.#)I.(.....%`..&yI:.1\|8.g.N<E..=.8.@k..}....8v2.C..l.....n.H7..}.[)..c._..Q.........6...Yb.........8..G....^vL!X..Z.b..o.".Y..vH.........#....<>...O...-Y`.R.u.e.@.c\ .$4.'.`....N.._..3...%...d<.O......\..Rj.rJ..h...~0.....;..%...s........<.[.i\.q.ox....OQ..cq....)I.T%.t.%...,>...ye..2n.6..'..M.._._....g.V....p.........b..\|70...N...X}.5.0..../P",e....[...zC<)..'l..;..a..0N.....E........-P..!'a)..5..`....(..4....N..A.j...../..fnP..S...#4.e..B......[.,...\.n.......;H&t...p.p....Gf....[\....m.K........N.......]b.+/....>.A%.)?.y..>........?........U..^....+.i..)1[...#......q..>....*6.Oa.W.f./.Z.%.L...6..W\|...K.<`(..-A..m.=b..4.p@...FX/..^..6.&fIk..e... l..........I.dN:I.$.x..%..j....]............c.w.......5/..$.../j...>i..~..O&.

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Category:	downloaded
Size (bytes):	18596
Entropy (8bit):	7.988788312296589
Encrypted:	false
SSDEEP:	384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl
MD5:	C83E4437A53D7F849F9D32DF3D6B68F3
SHA1:	FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
SHA-256:	D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
SHA-512:	C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......H...........H=................................\|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q.......uD.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..\|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.\|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..\|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1280, components 3
Category:	dropped
Size (bytes):	240563
Entropy (8bit):	7.992055856010928
Encrypted:	true
SSDEEP:	6144:TSH1DTQJMavyg5EjvWrd6D0XCeGbli2X1mwZke:q1DTQJDyUE7WrocCeGJhXB
MD5:	2E760170AE87790AA7D60E1CAF30B41B
SHA1:	D04A5BA07CACBD696AFDCEFCD85DDE5F62C868F2
SHA-256:	550F47707EF089EFFFC36A137DA2F45D208140FC2C86FDA2F0BC6F52656A707F
SHA-512:	27CE87E8C60C771750D63A0B8062ADB0A1B682B014A09A4F006ABB295CDE2D431F22824E01AD94456C5B52F56FC7350FA121FBEAE800F56E95BBB6DFEC9ACB75
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H.....C....................................................................C............................................................................".................................................................................y.ez.]P^.&.v.\...\...'j.Y.:+c...zpK;...;$H........5Uh.{..)...4^j.[....k...t.3..D@Iq$. .8O....A.. \|......P.K.,.....J..GJ..ww.wps\..j...<......V.....j.Np.'!X6.....x....-.7LH.{.....8I.....,..G.=HK. ds..j.3.sd/......^-.N.N...%s..+js.i..]8.e...t...J.<k..._1P...R[.7....a..7..\7.......P.....NN6q&.\t...R.....X..P.@P{.!J.!....]\|...G.....Q.r..pwr... ..c%...h.yZ.^.s...d.f.D..9....^.h...x.Di...H.i9..e...&........be.!F......:..Qx\..T...*.De...%..3.....8.ax\|.p.X.AZ.t...A..A...V;.n.w.<.4..j.21..<Om......t-Fw....o..bX0u.".3.m$td.........^N).5..Uo...DV.3....y.q.....B..f....a..dG .j...k%...s....Y.I....' .e.......v=o.m.9.+^..P...o.B....4.C...Q(.V..Z7..i....x....l.ZBg.....9....x\7..d.#d.?..........F....Q?....N..(.{...

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	798
Entropy (8bit):	4.685453805401048
Encrypted:	false
SSDEEP:	24:25UUpEqDXRqz/XqgElHxLHCV4yRRjHRRaL95Q25Dhh:2fRy/agEeV4ynHMC25lh
MD5:	760951A0C651F95D834B02157949A91F
SHA1:	A337AEDE4342DE146DFB9FC546A1B5459B277C98
SHA-256:	38E74EA018AE272F68E7B52F8EE13F9F326078A5DCB7432E9D5219FC40831F71
SHA-512:	BE2701478DE3BA4931A6598A6E0E04A6A7205926E48CC9E5D371B18C4CFC6DB08C0BB3FD7C3B61D9A39E749FD36EEAB103D582A4766D49BBF0B2961DC8C0CE47
Malicious:	false
Reputation:	low
Preview:	let fbcValue = "";. let fbpValue = "";. function checkCookiesAndSetValues() {. let cookies = document.cookie;. let cookiesArray = cookies.split(";");. cookiesArray.forEach(cookie => {. cookie = cookie.trim();. if (cookie.startsWith("_fbc")) {. let parts = cookie.split("=");. fbcValue = parts[1];. }. else if (cookie.startsWith("_fbp")) {. let parts = cookie.split("=");. fbpValue = parts[1];. }. });. console.log("_fbc:", fbcValue);. console.log("_fbp:", fbpValue);. document.getElementById("fbc").value = fbcValue;. document.getElementById("fbp").value = fbpValue;. if (fbcValue !== "" && fbpValue !== "") {. clearInterval(intervalId);. }. }.const intervalId = setInterval(checkCookiesAndSetValues, 50);

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	256
Entropy (8bit):	4.785154305849476
Encrypted:	false
SSDEEP:	6:Igq+9y1yzfkM1nm5/uSvFrfuRNxaGaK/EAUrHNXreb1RcTunNSRizKNrjmn:I80ikCnIDvNWxZ/E55un/zL
MD5:	9DAA4FEAA6D7FE3D310F076B5055968F
SHA1:	6548EBB81FEC74B0787BC3668F8F5D447D258F16
SHA-256:	B02221776AEE870B8C29E35C51E7CC1E57DD566FE874F3ECE0B1F22D1B50A70D
SHA-512:	1E10EAB82CA8503DB6D95E6EE7B3631CE36B22F09095C3951AE7C74439ACA7E01806E6C833C0F7AFE5C87AE014E6170C5047DFBDEB64692BAE87ED320C3919F7
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISnAEJf2kXAnGwBz8SBQ3C_S_DEgUNSipmkhIFDWrRtgESBQ1uXHO6EgUNaVP3YBIFDU1ZTSUSBQ2vXKoSEgUNSU5Q0RIFDfBcztcSBQ2GZxLMEgUNjQhR3hIFDaEcozMSBQ2e7oKCEgUNCajElRIFDUZnFX0SBQ1KfrTwEgUNacfM2RIFDfZwQAQSBQ0xXygbEgUNIyeoWxIFDVAUxP8=?alt=proto
Preview:	Cr0BCgcNwv0vwxoACgcNSipmkhoACgcNatG2ARoACgcNblxzuhoACgcNaVP3YBoACgcNTVlNJRoACgcNr1yqEhoACgcNSU5Q0RoACgcN8FzO1xoACgcNhmcSzBoACgcNjQhR3hoACgcNoRyjMxoACgcNnu6CghoACgcNCajElRoACgcNRmcVfRoACgcNSn608BoACgcNacfM2RoACgcN9nBABBoACgcNMV8oGxoACgcNIyeoWxoACgcNUBTE/xoA

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 08:20:49.523674011 CEST	49676	443	192.168.2.8	52.182.143.211
Sep 27, 2024 08:20:50.788384914 CEST	49671	443	192.168.2.8	204.79.197.203
Sep 27, 2024 08:20:50.867398977 CEST	49673	443	192.168.2.8	23.206.229.226
Sep 27, 2024 08:20:51.133011103 CEST	49677	80	192.168.2.8	192.229.211.108
Sep 27, 2024 08:20:51.195522070 CEST	49672	443	192.168.2.8	23.206.229.226
Sep 27, 2024 08:20:59.125193119 CEST	49676	443	192.168.2.8	52.182.143.211
Sep 27, 2024 08:20:59.226078033 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.226134062 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.226200104 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.226526022 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.226538897 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.648844004 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:20:59.648883104 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:20:59.648960114 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:20:59.649174929 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:20:59.649185896 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:20:59.701785088 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.714170933 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.714193106 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.718892097 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.718962908 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.720833063 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.720874071 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.720946074 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.721036911 CEST	443	49711	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.721090078 CEST	49711	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.721539974 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.721586943 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:20:59.721647978 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.721836090 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:20:59.721848965 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.185589075 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.185935974 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.186006069 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.187558889 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.187632084 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.189141989 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.189235926 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.189496040 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.189531088 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.235040903 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.289983988 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:00.290322065 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:00.290337086 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:00.291590929 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:00.291670084 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:00.292953014 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:00.293015957 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:00.333136082 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:00.333164930 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:00.377903938 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:00.469774008 CEST	49673	443	192.168.2.8	23.206.229.226
Sep 27, 2024 08:21:00.624228954 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624275923 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624306917 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624347925 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624358892 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.624377012 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624424934 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624460936 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.624480963 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.624495983 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624587059 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.624633074 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.628587008 CEST	49713	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.628624916 CEST	443	49713	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.773319006 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.773369074 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.773422956 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.774807930 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.774854898 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.774905920 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.775646925 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.775655031 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.775703907 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.776243925 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.776258945 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.777364016 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.777374029 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.778789043 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:00.778795004 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:00.803575993 CEST	49672	443	192.168.2.8	23.206.229.226
Sep 27, 2024 08:21:01.231142044 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.231484890 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.231492996 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.232515097 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.232569933 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233333111 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233347893 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233380079 CEST	443	49718	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.233393908 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233422995 CEST	49718	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233907938 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.233963966 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.234014034 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.237248898 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.237262011 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.238601923 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.239072084 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.239098072 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.240539074 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.240595102 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.241295099 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.241317987 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.241364956 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.241364956 CEST	443	49716	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.241434097 CEST	49716	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.242168903 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.242192030 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.242245913 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.242829084 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.242841005 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.250701904 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.253196955 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.253202915 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.254736900 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.254793882 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.255441904 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.255486965 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.255521059 CEST	443	49717	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.255532980 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.255582094 CEST	49717	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.255985975 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.256017923 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.256113052 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.256489992 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.256500959 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.696305990 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.697417021 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.709172010 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.752274036 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.753660917 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.767319918 CEST	49677	80	192.168.2.8	192.229.211.108
Sep 27, 2024 08:21:01.767337084 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.778089046 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.778101921 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.779005051 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.779016972 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.779131889 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.779135942 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.779803038 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.779820919 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.779858112 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.780210972 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.780221939 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.780257940 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.780277967 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.780296087 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.780323029 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.784019947 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.784104109 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.784832001 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.784903049 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.785757065 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.785829067 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.793570042 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.793579102 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.828789949 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.828815937 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.828859091 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.828869104 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.844878912 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.851964951 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.852205992 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.899317026 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899374962 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899399996 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899413109 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899426937 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899432898 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.899445057 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899477005 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899513006 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.899519920 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899781942 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.899871111 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.959278107 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.959395885 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.959517002 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.960963011 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961036921 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961085081 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961129904 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961133003 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.961148977 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961159945 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.961218119 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.961292028 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.961297989 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.962061882 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.962110043 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.962110996 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.962126970 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.963675976 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.963682890 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.965801001 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.965869904 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.965876102 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:01.995944023 CEST	49722	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:01.995966911 CEST	443	49722	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.017962933 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.043231010 CEST	49723	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.043256998 CEST	443	49723	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.047543049 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.047641039 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.047677040 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.047698975 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.047743082 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.047871113 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.047940969 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048190117 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048221111 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048249960 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.048259020 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048296928 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.048758984 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048820972 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048854113 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048876047 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.048883915 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.048949957 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.048958063 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049529076 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049561024 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049592972 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049597979 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.049606085 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049654007 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049654961 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.049693108 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049702883 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.049711943 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.049755096 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.050404072 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.052337885 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.052367926 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.052386999 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.052406073 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.052664995 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.134397984 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134453058 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134476900 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134505987 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.134515047 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134525061 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134551048 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.134562969 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134593010 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134603024 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.134618998 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.134634972 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135221958 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135277033 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135284901 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135531902 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135557890 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135576963 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135584116 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135610104 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135617971 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135659933 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135665894 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.135822058 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.135997057 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136039019 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136046886 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136051893 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136084080 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136106014 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136109114 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136116982 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136151075 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136168957 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136178017 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136193991 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136214018 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.136940002 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.136972904 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.137006998 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.137007952 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.137016058 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.137059927 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.177725077 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221347094 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221393108 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221407890 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221427917 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221446037 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221456051 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221467972 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221472025 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221504927 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221558094 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221601963 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221648932 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221657038 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221923113 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221956968 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221966028 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.221976042 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.221998930 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222188950 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222228050 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222235918 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222245932 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222294092 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222301960 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222356081 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222385883 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222392082 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222403049 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222441912 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222865105 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222912073 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222939014 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.222944975 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.222956896 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223023891 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223052979 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223062992 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223072052 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223103046 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223548889 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223582983 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223617077 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223623991 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223654032 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223658085 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223700047 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223726034 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223733902 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223747969 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223752975 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223776102 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223797083 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.223804951 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.223833084 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224596977 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224636078 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224642038 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224653006 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224673033 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224703074 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224711895 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224728107 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224740028 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224762917 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224765062 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224773884 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.224798918 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224836111 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.224997997 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.282378912 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:02.282424927 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:02.282566071 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:02.284276962 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:02.284296036 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:02.308214903 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308249950 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308276892 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308284998 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308299065 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308311939 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308339119 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308346987 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308356047 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308379889 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308388948 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.308685064 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308743000 CEST	49721	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.308754921 CEST	443	49721	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.405862093 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.405905008 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.405953884 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.406575918 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.406591892 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.414400101 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.414412022 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.414586067 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.415760040 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.415774107 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.455173016 CEST	443	49705	23.206.229.226	192.168.2.8
Sep 27, 2024 08:21:02.455271006 CEST	49705	443	192.168.2.8	23.206.229.226
Sep 27, 2024 08:21:02.870208025 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.872576952 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.911241055 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.911252022 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.911513090 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.911520004 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.912579060 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.912641048 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.912858009 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.912905931 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913225889 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913280964 CEST	443	49726	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.913288116 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913378000 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913402081 CEST	49726	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913952112 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.913997889 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.914082050 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.914447069 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.914511919 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.914578915 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.914586067 CEST	443	49725	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.914715052 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.914726973 CEST	49725	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.914978027 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.915011883 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.915060043 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.915555000 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.915565014 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.916127920 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:02.916140079 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:02.946310043 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:02.946388960 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.022464037 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.022496939 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.023657084 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.069153070 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.404515982 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.411068916 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.452689886 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.456091881 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.457046032 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.457057953 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.457628012 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.457645893 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.458751917 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.458765030 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.458909035 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.459006071 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.459199905 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.459259987 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.459791899 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.459863901 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.460113049 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.460120916 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.460319996 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.460326910 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.503395081 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.503485918 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.510463953 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.510492086 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.510538101 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.510674953 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.510700941 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.511405945 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.511405945 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.511435032 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.511656046 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.511667967 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.532485008 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.570694923 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.570852995 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.570905924 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.571721077 CEST	49730	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.571738005 CEST	443	49730	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578828096 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578891039 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578917027 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578948975 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578953981 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.578965902 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.578993082 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.579871893 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.579932928 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.579941034 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.581162930 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.581278086 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.581285000 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.583655119 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.583796978 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.583806992 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.584537029 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.584657907 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.584665060 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.629585981 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.641318083 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.641402006 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.641484976 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.641705990 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.641726017 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.641736984 CEST	49724	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.641741991 CEST	443	49724	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.669675112 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.669867039 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.669915915 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.669924974 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670023918 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670088053 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.670094013 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670197010 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670280933 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.670285940 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670310974 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.670527935 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.670896053 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671051979 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671102047 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.671113014 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671205997 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671247959 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.671253920 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671495914 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671550035 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.671555996 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671648979 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671737909 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671802044 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.671808958 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.671844006 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.671848059 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.672661066 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.672734022 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.672740936 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.672821045 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.672871113 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.672879934 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.690280914 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.690310001 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.690469027 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.690834999 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:03.690846920 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:03.724544048 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.724559069 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.759915113 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.759968042 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760013103 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760016918 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.760031939 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760093927 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.760098934 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760158062 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.760418892 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760426998 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760478020 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.760955095 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.760963917 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761004925 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761014938 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761033058 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761080027 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761085033 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761148930 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761686087 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761727095 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761750937 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761756897 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761765957 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.761782885 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761939049 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.761944056 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.762537956 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.762614965 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.762620926 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.762629986 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.762685061 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.762685061 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.762690067 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.763462067 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.763513088 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.763554096 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.763556004 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.763556004 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.763569117 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.763690948 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.764333010 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.764410973 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.764656067 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.764918089 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.850555897 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850615978 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850627899 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.850637913 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850656986 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850684881 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.850684881 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.850691080 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850784063 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.850795031 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.850924969 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.851111889 CEST	49731	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.851125002 CEST	443	49731	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.991010904 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.991231918 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.991256952 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.992292881 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.992377043 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993103027 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993118048 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993153095 CEST	443	49732	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.993176937 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993212938 CEST	49732	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993626118 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993659973 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.993732929 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993944883 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:03.993954897 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:03.999810934 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.006563902 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.006592035 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.008042097 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.008095980 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.333139896 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:04.333256960 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:04.349345922 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.349457026 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.349517107 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.349596977 CEST	443	49733	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.349705935 CEST	49733	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.350368977 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.350416899 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.350563049 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.468513966 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.523730993 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.589442968 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.589479923 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.589603901 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.589631081 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.591315031 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.591337919 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.591377020 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.593003035 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.593097925 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.593646049 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.593660116 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.643153906 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.695655107 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:04.695673943 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:04.696404934 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:04.710354090 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:04.755404949 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:04.786813021 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.786866903 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.786982059 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.787486076 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.787497997 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.793726921 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.793754101 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.793809891 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.794157028 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.794167042 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.947746992 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.947982073 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:04.948059082 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.959232092 CEST	49735	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:04.959260941 CEST	443	49735	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.024065971 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:05.024456978 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:05.024606943 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:05.057547092 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:05.057574987 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:05.057605982 CEST	49734	443	192.168.2.8	184.28.90.27
Sep 27, 2024 08:21:05.057612896 CEST	443	49734	184.28.90.27	192.168.2.8
Sep 27, 2024 08:21:05.299793005 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.299875975 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.300240993 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.300256014 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.300625086 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.300656080 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.301315069 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.301363945 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.301904917 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.301963091 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.301966906 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.302010059 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.302109957 CEST	443	49737	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.302182913 CEST	49737	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.302663088 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.302762985 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.302855968 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.303173065 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.303210974 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.304169893 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.304239988 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.304848909 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.304940939 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.305115938 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.305124044 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.319499969 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.319776058 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.319789886 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.320889950 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.320945978 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.321388006 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.321446896 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.321608067 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.321614027 CEST	443	49738	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.321660042 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.321679115 CEST	49738	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.322074890 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.322104931 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.322254896 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.322729111 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.322742939 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.433588028 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.433657885 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.433676958 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.433769941 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.433821917 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.433829069 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434062004 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434165001 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434214115 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.434221983 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434511900 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434541941 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.434550047 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.434787989 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.438141108 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520061016 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520137072 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520154953 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.520185947 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520265102 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.520272017 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520323038 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520360947 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.520365953 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520385027 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520428896 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.520437956 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520925045 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520972013 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.520972967 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.520987988 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521023035 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.521199942 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521343946 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521401882 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521440983 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.521447897 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521497965 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.521811008 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521873951 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521928072 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.521965027 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.521971941 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522017002 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522052050 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.522057056 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522430897 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.522764921 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522840023 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522890091 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522927046 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.522933960 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.522972107 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.526365995 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.606971025 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607029915 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607073069 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607093096 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.607152939 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607172012 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.607239008 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607249975 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607294083 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.607302904 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607481956 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607532024 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.607539892 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.607774019 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.607781887 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608006954 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608057976 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608058929 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608067989 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608091116 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608112097 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608505011 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608551979 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608560085 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608586073 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608644962 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608649969 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608664989 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608707905 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608707905 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.608719110 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608731031 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.608766079 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.609519005 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609571934 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.609572887 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609586954 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609616041 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.609647036 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609697104 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.609697104 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609709978 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.609743118 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.610394955 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.610443115 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.610452890 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.610651016 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694091082 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694165945 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694201946 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694261074 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694308043 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694361925 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694415092 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694463015 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694523096 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694572926 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694622993 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694674015 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694871902 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.694922924 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.694968939 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695019007 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695079088 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695125103 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695194006 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695246935 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695310116 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695360899 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695756912 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695811033 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695873022 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.695923090 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.695976973 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.696028948 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.696084023 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.696142912 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.696173906 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.696240902 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699053049 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699117899 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699161053 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699212074 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699265003 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699315071 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699413061 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699470043 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699570894 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699620008 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699675083 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699727058 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.699769974 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.699815989 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.700016975 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700067997 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.700119972 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700175047 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.700218916 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700268030 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.700728893 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700778961 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700797081 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.700812101 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.700839043 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.765526056 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.766015053 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.766089916 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.769700050 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.769778013 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.770097017 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.770226955 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.770281076 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.780677080 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.780710936 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.780745983 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.780764103 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.780782938 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.780806065 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.780812025 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.780895948 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.781594038 CEST	49736	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.781610012 CEST	443	49736	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.782870054 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.783067942 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.783093929 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.783552885 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.783992052 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.784070969 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.784071922 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.831274986 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.831288099 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.887850046 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.887949944 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.888031960 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.888200045 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.888256073 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.889624119 CEST	49740	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.889662981 CEST	443	49740	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928088903 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928200960 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928287029 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928353071 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.928364992 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928479910 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.928494930 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928582907 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.928736925 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.928755045 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.929060936 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.929147959 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.929157972 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.929719925 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.929784060 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.929790974 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.932832003 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.932899952 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:05.932907104 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:05.985369921 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.014615059 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.014719963 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.014764071 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.014803886 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.014816999 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.014878035 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.015095949 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.015156031 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.015197039 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.015233994 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.015239954 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.015353918 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.015960932 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016036987 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016077042 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016099930 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.016107082 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016168118 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.016185999 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016851902 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016891956 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016957998 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.016958952 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.016971111 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.017029047 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.017688990 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.017752886 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.017793894 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.017827034 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.017827034 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.017834902 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.018429041 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.018471956 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.018512964 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.018520117 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.018613100 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.101306915 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.101406097 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.101449966 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.101455927 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.101468086 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.101541042 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.101732016 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102144957 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102195024 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.102195978 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102207899 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102242947 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.102761984 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102824926 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102870941 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.102879047 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.102891922 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.103041887 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.103677034 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.103722095 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.103733063 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.103739023 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.103769064 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.103786945 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.104635000 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.104696989 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.104753017 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.104827881 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.105462074 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.105509996 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.105559111 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.105611086 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.105649948 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.105705976 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.106431007 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.106492996 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.106534004 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.106585026 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.188319921 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.188395023 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.188402891 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.188412905 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.188441992 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.188457966 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.188463926 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.188481092 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.188590050 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:06.189486980 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.193125963 CEST	49741	443	192.168.2.8	188.114.97.3
Sep 27, 2024 08:21:06.193140030 CEST	443	49741	188.114.97.3	192.168.2.8
Sep 27, 2024 08:21:10.204988003 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:10.205076933 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:10.205187082 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:12.555403948 CEST	49712	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:12.555430889 CEST	443	49712	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:59.692960024 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:59.693012953 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:21:59.693075895 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:59.693618059 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:21:59.693633080 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:00.328136921 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:00.331773996 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:22:00.331840992 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:00.332362890 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:00.334260941 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:22:00.334362984 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:00.382801056 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:22:10.251315117 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:10.251481056 CEST	443	49751	142.250.186.132	192.168.2.8
Sep 27, 2024 08:22:10.251540899 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:22:10.758759975 CEST	49751	443	192.168.2.8	142.250.186.132
Sep 27, 2024 08:22:10.758814096 CEST	443	49751	142.250.186.132	192.168.2.8

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 08:20:57.574667931 CEST	53	59969	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:57.587461948 CEST	53	55418	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:58.568710089 CEST	53	58781	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.159507990 CEST	62871	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.159637928 CEST	56810	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.172231913 CEST	53	62871	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.180428982 CEST	53	56810	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.200150013 CEST	64265	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.200323105 CEST	54643	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.219520092 CEST	53	54643	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.223295927 CEST	53	64265	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.641132116 CEST	61956	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.641401052 CEST	49941	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:20:59.647824049 CEST	53	61956	1.1.1.1	192.168.2.8
Sep 27, 2024 08:20:59.648088932 CEST	53	49941	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:00.776562929 CEST	53	54556	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:03.491605043 CEST	50824	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:21:03.491826057 CEST	61182	53	192.168.2.8	1.1.1.1
Sep 27, 2024 08:21:03.505911112 CEST	53	50824	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:03.509829998 CEST	53	61182	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:04.845920086 CEST	53	53645	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:16.105916023 CEST	53	61525	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:37.254846096 CEST	53	51162	1.1.1.1	192.168.2.8
Sep 27, 2024 08:21:39.941503048 CEST	138	138	192.168.2.8	192.168.2.255
Sep 27, 2024 08:21:57.384351969 CEST	53	53909	1.1.1.1	192.168.2.8
Sep 27, 2024 08:22:01.590472937 CEST	53	50246	1.1.1.1	192.168.2.8

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 27, 2024 08:20:59.159507990 CEST	192.168.2.8	1.1.1.1	0x49e4	Standard query (0)	fishing-lake-vip.pics	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.159637928 CEST	192.168.2.8	1.1.1.1	0x97de	Standard query (0)	fishing-lake-vip.pics	65	IN (0x0001)	false
Sep 27, 2024 08:20:59.200150013 CEST	192.168.2.8	1.1.1.1	0x1ab5	Standard query (0)	fishing-lake-vip.pics	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.200323105 CEST	192.168.2.8	1.1.1.1	0x9eca	Standard query (0)	fishing-lake-vip.pics	65	IN (0x0001)	false
Sep 27, 2024 08:20:59.641132116 CEST	192.168.2.8	1.1.1.1	0x2548	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.641401052 CEST	192.168.2.8	1.1.1.1	0x8bdb	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 27, 2024 08:21:03.491605043 CEST	192.168.2.8	1.1.1.1	0xe807	Standard query (0)	fishing-lake-vip.pics	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:21:03.491826057 CEST	192.168.2.8	1.1.1.1	0xf2e3	Standard query (0)	fishing-lake-vip.pics	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 27, 2024 08:20:59.172231913 CEST	1.1.1.1	192.168.2.8	0x49e4	No error (0)	fishing-lake-vip.pics		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.172231913 CEST	1.1.1.1	192.168.2.8	0x49e4	No error (0)	fishing-lake-vip.pics		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.180428982 CEST	1.1.1.1	192.168.2.8	0x97de	No error (0)	fishing-lake-vip.pics			65	IN (0x0001)	false
Sep 27, 2024 08:20:59.219520092 CEST	1.1.1.1	192.168.2.8	0x9eca	No error (0)	fishing-lake-vip.pics			65	IN (0x0001)	false
Sep 27, 2024 08:20:59.223295927 CEST	1.1.1.1	192.168.2.8	0x1ab5	No error (0)	fishing-lake-vip.pics		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.223295927 CEST	1.1.1.1	192.168.2.8	0x1ab5	No error (0)	fishing-lake-vip.pics		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.647824049 CEST	1.1.1.1	192.168.2.8	0x2548	No error (0)	www.google.com		142.250.186.132	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:20:59.648088932 CEST	1.1.1.1	192.168.2.8	0x8bdb	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 27, 2024 08:21:03.505911112 CEST	1.1.1.1	192.168.2.8	0xe807	No error (0)	fishing-lake-vip.pics		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:21:03.505911112 CEST	1.1.1.1	192.168.2.8	0xe807	No error (0)	fishing-lake-vip.pics		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:21:03.509829998 CEST	1.1.1.1	192.168.2.8	0xf2e3	No error (0)	fishing-lake-vip.pics			65	IN (0x0001)	false
Sep 27, 2024 08:21:13.665550947 CEST	1.1.1.1	192.168.2.8	0x5c1a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 08:21:13.665550947 CEST	1.1.1.1	192.168.2.8	0x5c1a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:21:29.248502970 CEST	1.1.1.1	192.168.2.8	0x1821	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 08:21:29.248502970 CEST	1.1.1.1	192.168.2.8	0x1821	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:21:54.220803022 CEST	1.1.1.1	192.168.2.8	0x577f	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 08:21:54.220803022 CEST	1.1.1.1	192.168.2.8	0x577f	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 27, 2024 08:22:11.346584082 CEST	1.1.1.1	192.168.2.8	0x3a03	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 27, 2024 08:22:11.346584082 CEST	1.1.1.1	192.168.2.8	0x3a03	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

fishing-lake-vip.pics

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.8	49713	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:00 UTC	664	OUT	GET / HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:00 UTC	866	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:00 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 27 Sep 2024 06:21:00 GMT Set-Cookie: fb_pixel=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Vary: Accept-Encoding X-Powered-By: PHP/7.4.33 Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVunkBu%2BfsIW3QhJqZunN%2BO6ryD0wxLHZ0N%2F0S2DEgR3YxUsA1TzD%2BjndVZ1KVxa0fnq4Z3kes6UdhQ%2BBJs0O5pNM8cW7cqYnXAViKb8bJ1k%2F%2BPZ1XujszL%2BHQMfvEviANrhURfyVVo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8c99641cbf357286-EWR
2024-09-27 06:21:00 UTC	503	IN	Data Raw: 31 38 31 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 3c 62 61 73 65 20 68 72 65 66 3d 22 2f 6c 61 6e 64 65 72 2f 73 6c 61 76 61 32 2f 69 6e 64 65 78 2e 70 68 70 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 63 73 73 4c 69 6e 6b 22 20 68 72 65 66 3d 22 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 20 20 20 20 3c 6c Data Ascii: 1815<!DOCTYPE html><html lang="en"><head><base href="/lander/slava2/index.php"> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="stylesheet" id="cssLink" href="css/style.css"> <l
2024-09-27 06:21:00 UTC	1369	IN	Data Raw: 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 3a 77 67 68 74 40 33 30 30 3b 34 30 30 3b 35 30 30 3b 37 30 30 3b 39 30 30 26 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 66 62 71 28 29 20 7b 7d 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 Data Ascii: rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&&display=swap" rel="stylesheet"> <script>function fbq() {};</script></head><body> <div class
2024-09-27 06:21:00 UTC	1369	IN	Data Raw: 70 6c 61 79 28 69 73 44 61 72 6b 4d 6f 64 65 29 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 69 6e 69 74 54 68 65 6d 65 4c 69 73 74 65 6e 65 72 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 77 69 6e 64 6f 77 2e 6d 61 74 63 68 4d 65 64 69 61 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 64 61 72 6b 54 68 65 6d 65 4d 65 64 69 61 51 75 65 72 79 20 3d 20 77 69 6e 64 6f 77 2e 6d 61 74 63 68 4d 65 64 69 61 28 27 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 61 72 6b 54 68 65 6d 65 4d 65 64 69 61 51 75 65 72 79 2e 61 64 64 4c 69 73 74 65 6e 65 72 28 68 61 6e 64 6c 65 54 68 65 Data Ascii: play(isDarkMode); } function initThemeListener() { if (window.matchMedia) { var darkThemeMediaQuery = window.matchMedia('(prefers-color-scheme: dark)'); darkThemeMediaQuery.addListener(handleThe
2024-09-27 06:21:00 UTC	1369	IN	Data Raw: 4d 4f 20 79 20 c3 ba 6e 65 74 65 20 61 6c 20 65 71 75 69 70 6f 20 64 65 20 47 41 4e 41 44 4f 52 45 53 2e 20 c2 a1 41 43 54 c3 9a 41 20 64 65 20 49 4e 4d 45 44 49 41 54 4f 21 3c 2f 68 34 3e 20 20 20 3c 21 2d 2d 20 35 29 20 4d 61 69 6e 20 63 68 61 6e 6e 65 6c 20 64 65 73 63 72 69 70 74 69 6f 6e 2c 20 3c 62 72 3e 20 2d 20 74 6f 20 77 72 61 70 20 74 6f 20 61 20 6e 65 77 20 6c 69 6e 65 20 20 2d 2d 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 6f 6e 63 6c 69 63 6b 3d 22 73 75 62 6d 69 74 46 6f 72 6d 28 29 3b 22 20 63 6c 61 73 73 3d 22 62 74 6e 5f 6a 6f 69 6e 20 22 3e 53 55 53 43 52 49 42 49 52 53 45 3c 2f 62 75 74 74 6f 6e 3e 3c 21 2d 2d 20 36 29 20 4d 61 69 6e 20 62 75 74 74 6f Data Ascii: MO y nete al equipo de GANADORES. ACTA de INMEDIATO!</h4> ... 5) Main channel description, <br> - to wrap to a new line --> </div> <button onclick="submitForm();" class="btn_join ">SUSCRIBIRSE</button>... 6) Main butto
2024-09-27 06:21:00 UTC	1369	IN	Data Raw: 73 65 72 5f 61 67 65 6e 74 22 20 76 61 6c 75 65 3d 22 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65 2f 31 31 37 2e 30 2e 30 2e 30 20 53 61 66 61 72 69 2f 35 33 37 2e 33 36 22 3e 3c 62 72 3e 0a 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 69 64 3d 22 69 70 5f 61 64 72 65 73 73 22 20 6e 61 6d 65 3d 22 69 70 5f 61 64 72 65 73 73 22 20 76 61 6c 75 65 3d 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 3e 3c 62 72 3e 0a 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 69 64 3d 22 73 75 62 5f 69 64 31 22 20 6e 61 6d Data Ascii: ser_agent" value="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"><br> <input type="text" id="ip_adress" name="ip_adress" value="8.46.123.33"><br> <input type="text" id="sub_id1" nam
2024-09-27 06:21:00 UTC	194	IN	Data Raw: 22 5b 69 64 5e 3d 27 72 65 64 69 72 65 63 74 27 5d 22 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 6c 65 6d 65 6e 74 29 20 7b 0a 20 20 20 20 65 6c 65 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 20 66 75 6e 63 74 69 6f 6e 28 65 76 65 6e 74 29 20 7b 0a 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 73 75 62 6d 69 74 46 6f 72 6d 28 29 3b 0a 20 20 20 20 7d 29 3b 0a 20 20 7d 29 3b 0a 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: "[id^='redirect']").forEach(function(element) { element.addEventListener("click", function(event) { event.preventDefault(); submitForm(); }); });</script></body></html>
2024-09-27 06:21:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.8	49723	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:01 UTC	568	OUT	GET /lander/slava2/css/style.css HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://fishing-lake-vip.pics/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:01 UTC	716	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:01 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: W/"66c30611-1476" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88189 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NcawncfqGFBS5vOfpkrAzQe%2BpJAek0q94TzyhHBmmlrEyyGPotPBYBURQ47f6w0PmrdKdCeo7CFfFyB8eeuaVliWZrBD2tofJsnmNaXoNrRvMYH3MDXz1%2BQpyBqKqpaajlfr7Lex9k%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c9964268ff30f64-EWR
2024-09-27 06:21:01 UTC	653	IN	Data Raw: 31 34 37 36 0d 0a 68 74 6d 6c 20 7b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 0a 7d 0a 0a 70 2c 0a 68 31 2c 0a 68 32 2c 0a 68 33 2c 0a 68 34 2c 0a 68 35 2c 0a 68 36 2c 0a 61 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 62 75 74 74 6f 6e 20 7b 0a 20 20 20 20 61 70 70 65 61 72 61 6e 63 65 3a 20 Data Ascii: 1476html { box-sizing: border-box;}body { margin: 0; padding: 0; font-family: 'Roboto', sans-serif;}p,h1,h2,h3,h4,h5,h6,a { margin: 0; padding: 0; font-family: 'Roboto', sans-serif;}button { appearance:
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 3b 0a 20 20 20 20 2f 2a 20 d0 a3 d0 b4 d0 b0 d0 bb d0 b8 d1 82 d1 8c 20 d1 84 d0 be d0 bd 20 2a 2f 0a 20 20 20 20 2f 2a 20 d0 94 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d1 8b d0 b5 20 d1 81 d1 82 d0 b8 d0 bb d0 b8 20 d0 bf d0 be 20 d0 b2 d0 b0 d1 88 d0 b5 d0 bc d1 83 20 d1 83 d1 81 d0 bc d0 be d1 82 d1 80 d0 b5 d0 bd d0 b8 d1 8e 20 2a 2f 0a 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0a 7d 0a 0a 2a 2c 0a 2a 3a 3a 62 65 66 6f 72 65 2c 0a 2a 3a 3a 61 66 74 65 72 20 7b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 69 6e 68 65 72 69 74 3b 0a 7d 0a 0a 2e 62 6c 6f 6b 31 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 2e 2e 2f 69 6d 61 67 65 73 2f 74 67 2d 64 61 79 2e 6a 70 67 Data Ascii: ; /* / / / cursor: pointer;},::before,::after { box-sizing: inherit;}.blok1 { background-image: url(../images/tg-day.jpg
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 2d 77 69 64 74 68 3a 20 34 30 30 70 78 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 33 32 70 78 20 31 36 70 78 3b 0a 20 20 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 36 70 78 3b 0a 20 20 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 2e 31 35 73 20 65 61 73 65 20 2e 31 35 73 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 20 20 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 0a 2e 6c 6f 67 6f 5f 6b 61 6e 61 6c 20 69 6d 67 20 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 32 32 70 78 3b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 31 32 32 70 78 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 36 31 70 78 3b 0a 7d 0a 0a 2e 6c 6f 67 6f 5f 6b 61 6e 61 6c 20 7b 0a 20 20 20 20 70 61 64 64 Data Ascii: -width: 400px; padding: 32px 16px; border-radius: 16px; transition: all .15s ease .15s; background-color: #fff; top: 100px;}.logo_kanal img { width: 122px; height: 122px; border-radius: 61px;}.logo_kanal { padd
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 32 32 70 78 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 2e 31 35 73 20 65 61 73 65 20 2e 31 35 73 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 33 70 78 3b 20 0a 7d 0a 0a 0a 40 6b 65 79 66 72 61 6d 65 73 20 67 72 61 64 69 65 6e 74 41 6e 69 6d 61 74 69 6f 6e 20 7b 0a 0a 20 20 20 20 30 25 2c 0a 20 20 20 20 31 30 30 25 20 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 25 20 31 30 30 25 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 35 30 25 20 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 31 30 30 25 20 Data Ascii: border-radius: 22px; text-align: center; transition: all .15s ease .15s; margin-bottom: 3px; }@keyframes gradientAnimation { 0%, 100% { background-position: 0% 100%; } 50% { background-position: 100%
2024-09-27 06:21:01 UTC	486	IN	Data Raw: 6b 65 79 66 72 61 6d 65 73 20 70 6c 61 79 5f 64 6f 77 6e 20 7b 0a 20 20 20 20 30 25 20 7b 0a 20 20 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 72 67 62 61 28 32 30 36 2c 20 32 30 34 2c 20 32 30 34 2c 20 30 29 3b 0a 20 20 20 20 20 20 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 72 67 62 61 28 32 30 36 2c 20 32 30 34 2c 20 32 30 34 2c 20 30 29 3b 0a 20 20 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 72 67 62 61 28 32 30 36 2c 20 32 30 34 2c 20 32 30 34 2c 20 30 29 3b 20 0a 20 20 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 31 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 35 30 25 20 7b 0a 20 20 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 73 63 61 6c 65 28 31 2e 31 29 3b 20 Data Ascii: keyframes play_down { 0% { -webkit-box-shadow: 0 0 rgba(206, 204, 204, 0); -moz-box-shadow: 0 0 rgba(206, 204, 204, 0); box-shadow: 0 0 rgba(206, 204, 204, 0); transform: scale(1); } 50% { transform: scale(1.1);
2024-09-27 06:21:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.8	49722	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:01 UTC	619	OUT	GET /lander/slava2/images/favicon.png HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://fishing-lake-vip.pics/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:01 UTC	738	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:01 GMT Content-Type: image/png Content-Length: 1043 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-413" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88189 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jpQDTLMah7BT9xhHfqdcCI4PVZidzxR1VK4VGifvuqAoJXdSZ7bYsHe%2BF%2B1N%2BYMIXAzS4Chub2vkXArEre0VvObZa6dEmu6eFYgOb%2FIGrA6s%2FWeKMaZexFUAQn8vnrtj6IWmDHCM%2Bhs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c996426ec70c46d-EWR
2024-09-27 06:21:01 UTC	631	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 03 da 49 44 41 54 78 01 bd d3 03 93 7b 57 18 06 f0 bb f8 14 3b 8c 51 db b6 07 b5 db f1 f4 cf 41 8d f1 d4 b6 b5 4a ba a8 8d a4 b6 db d8 36 d6 37 c9 d3 e7 24 b7 3b ab 68 f5 ce fc 16 77 5e 9d 73 13 a9 93 30 5b 73 fd 64 a2 1d 34 46 2e 2a 53 55 51 56 9e 8d d1 0e 25 b7 5f da 60 70 70 b6 8f 8e a0 a7 c9 4f 32 a1 0d 59 c9 7d 5a a9 ed 5b d7 70 93 25 33 60 b6 64 ee 35 5b b2 29 c2 3a a5 44 0f d1 ab db e1 87 91 9d 6a 84 0d aa 29 bd 0e eb 6c f8 68 fa 24 93 25 ed 24 6c 32 a7 e8 dd 66 78 ea 70 26 39 08 5b c4 21 66 34 1b 3e 40 36 c2 16 b3 d1 f2 cf 84 71 24 d9 4b f7 10 b6 c9 3d d4 bb 74 81 23 29 49 d8 28 03 e9 86 13 d0 0e 25 60 e0 ef 26 79 49 3a b2 31 7c 38 de 67 1c 4e Data Ascii: PNGIHDR szzIDATx{W;QAJ67$;hw^s0[sd4F.*SUQV%_`ppO2Y}Z[p%3`d5[):Dj)lh$%$l2fxp&9[!f4>@6q$K=t#)I(%`&yI:1\|8gN
2024-09-27 06:21:01 UTC	412	IN	Data Raw: f7 97 02 d4 af 85 da 2d 50 e2 02 21 27 61 29 1d 0b 35 af 86 60 1c 0c e1 84 f1 28 ae ff 34 85 dd f6 0c 4e 9d 8c 41 fd 6a e3 d9 b7 f1 e6 c3 b9 2f 0f 90 66 6e 50 e9 d9 94 53 d2 bd 16 1c 23 34 a3 65 13 b5 42 a3 fc de c1 e6 e2 5b d0 2c 0a fc cc 5c f0 6e 9c f9 cd fb 2a c6 c4 02 3b 48 26 74 80 0b 05 70 e0 70 08 0f fe 9a 47 66 b6 82 b5 c2 5b 5c c0 d1 d6 b0 c8 6d d5 4b a6 1d 92 ee d5 80 99 fc 84 4e d5 1b d3 e5 1f c6 f1 5d 62 16 2b 2f c3 1e 9d c1 3e 83 41 25 af 29 3f 99 79 03 81 3e dd ab fe a7 08 dd d0 92 fa 15 3f 0e 1f 0d e1 b1 df f3 c8 cd 55 a1 04 5e fc a7 08 cd 2b cc 69 dd e3 29 31 5b 12 c1 c4 23 b5 af f8 93 84 2e 71 90 af 3e e8 ea 8f e2 f8 2a 36 03 4f 61 01 57 f0 66 d4 2f fb 5a d5 25 c5 4c e9 ff e0 36 bd da 57 7c f7 10 d6 4b 0c 3c 60 28 80 a3 2d 41 9e ae 6d fe Data Ascii: -P!'a)5`(4NAj/fnPS#4eB[,\n;H&tppGf[\mKN]b+/>A%)?y>?U^+i)1[#.q>6OaWf/Z%L6W\|K<`(-Am

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.8	49721	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:01 UTC	616	OUT	GET /lander/slava2/images/logo.jpg HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://fishing-lake-vip.pics/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:01 UTC	735	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:01 GMT Content-Type: image/jpeg Content-Length: 240563 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-3abb3" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88189 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UioqzucBGFOqtFhmChRVXuYFReCcq4z78Oj8DElTL4J%2Br2Ij94lZOGligSNyImj2eh6HSOsY2kKKZbJXL8N0bckjEU41sRywD29GOYJNdbgxZ1U0pXXVANFNJLMJFT0RLkYnz0pq%2FYI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c996426efabc40c-EWR
2024-09-27 06:21:01 UTC	634	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 04 03 03 04 03 03 04 04 03 04 05 04 04 05 06 0a 07 06 06 06 06 0d 09 0a 08 0a 0f 0d 10 10 0f 0d 0f 0e 11 13 18 14 11 12 17 12 0e 0f 15 1c 15 17 19 19 1b 1b 1b 10 14 1d 1f 1d 1a 1f 18 1a 1b 1a ff db 00 43 01 04 05 05 06 05 06 0c 07 07 0c 1a 11 0f 11 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a ff c2 00 11 08 05 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 03 01 02 04 05 06 00 07 08 ff c4 00 1b 01 00 03 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f3 79 02 65 7a Data Ascii: JFIFHHCC"yez
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 44 d3 06 39 12 e4 89 dc d3 5e ce 68 a8 9c 84 78 d4 44 69 0a f1 8a f9 48 f1 69 39 d5 8b 18 65 ac c6 e2 bd 26 93 ba 1a a8 03 1a cd 1c 62 65 d7 21 46 ec fb 09 c8 b3 b2 be 3a e5 89 d4 2a 51 78 5c 82 a8 54 0a a2 e0 2a 85 44 65 0f 08 ca 25 03 be 33 9c 15 18 c7 12 38 0f 61 78 7c 04 70 d1 85 58 ee 41 5a c5 74 8a 9c ac 41 97 c5 41 1d 97 15 56 3b 8e 6e 90 77 fc 3c eb 34 ca cc aa 6a f8 32 31 f6 c8 3c 4f 6d 18 18 c5 d7 8c bc b1 74 2d 46 77 b4 0c 1d 1b 6f 82 dd 62 58 30 75 cf 96 22 86 33 a2 6d 24 74 64 a6 03 87 c5 1a 84 81 88 83 5e 4e 29 dc 9c 35 e4 e0 55 6f 03 91 14 44 56 c8 33 8c c2 0c 15 79 1a 71 06 d1 13 83 d7 89 42 ad be 66 bd 8f d7 15 61 11 cb 64 47 20 d5 8f 6a d1 1c d2 b9 6b 25 9a b1 82 73 f3 c5 17 9f 59 b1 49 c9 0c aa ad 27 20 10 65 87 d3 b4 d1 88 bc fd ad e7 Data Ascii: D9^hxDiHi9e&be!F:Qx\TDe%38ax\|pXAZtAAV;nw<4j21<Omt-FwobX0u"3m$td^N)5UoDV3yqBfadG jk%sYI' e
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 62 2f 2f a8 a9 dd 3a f7 77 02 f2 70 96 63 64 2e 39 f5 13 6b 97 9b 1e 49 56 b2 13 55 83 92 10 cf 6a a6 e8 02 34 1b 1c f3 d3 17 2f 1b 27 2a 89 aa aa 24 e5 e1 72 a2 87 46 94 95 cf 1d 53 b7 f3 f9 dc a6 67 74 72 e9 e7 18 4f 73 23 bd 13 9b d7 77 77 46 eb c8 84 0d e0 b2 ae 0e b0 69 4b 57 f3 95 52 09 4b 87 d1 c7 e4 19 6d 2b 1e df a6 fa 1e 2b 6b 97 8e 4a ab 1c f2 cf c3 85 2a 3e fe e3 24 82 e4 c3 37 61 71 97 d3 cd 36 8f 3d a9 f3 ae 86 2d 85 0e fc 7a 8a 92 06 6a cd 63 47 cd dc 63 ae e4 97 0a dc b2 39 f4 ab e7 57 eb 94 b8 f0 b6 3d 73 9d 89 6d 55 a7 d1 77 77 1a 2a 72 07 2a 23 4b cd 42 44 4e 06 bc 04 d0 d3 ee e7 93 2f 45 ae c6 09 fb 5c 4f a6 9c d9 b8 d6 79 ee 07 7a f2 8b aa 33 9a 46 df 54 82 be bf 45 46 22 dd 2d 61 c2 ae b5 a5 e6 be 93 ab ab ee e7 ce c0 dd 46 a3 0a 47 Data Ascii: b//:wpcd.9kIVUj4/'$rFSgtrOs#wwFiKWRKm++kJ>$7aq6=-zjcGc9W=smUwwr#KBDN/E\Oyz3FTEF"-aFG
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 95 4b da 65 6f 14 95 89 d9 b2 9e 54 9e aa 45 8b c3 dd 21 32 36 49 59 b2 d1 8d d2 e6 26 ca db 9b 35 03 47 45 d1 8c 6f 49 c6 83 0e 8d 3f 99 eb a9 74 a8 ba 08 52 a3 7b a9 31 2c 3e 43 e8 71 af 30 3e 92 9e e6 bc b5 4e 40 56 ab 44 7a fb 00 57 89 7e 0a fb d7 c5 8f 04 d1 69 9c 69 a3 90 c0 be 59 ca ab 3c 92 82 09 f1 51 26 13 64 0a e4 35 41 8d 66 3c 2c 7a d8 0e 0c a4 13 53 5b 37 6c 25 74 77 e9 9c 97 c6 20 cb 3a 04 ac b7 a7 d0 d3 5d 6b 0c ab b3 4d f8 71 2d 79 b8 bb 44 c7 33 c7 f4 5a e5 29 2d a9 b1 ae df 99 d6 75 b6 7d 9c 92 0c 33 ab e9 91 a6 8c da 3a db 2e fe e1 88 cd e6 9f 32 ab f5 9a df a5 f5 3c ec db a9 91 35 59 0d d6 57 5a a9 99 67 5d e8 f6 ed 9d 9d b8 f9 ef 33 2b 79 8e 3f bf d7 e8 b5 17 59 5f 9d e1 a2 64 98 1f 6b ed e8 ef 68 f6 9f 1f c3 4f 5d 3a 2f cc 65 51 57 Data Ascii: KeoTE!26IY&5GEoI?tR{1,>Cq0>N@VDzW~iiY<Q&d5Af<,zS[7l%tw :]kMq-yD3Z)-u}3:.2<5YWZg]3+y?Y_dkhO]:/eQW
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 8c 9e 19 7c 94 fa a9 15 1b 6b 0c 91 af 7d 2f 24 4e b4 9d c1 ef 67 7b 6b 2b 9e 30 09 e8 8f 98 f3 8e f4 61 8f cf 7b 6f 5d ae 99 9e b4 6f 46 b5 a9 60 a3 ae 4b 77 0e 9b ac b9 95 c7 9b 20 55 70 ee e3 39 ab b5 24 b0 08 a4 a9 79 84 7b 6b a2 5d 95 7e d0 e6 ce 9a ec 55 cb 16 45 a1 2b 96 8c b2 eb 2a ab a2 94 2f ab 12 af e7 e2 b3 9f 11 07 e8 ea 23 2c 64 09 5d 11 02 67 42 e0 9c 90 f8 26 2c 25 1c c4 8b cc 96 d8 fc 91 f8 2a c2 70 f8 64 46 28 39 13 98 bd dc 1d cb c0 8b dc 1d ca ad d9 c1 53 91 5d 05 63 81 14 6e 14 cb 2a fb 04 30 72 d4 70 d1 c8 c4 ee 20 09 2f a0 b5 03 9c 89 a2 ac e6 41 5b c8 02 86 ab 62 8a d7 e9 86 cc fa d9 42 10 9f a1 d6 3a c3 69 2e 6e 5d 42 35 b1 4a 8d 07 44 d1 e4 eb 76 f1 54 f8 e5 77 ab e5 08 c5 ce b8 43 30 ba 50 36 e5 9a 50 9b c0 fa 68 ec 71 a1 38 81 Data Ascii: \|k}/$Ng{k+0a{o]oF`Kw Up9$y{k]~UE+/#,d]gB&,%pdF(9S]cn*0rp /A[bB:i.n]B5JDvTwC0P6Phq8
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 8a 44 69 13 30 81 60 28 9a d4 90 dc e5 dc e1 a9 7c a8 f2 56 5e 41 26 b2 6f 2f d1 9a cb 39 7b f3 b2 ea 7b 88 6e 2a fa 59 3e af c5 af 75 53 39 7d 6b d6 d7 47 0b 82 e6 27 0a f5 f5 16 6e 5e 3e af 34 b8 80 a9 1d 1b ba 8c fe d3 9e ab 39 17 a3 b5 a4 63 85 86 83 69 57 dd e3 18 a0 91 b7 7a d9 9f 5b c9 51 26 d5 13 ca 8c 7c 72 87 d0 fa 10 aa 2d f0 e7 41 22 35 fc 5a 9e 3b 55 59 b2 90 fc de a6 8e fa 8e 69 8c 48 cf 5d b8 23 36 7d 83 54 ed d1 bd bc e8 75 fc 3c 81 75 cc 0c b7 5d 47 0a 5d 15 40 13 d2 d0 e8 b2 39 f6 8a c3 3c 79 d2 f6 0d 7d 79 37 86 cf b1 ed 6b 26 85 8f 2d 10 e0 3f 4c 0d dd da f1 cd 87 32 13 42 e4 6b 23 cb 87 32 64 ba ec 8a 27 e8 7e 7e 8a 1a 2b cb cc 7e 66 43 49 57 6d 5d 10 62 17 52 32 bc e6 68 1e 93 94 d0 f3 f4 1e 40 89 d7 a3 1e e4 e8 94 7f 11 ae 63 f9 a6 Data Ascii: Di0`(\|V^A&o/9{{n*Y>uS9}kG'n^>49ciWz[Q&\|r-A"5Z;UYiH]#6}Tu<u]G]@9<y}y7k&-?L2Bk#2d'~~+~fCIWm]bR2h@c
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 94 b1 c9 18 a4 8c 78 a6 8d e7 0c a6 80 af 4c 6f 7b d4 b8 46 01 11 46 45 b6 a4 69 eb 27 1c 04 78 c9 93 1a 6e 78 c9 73 41 97 37 85 d8 55 5a f3 fb 67 95 5e 57 9d d0 1d 13 4f 2d c0 33 33 eb ce 47 64 ce 4f a5 1d a5 74 ac 7d 1e 47 b2 36 58 a6 93 d1 c1 54 7b 18 bb f3 9d 47 59 c9 e9 eb 24 67 ed 75 f3 89 3e 05 8c f9 a2 56 af 56 b5 3e 7b e8 be 71 7e 37 b1 2c 43 9c 73 c9 97 09 3b 06 67 aa 9a da 33 3c 00 d0 e6 26 c5 6b 07 4d 73 4d 72 af 6b 82 4d d5 1d c4 9e d1 2e 9a fb c9 f4 da 87 87 5a f0 e2 b4 a9 6c 48 d4 99 08 79 6d 22 46 7a 46 9b 6e 6a 6b c7 44 2e 4d ad 2d cb 56 24 01 64 ce e5 37 b8 dd 30 83 a4 cf df 6b 9e 73 ab 3a f1 7d ae 72 49 56 75 17 34 65 43 e4 52 6d 00 71 4f 47 b6 4d 90 c5 bf 81 c2 99 09 f1 f6 97 35 68 e3 dc ec eb f5 79 f5 66 45 2e 2f 4e e4 73 4d a6 84 2b Data Ascii: xLo{FFEi'xnxsA7UZg^WO-33GdOt}G6XT{GY$gu>VV>{q~7,Cs;g3<&kMsMrkM.ZlHym"FzFnjkD.M-V$d70ks:}rIVu4eCRmqOGM5hyfE./NsM+
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: 22 2c 9c 51 4c 71 ed 77 30 ec df 77 72 f6 9d 0a 39 11 15 96 4c 33 15 31 f1 c9 32 e7 22 8d ce 07 01 18 f6 36 88 d7 27 c8 f4 06 85 47 4d 44 f6 94 c7 2f 0d 39 5e 21 c9 3c 95 9c 37 20 09 2d 5b 47 54 49 90 0d 44 b2 0e 74 f3 74 98 86 cf 92 0f 8b fb bf 8a 67 d8 0f 48 f3 af 48 79 68 08 9d a7 0f 80 96 29 b9 bd c9 ce 0d c6 13 4e db 4a 4c b1 d2 e4 74 39 39 f6 8e 26 76 bb 35 a7 d1 dc e2 99 ea 7d ba f2 ad 0d e6 6f 3c 7d cf c9 7d 5f cb b7 aa 0e 6b 3b be 80 ce b9 b2 cf 8f 26 dd 0d 4b d7 d1 2e a8 74 5e 67 ce e4 bc c3 d4 3c c3 5e 6d c5 bd 25 ad 78 d2 df 19 c3 91 77 9a d3 09 82 38 80 10 e6 c5 0f 28 a0 d0 67 da e4 ee 4d 75 d9 1d 5d d0 6a 74 b4 b2 bd 7a 46 7b 45 e4 fa 91 a8 6d b3 f3 d3 37 69 9b b1 d3 3e a0 7d 6d d9 85 5b 23 a1 4b 2b 63 99 c7 9b 92 d5 e7 36 72 02 58 b9 48 80 Data Ascii: ",QLqw0wr9L312"6'GMD/9^!<7 -[GTIDttgHHyh)NJLt99&v5}o<}}_k;&K.t^g<^m%xw8(gMu]jtzF{Em7i>}m[#K+c6rXH
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: fc 87 d4 7d ce d0 d2 68 f3 5e ef ca d7 67 6d 2b fc 6f a7 97 ea de 43 eb 7e 11 91 c8 6c 31 f3 74 45 11 3b 7d 77 b9 aa ee 54 da b2 ac ec 5b 1c c8 41 10 53 98 f2 3a dc 96 5f 29 cd 56 c7 1d a6 a7 28 5c ea 47 a3 f9 f7 a2 72 6f 9f 83 67 51 1a 6b 3d 57 c3 fd 5b cd e8 bb cb ea 45 ce b1 c1 94 be ad d3 83 44 dd 9d 1b a7 46 d1 08 2b 1e 91 20 2c 24 a3 4a 88 67 3a bc ed 9c ce 7c aa 75 f9 1b 5e fc 36 ed c3 c3 ec e5 d0 e0 ed e8 f9 2c 90 6c 26 d5 66 60 ee 60 e5 ad 4d 45 c6 70 75 92 e2 5c f5 72 7a e6 d2 05 a5 75 e7 eb 0f 05 5c b9 75 84 2a d2 45 4d a9 73 9c 17 d5 bd 59 cd 93 87 ce 8b cc 68 19 e0 78 c8 d6 23 09 c3 70 ca aa d4 9a c5 8e c5 1f 31 d7 73 1c d2 f7 38 94 5e 75 4f 39 38 82 94 12 0c de 76 be 30 2d 75 82 73 63 82 f3 df 41 c4 72 f7 ed 36 39 2d 6f 77 99 33 37 a6 c9 53 Data Ascii: }h^gm+oC~l1tE;}wT[AS:_)V(\GrogQk=W[EDF+ ,$Jg:\|u^6,l&f``MEpu\rzu\u*EMsYhx#p1s8^uO98v0-uscAr69-ow37S
2024-09-27 06:21:01 UTC	1369	IN	Data Raw: d9 cd 10 4a 8d 33 97 a8 4e 55 67 39 af 25 c8 5e 72 c5 47 38 57 35 e4 21 b8 d3 9a 0a 5a 73 f3 f9 fe 43 d0 31 9c de 87 a2 68 68 6f 3a fc 37 79 0f ae 79 2c fa 78 59 51 6c 1b 04 a0 4d cb 6b e9 36 f3 3b 38 70 55 9e 93 17 2e 8f 21 90 ae ec f1 a7 35 59 d3 cd 0f b9 93 42 4e 1e 3a fa 3e b7 cd 7d 17 cb f5 7c e6 83 d1 b0 bd 1e fe 32 56 86 62 e4 a8 d0 85 74 f6 1b ea f4 17 78 79 94 d4 56 50 31 78 99 75 d6 1e c7 96 fb 28 17 f9 f4 fa c5 0d ee 7f 97 c5 99 e4 1e e9 e1 ab da e0 b8 4b e8 92 b2 fb d4 39 fe 7b 0f a9 b8 07 27 35 7c 6b 18 ec 8c f5 1d 0d 19 18 5c 07 c9 05 e6 f9 35 72 82 db a1 2e 7b 19 83 6b a3 34 7c 0b ca d7 49 cd 2b 12 74 22 21 02 51 b1 79 52 93 1f 27 94 05 50 94 9e 58 c6 68 d1 64 aa 9a ad 06 7e ed 65 33 97 8b 16 4f 55 49 39 9f 5b 9c 95 ae 50 5b 6e 69 ba 5e d5 Data Ascii: J3NUg9%^rG8W5!ZsC1hho:7yy,xYQlMk6;8pU.!5YBN:>}\|2VbtxyVP1xu(K9{'5\|k\5r.{k4\|I+t"!QyR'PXhd~e3OUI9[P[ni^

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.8	49724	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:03 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 06:21:03 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=37511 Date: Fri, 27 Sep 2024 06:21:03 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.8	49730	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:03 UTC	547	OUT	GET /lander/slava2/api.js HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://fishing-lake-vip.pics/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:03 UTC	738	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:03 GMT Content-Type: application/javascript Content-Length: 798 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-31e" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88191 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YDprzSq9u8q3778p4rjm1k5RzK70W7bGIZa0qc6FvFXfUm1kgYObh857CFl1IIQdTfzm0P5k8kpxRJ8OyJmJfSTVxUvM4UVAESBwiAbxMiUODukPg7qBMceRpD6yfRJ1kTvYAdCrCY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c996430fd4143eb-EWR
2024-09-27 06:21:03 UTC	631	IN	Data Raw: 20 20 6c 65 74 20 66 62 63 56 61 6c 75 65 20 3d 20 22 22 3b 0a 20 20 6c 65 74 20 66 62 70 56 61 6c 75 65 20 3d 20 22 22 3b 0a 20 20 66 75 6e 63 74 69 6f 6e 20 63 68 65 63 6b 43 6f 6f 6b 69 65 73 41 6e 64 53 65 74 56 61 6c 75 65 73 28 29 20 7b 0a 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 73 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3b 0a 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 73 41 72 72 61 79 20 3d 20 63 6f 6f 6b 69 65 73 2e 73 70 6c 69 74 28 22 3b 22 29 3b 0a 20 20 20 20 63 6f 6f 6b 69 65 73 41 72 72 61 79 2e 66 6f 72 45 61 63 68 28 63 6f 6f 6b 69 65 20 3d 3e 20 7b 0a 20 20 20 20 20 20 63 6f 6f 6b 69 65 20 3d 20 63 6f 6f 6b 69 65 2e 74 72 69 6d 28 29 3b 0a 20 20 20 20 20 20 69 66 20 28 63 6f 6f 6b 69 65 2e 73 74 61 72 74 73 57 69 74 68 28 Data Ascii: let fbcValue = ""; let fbpValue = ""; function checkCookiesAndSetValues() { let cookies = document.cookie; let cookiesArray = cookies.split(";"); cookiesArray.forEach(cookie => { cookie = cookie.trim(); if (cookie.startsWith(
2024-09-27 06:21:03 UTC	167	IN	Data Raw: 61 6c 75 65 20 3d 20 66 62 70 56 61 6c 75 65 3b 0a 20 20 20 20 69 66 20 28 66 62 63 56 61 6c 75 65 20 21 3d 3d 20 22 22 20 26 26 20 66 62 70 56 61 6c 75 65 20 21 3d 3d 20 22 22 29 20 7b 0a 20 20 20 20 20 20 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 69 6e 74 65 72 76 61 6c 49 64 29 3b 0a 20 20 20 20 7d 0a 20 20 7d 0a 63 6f 6e 73 74 20 69 6e 74 65 72 76 61 6c 49 64 20 3d 20 73 65 74 49 6e 74 65 72 76 61 6c 28 63 68 65 63 6b 43 6f 6f 6b 69 65 73 41 6e 64 53 65 74 56 61 6c 75 65 73 2c 20 35 30 29 3b Data Ascii: alue = fbpValue; if (fbcValue !== "" && fbpValue !== "") { clearInterval(intervalId); } }const intervalId = setInterval(checkCookiesAndSetValues, 50);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.8	49731	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:03 UTC	645	OUT	GET /lander/slava2/images/tg-day.jpg HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://fishing-lake-vip.pics/lander/slava2/css/style.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:03 UTC	743	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:03 GMT Content-Type: image/jpeg Content-Length: 123247 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-1e16f" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88191 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8myXtcqEOXmUA2yD%2B6hqzlhxzCrFG%2FE7jaTlzHJePHtUf9arFC1I3B53noKEjJ268juhImuqTxFvEW%2FcXWDvmY%2Fie93sQqdiRXsuhJTTiNgz2YP7nMXLSE4674lLrzn3k%2BrzLG%2Ft7Uk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c996430ff4c4338-EWR
2024-09-27 06:21:03 UTC	626	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 78 00 78 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 03 5d 06 db 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFxxC%# , #&')*)-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((]"}!1AQa"q2
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: 67 23 da a3 04 8c 30 e4 6e 34 be 51 56 3b 08 c1 ec 69 a1 24 0b b7 a8 cf 5c d7 94 64 39 48 59 1b 70 0b bb 91 4f 2c a3 a9 14 c0 a5 46 0a ef f7 a6 84 6d ab 84 c1 07 39 34 00 f9 0e 54 01 d5 a9 f4 d5 52 0e 58 e5 bf 95 3a a8 02 8a 29 ac d8 20 01 92 68 01 d4 8c ca bd 4d 44 ec 47 de 6f f8 0a ff 00 8d 44 41 3d 46 07 a0 fe b5 37 11 38 97 74 81 55 7d c9 34 f3 d6 9b 0a 6c 5f 73 d6 9f 4d 00 94 c7 40 c7 3d 0f a8 a7 9a 40 41 19 1d 29 81 5d b7 46 0e 3f 4e 9f fd 6a 68 68 c0 03 63 7d 40 ab 58 a3 14 ac 05 70 54 83 b4 c8 3f 3a 92 25 da 80 1e bd 4d 3f 14 62 98 09 45 3a 9b 40 05 14 54 52 48 c1 8e 0a 80 3b 1e f4 08 96 91 f9 46 07 8c 8a 51 d2 86 00 8c 1a 00 8d 58 b4 4a 57 04 e2 97 76 06 5c 6d 15 18 56 8d f0 bc 83 d8 f7 f7 a7 3c 85 57 25 1a a6 e0 32 77 72 83 c9 e4 e7 9a 59 9b 0a Data Ascii: g#0n4QV;i$\d9HYpO,Fm94TRX:) hMDGoDA=F78tU}4l_sM@=@A)]F?Njhhc}@XpT?:%M?bE:@TRH;FQXJWv\mV<W%2wrY
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: ca 8e 83 04 0e 3a 7a 54 26 29 24 72 c7 e5 f6 cf 51 e8 71 4b 22 96 28 0c 1d 0f 6c 50 22 71 22 96 da 0e 4f b5 35 3e 69 9d bb 01 b6 a3 44 93 73 e0 08 d5 8f d4 d4 e8 a1 14 05 e9 4c 62 d1 45 14 00 50 7a 54 46 46 60 4a 00 17 fb cc 7f a5 56 95 cb 70 b9 95 bd 5b 85 1f 85 2b 85 cb 0f 3a 2f 43 b8 fb 51 04 8d 2a 6e 2b b4 1e 9f 4a a9 1c 26 49 00 62 48 ea 4f 4e 3f c2 b4 00 c0 c0 e9 42 d4 48 28 a2 90 b0 04 02 79 3d 29 8c 86 48 06 3e 4c 63 ae d3 fd 3d 2a bb c8 7c c5 59 54 ba af 38 23 9c d5 fa 29 58 56 29 89 21 ed 1c ab f4 04 53 c2 ef 74 0a 64 2b 9c 9d d5 66 8a 2c 16 0a 28 a2 98 c2 8a 29 1c ed 42 71 9c 0a 00 5a 2a 08 64 66 7d ac 51 b2 33 f2 8e 95 3d 00 43 2b 05 9a 2c 91 ce 45 3d d9 c1 f9 50 30 fa d3 27 87 cc 1c 75 f6 ef f8 d3 61 92 4d b8 65 de 07 19 1c 1f ca 90 89 4c a8 Data Ascii: :zT&)$rQqK"(lP"q"O5>iDsLbEPzTFF`JVp[+:/CQn+J&IbHON?BH(y=)H>Lc=\|YT8#)XV)!Std+f,()BqZ*df}Q3=C+,E=P0'uaMeL
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: 01 c4 64 e3 24 9c 50 0b 2e 13 1f 36 3a f6 a9 01 f4 c1 20 2f b4 67 eb da 97 6e e1 cb 12 3d a9 19 31 82 3b 1c e2 a8 07 d1 8a 01 c8 c8 e9 45 01 61 2a 06 95 b7 37 dd f9 4e 31 dc d5 8a 4c 0c e7 14 08 4c 52 10 09 e4 03 4e c5 14 00 da 29 71 46 28 01 ac a1 86 18 66 9a 62 53 f7 8b 1f c6 a4 c5 2d 21 10 f9 2b df 24 7a 13 40 0c 9c 01 b9 7f 51 52 51 45 80 80 88 f3 92 8c 0f b2 9f e9 4a 09 c6 23 8c 8f 73 c5 4d 49 8a 2c 03 11 36 8e b9 27 a9 a1 ce d1 9e a7 b0 a7 31 0a 09 3d 05 44 63 32 7c c4 90 7b 01 da 98 0e 45 da be e7 93 4d 03 6c a4 76 6e 69 db d8 f2 13 a7 5c d3 1d c1 64 20 11 f3 77 1d 6a 44 49 46 29 d4 98 aa 01 a4 64 60 f2 29 82 25 1e b8 1d b3 53 54 6c ca bd 4f 3e 94 00 b4 53 37 9e c8 d8 a5 57 04 e3 a1 f4 34 00 b8 a6 48 a4 e1 97 a8 fd 6a 4a 28 11 55 d9 72 49 e8 47 cc Data Ascii: d$P.6: /gn=1;Ea*7N1LLRN)qF(fbS-!+$z@QRQEJ#sMI,6'1=Dc2\|{EMlvni\d wjDIF)d`)%STlO>S7W4HjJ(UrIG
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: ab 9d a0 0c fa 52 d1 45 00 15 1b 42 a4 e4 65 49 ea 47 7a 92 8a 00 87 ec e9 ce 77 67 eb 48 60 03 95 24 3f f7 8f 35 3d 14 58 2c 40 c4 95 db 2c 5b 87 aa f2 29 9f ba 1d 23 90 fb 6c 35 6a 8c 51 61 58 80 87 97 86 1b 13 d3 3c 9a 94 0c 74 a7 62 a3 95 8e 42 27 df 3f a0 f5 a0 2c 31 ff 00 7a fb 07 dd 1c b7 f8 54 92 28 74 2a 7b d4 2b 19 b7 6d c0 bb 83 d4 75 e6 9f e6 32 ff 00 ac 43 cf 4d bc d2 01 61 6d f1 82 7a f4 3f 51 52 54 36 ec 19 e5 03 23 e6 ce 0f 6e 2a 7c 50 08 4a 63 c6 ae 41 23 91 d0 8e b5 26 28 38 14 ec 3b 11 a2 04 ce 33 93 d4 9a 7d 46 66 5f e1 cb 7d 28 f3 31 f7 a3 70 3d 7a d2 11 25 14 8a 55 c6 54 82 3d a9 d4 0c ae c3 cb dc 19 49 8d bb 81 9c 55 79 1d 3e 5c b6 e9 17 ee 95 e7 35 a1 8a 4c 0e b8 a5 61 34 47 0a 95 8c 06 eb d7 e9 52 52 d4 5e 7a 16 c2 65 cf fb 34 c0 Data Ascii: REBeIGzwgH`$?5=X,@,[)#l5jQaX<tbB'?,1zT(t{+mu2CMamz?QRT6#n\|PJcA#&(8;3}Ff_}(1p=z%UT=IUy>\5La4GRR^ze4
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: c8 f5 ab 20 86 00 8e 86 a2 54 d8 ac 57 aa 9f cc 53 e1 ff 00 54 3d 39 a1 08 76 2a 39 23 0c 0f 50 d8 c6 41 a9 71 4b 40 ca e0 33 15 0c b8 0b cf 5a 96 97 14 c7 60 be e4 f4 03 bd 02 1d 51 97 1d 14 16 3e d4 28 2e 4e f3 d3 f8 47 6a 78 00 0c 0e 2a 80 8f 73 8e a9 c7 b1 a5 56 0c 32 29 ae 5a 3c 1d c5 bd b1 47 49 81 07 21 87 4f 4a 91 04 80 e5 48 1b b0 7a 53 1d 81 46 57 05 49 1d 2a c5 26 28 b0 10 c5 1e dc 12 4e 71 d3 d2 a4 a7 62 a3 66 3b b6 a0 cb 75 e7 a0 a0 07 53 42 2a 92 54 00 4f 5c 0a 4d b2 7f 79 4f b6 28 f3 00 1f 37 0c 3b 50 03 aa 27 e2 54 27 a6 08 1f 5a 71 77 ff 00 9e 47 1f 51 4a 0a c8 08 fc c1 a0 08 01 e4 12 c4 30 3f 36 4f f4 a4 41 99 38 e9 bb 77 d2 a6 30 8c e7 73 7e 74 e5 40 a3 0a 30 29 0a c2 1e 01 a8 61 42 40 67 1c f5 03 d2 a7 a3 14 c6 37 14 62 9d 8a 8e 6f ba Data Ascii: TWST=9v9#PAqK@3Z`Q>(.NGjxsV2)Z<GI!OJHzSFWI&(Nqbf;uSBTO\MyO(7;P'T'ZqwGQJ0?6OA8w0s~t@0)aB@g7bo
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: a4 9d db 25 53 3c 0d cc 47 5c 7a 0a 00 25 9d 53 81 cb 7f 2a 8c 24 93 72 e7 0b e8 7a 7e 5f e3 4d 8b 62 e0 85 69 1f d0 0e 05 4a e2 42 85 a4 f9 54 0c ed 53 d7 f1 a4 21 85 13 ee aa f9 8f ea dc 81 4f 66 68 c0 44 c1 2a b9 24 fa 52 2b ba a7 0b 1a 8f 50 78 14 91 ab b1 25 0e d0 7f 89 87 2d f8 7a 50 02 ae 24 f9 a3 cc 72 63 24 11 d7 eb 53 46 db e3 56 c6 32 2a 00 a4 bb 28 6d cc 78 66 f4 1e 95 60 00 00 03 a0 a0 10 b4 51 45 31 95 e4 75 79 4a 12 76 af 50 3b 9f 4a 56 d8 c3 98 5b eb 8c 51 13 2a 46 ec dc 7c ed 9f ce 8d b2 4b cb 92 89 fd d1 d4 fd 4d 48 8a ed 32 ac a8 92 12 54 1e ac 39 03 1d 0d 4f 0c 8a 24 d8 09 2a 79 5c f6 f6 a8 e7 44 04 ec 50 04 63 3f 8d 39 c6 c9 63 41 d0 b6 57 db d4 52 02 d5 14 51 54 32 03 19 8e 40 d1 a9 2b 8c 15 cf 4f a5 3e 25 20 bb 30 c1 63 9c 7a 54 94 Data Ascii: %S<G\z%S$rz~_MbiJBTS!OfhD$R+Px%-zP$rc$SFV2(mxf`QE1uyJvP;JV[QF\|KMH2T9O$*y\DPc?9cAWRQT2@+O>% 0czT
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: 7f 21 eb 52 a8 0a a0 0e 82 85 40 83 0a 30 29 69 a0 13 14 52 d0 70 06 4f 4a 60 31 db 68 e9 93 d0 0f 5a 6a 26 39 6e 58 f5 a4 56 56 72 c4 e3 b0 cd 4b 40 88 62 c7 cc 3f 88 31 cd 38 30 3b bd 07 7a 59 23 57 19 20 16 ec 6a 18 d4 b8 db c8 8c 75 f7 a9 00 27 e4 67 6e e3 0a 29 54 02 e9 8e 42 0e 4d 4c ca 18 60 80 47 bd 18 c0 e0 51 61 09 45 2e 28 c5 50 09 8a 8a 11 c3 37 72 c6 a6 c5 47 17 1b 97 d0 ff 00 3a 90 15 b0 01 27 a0 a8 e3 5c fc ed f7 8f e8 29 d3 f2 a1 7d 58 0a 92 80 1b 8a 8a 61 8c 38 e0 af ea 2a 7c 54 33 91 85 42 7e f1 fd 28 01 f8 a4 a7 62 8c 50 21 98 a0 8a 75 23 10 bd 48 14 01 11 62 49 08 3a 75 26 99 26 f1 b4 b6 08 04 1e 2a 4b 7c 18 86 30 4f 7a 47 cc 84 a8 e1 47 53 48 06 a0 cc 8e 7f 0a 7e 29 ca 06 38 c7 e1 48 ec ab d4 f3 e9 4c 04 a2 a3 66 de ca a3 23 3d 7b 52 Data Ascii: !R@0)iRpOJ`1hZj&9nXVVrK@b?180;zY#W ju'gn)TBML`GQaE.(P7rG:'\)}Xa8\|T3B~(bP!u#HbI:u&&K\|0OzGGSH~)8HLf#={R
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: 7e 74 80 64 8b b6 1d a7 96 73 82 7f 9d 39 7f 7b 20 7f e0 5f ba 7d 7d e9 4d ba b1 06 46 67 c7 40 7a 54 d8 a5 60 b0 94 52 e2 8c 53 01 2a 27 26 47 31 a9 c0 1f 78 ff 00 4a 59 e4 11 af fb 47 a0 a2 0d 81 42 a3 02 7a 9f 53 40 0d 9c 05 87 81 f2 a9 04 8f 6c d4 8c ea a9 bb 39 1e d4 fc 55 49 e2 58 c8 64 5c 67 3f 77 d7 b5 20 26 91 c8 00 2f df 6e 9e d5 19 28 92 20 c8 01 01 27 f1 a9 21 46 fb f2 63 79 f4 ed 4f f2 d7 76 ed a3 77 ae 28 01 90 82 13 9e 32 49 c7 a5 49 4b 8a 31 4c 04 a8 ee 39 8f 6f f7 88 5f d6 a5 a8 ee 01 f2 89 1d 54 86 fc 8e 68 60 48 06 2a 39 89 38 8d 7a b7 e8 2a 40 72 01 1d 0d 46 83 37 12 1f 40 07 f5 a4 03 d1 42 28 55 18 02 96 8a 28 28 8a 31 b2 56 41 f7 71 b8 7b 54 b5 0c 4e 1e 67 20 8e 38 15 35 08 90 a2 8a 28 28 47 60 8a 4b 74 a6 03 23 72 02 a8 f4 3c d3 66 Data Ascii: ~tds9{ _}}MFg@zT`RS'&G1xJYGBzS@l9UIXd\g?w &/n( '!FcyOvw(2IIK1L9o_Th`H98z*@rF7@B(U((1VAq{TNg 85((G`Kt#r<f
2024-09-27 06:21:03 UTC	1369	IN	Data Raw: bc 80 bf de 38 a2 c2 21 19 56 06 31 85 63 80 be be f4 aa ca 19 8b 64 b1 38 c0 19 a7 b0 63 37 c9 80 02 f7 a2 05 00 31 3c b6 4e 4d 20 1d 8a 29 d8 a3 15 63 20 60 55 d8 80 59 58 73 8e a2 88 53 68 3c 10 0f 40 7b 54 d8 a3 15 22 b0 dc 52 62 91 c9 2e 10 1c 71 92 69 c0 10 30 4e 68 02 36 da c8 d9 e9 ce 69 23 c9 8d 49 ea 40 cd 23 22 99 42 8c e3 ab 0a 9b 14 00 cc 51 8a 48 f3 96 07 9c 1e b4 33 aa 7d e2 05 00 35 a4 55 24 1c f1 d7 8e 94 ee b5 12 7c ea e0 64 6f e4 1c 71 8a 7c 6e 0e 14 a9 53 ef 45 c9 1d 8a 87 94 98 e5 4f cc 70 0d 4f 8a 6c 8b b9 7a e3 1c e6 80 10 f1 45 31 37 4a 43 30 c2 8e 9e fe f4 4b 2a a1 da 3e 66 f4 1d a8 b8 87 e2 93 14 81 d0 f4 75 fc e9 59 95 46 4b 00 3e b4 00 51 51 79 df 31 38 26 3f ef 62 a4 52 18 65 4e 45 17 02 38 47 ca df ef 37 f3 a7 d3 63 f9 4b 21 Data Ascii: 8!V1cd8c71<NM )c `UYXsSh<@{T"Rb.qi0Nh6i#I@#"BQH3}5U$\|doq\|nSEOpOlzE17JC0K*>fuYFK>QQy18&?bReNE8G7cK!

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.8	49735	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:04 UTC	377	OUT	GET /lander/slava2/images/favicon.png HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:04 UTC	742	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:04 GMT Content-Type: image/png Content-Length: 1043 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-413" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88192 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sh%2BcZSDV%2BwQCozFc0ilKn6PVD9GmpYT7RmxIPS%2FzFu2vFWd0W4TbFXVLw9n3o3XcUHh5kx%2FHuDip75H1HV82VYB49TtAIHYDa3%2FYVPVtsMdnH8jltg%2Fr3Tm61pYPMJBGX08%2B%2F2Xrlxg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c9964398d850fa9-EWR
2024-09-27 06:21:04 UTC	627	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 00 20 08 06 00 00 00 73 7a 7a f4 00 00 03 da 49 44 41 54 78 01 bd d3 03 93 7b 57 18 06 f0 bb f8 14 3b 8c 51 db b6 07 b5 db f1 f4 cf 41 8d f1 d4 b6 b5 4a ba a8 8d a4 b6 db d8 36 d6 37 c9 d3 e7 24 b7 3b ab 68 f5 ce fc 16 77 5e 9d 73 13 a9 93 30 5b 73 fd 64 a2 1d 34 46 2e 2a 53 55 51 56 9e 8d d1 0e 25 b7 5f da 60 70 70 b6 8f 8e a0 a7 c9 4f 32 a1 0d 59 c9 7d 5a a9 ed 5b d7 70 93 25 33 60 b6 64 ee 35 5b b2 29 c2 3a a5 44 0f d1 ab db e1 87 91 9d 6a 84 0d aa 29 bd 0e eb 6c f8 68 fa 24 93 25 ed 24 6c 32 a7 e8 dd 66 78 ea 70 26 39 08 5b c4 21 66 34 1b 3e 40 36 c2 16 b3 d1 f2 cf 84 71 24 d9 4b f7 10 b6 c9 3d d4 bb 74 81 23 29 49 d8 28 03 e9 86 13 d0 0e 25 60 e0 ef 26 79 49 3a b2 31 7c 38 de 67 1c 4e Data Ascii: PNGIHDR szzIDATx{W;QAJ67$;hw^s0[sd4F.*SUQV%_`ppO2Y}Z[p%3`d5[):Dj)lh$%$l2fxp&9[!f4>@6q$K=t#)I(%`&yI:1\|8gN
2024-09-27 06:21:04 UTC	416	IN	Data Raw: 9b 45 b3 b8 f7 97 02 d4 af 85 da 2d 50 e2 02 21 27 61 29 1d 0b 35 af 86 60 1c 0c e1 84 f1 28 ae ff 34 85 dd f6 0c 4e 9d 8c 41 fd 6a e3 d9 b7 f1 e6 c3 b9 2f 0f 90 66 6e 50 e9 d9 94 53 d2 bd 16 1c 23 34 a3 65 13 b5 42 a3 fc de c1 e6 e2 5b d0 2c 0a fc cc 5c f0 6e 9c f9 cd fb 2a c6 c4 02 3b 48 26 74 80 0b 05 70 e0 70 08 0f fe 9a 47 66 b6 82 b5 c2 5b 5c c0 d1 d6 b0 c8 6d d5 4b a6 1d 92 ee d5 80 99 fc 84 4e d5 1b d3 e5 1f c6 f1 5d 62 16 2b 2f c3 1e 9d c1 3e 83 41 25 af 29 3f 99 79 03 81 3e dd ab fe a7 08 dd d0 92 fa 15 3f 0e 1f 0d e1 b1 df f3 c8 cd 55 a1 04 5e fc a7 08 cd 2b cc 69 dd e3 29 31 5b 12 c1 c4 23 b5 af f8 93 84 2e 71 90 af 3e e8 ea 8f e2 f8 2a 36 03 4f 61 01 57 f0 66 d4 2f fb 5a d5 25 c5 4c e9 ff e0 36 bd da 57 7c f7 10 d6 4b 0c 3c 60 28 80 a3 2d 41 Data Ascii: E-P!'a)5`(4NAj/fnPS#4eB[,\n;H&tppGf[\mKN]b+/>A%)?y>?U^+i)1[#.q>6OaWf/Z%L6W\|K<`(-A

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.8	49734	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:04 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 06:21:05 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=37456 Date: Fri, 27 Sep 2024 06:21:04 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-27 06:21:05 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.8	49736	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:05 UTC	374	OUT	GET /lander/slava2/images/logo.jpg HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:05 UTC	737	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:05 GMT Content-Type: image/jpeg Content-Length: 240563 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-3abb3" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88193 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clchg7x5BmB10brH2ZhxugumZ52N%2FOF033yTMp2S3YjdGvgXwgcjLgaC75zNqMy336MZJqKlj43PtLnEPsDuN9ARVBz18Rf%2FmgbQQLPg50tQ2g7lbbs11W%2BNtkZhBzpvUuBVphynogA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c99643caf6e1774-EWR
2024-09-27 06:21:05 UTC	632	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 04 03 03 04 03 03 04 04 03 04 05 04 04 05 06 0a 07 06 06 06 06 0d 09 0a 08 0a 0f 0d 10 10 0f 0d 0f 0e 11 13 18 14 11 12 17 12 0e 0f 15 1c 15 17 19 19 1b 1b 1b 10 14 1d 1f 1d 1a 1f 18 1a 1b 1a ff db 00 43 01 04 05 05 06 05 06 0c 07 07 0c 1a 11 0f 11 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a 1a ff c2 00 11 08 05 00 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 03 01 02 04 05 06 00 07 08 ff c4 00 1b 01 00 03 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f3 79 02 65 7a Data Ascii: JFIFHHCC"yez
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 66 84 44 d3 06 39 12 e4 89 dc d3 5e ce 68 a8 9c 84 78 d4 44 69 0a f1 8a f9 48 f1 69 39 d5 8b 18 65 ac c6 e2 bd 26 93 ba 1a a8 03 1a cd 1c 62 65 d7 21 46 ec fb 09 c8 b3 b2 be 3a e5 89 d4 2a 51 78 5c 82 a8 54 0a a2 e0 2a 85 44 65 0f 08 ca 25 03 be 33 9c 15 18 c7 12 38 0f 61 78 7c 04 70 d1 85 58 ee 41 5a c5 74 8a 9c ac 41 97 c5 41 1d 97 15 56 3b 8e 6e 90 77 fc 3c eb 34 ca cc aa 6a f8 32 31 f6 c8 3c 4f 6d 18 18 c5 d7 8c bc b1 74 2d 46 77 b4 0c 1d 1b 6f 82 dd 62 58 30 75 cf 96 22 86 33 a2 6d 24 74 64 a6 03 87 c5 1a 84 81 88 83 5e 4e 29 dc 9c 35 e4 e0 55 6f 03 91 14 44 56 c8 33 8c c2 0c 15 79 1a 71 06 d1 13 83 d7 89 42 ad be 66 bd 8f d7 15 61 11 cb 64 47 20 d5 8f 6a d1 1c d2 b9 6b 25 9a b1 82 73 f3 c5 17 9f 59 b1 49 c9 0c aa ad 27 20 10 65 87 d3 b4 d1 88 bc fd Data Ascii: fD9^hxDiHi9e&be!F:Qx\TDe%38ax\|pXAZtAAV;nw<4j21<Omt-FwobX0u"3m$td^N)5UoDV3yqBfadG jk%sYI' e
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: e6 92 62 2f 2f a8 a9 dd 3a f7 77 02 f2 70 96 63 64 2e 39 f5 13 6b 97 9b 1e 49 56 b2 13 55 83 92 10 cf 6a a6 e8 02 34 1b 1c f3 d3 17 2f 1b 27 2a 89 aa aa 24 e5 e1 72 a2 87 46 94 95 cf 1d 53 b7 f3 f9 dc a6 67 74 72 e9 e7 18 4f 73 23 bd 13 9b d7 77 77 46 eb c8 84 0d e0 b2 ae 0e b0 69 4b 57 f3 95 52 09 4b 87 d1 c7 e4 19 6d 2b 1e df a6 fa 1e 2b 6b 97 8e 4a ab 1c f2 cf c3 85 2a 3e fe e3 24 82 e4 c3 37 61 71 97 d3 cd 36 8f 3d a9 f3 ae 86 2d 85 0e fc 7a 8a 92 06 6a cd 63 47 cd dc 63 ae e4 97 0a dc b2 39 f4 ab e7 57 eb 94 b8 f0 b6 3d 73 9d 89 6d 55 a7 d1 77 77 1a 2a 72 07 2a 23 4b cd 42 44 4e 06 bc 04 d0 d3 ee e7 93 2f 45 ae c6 09 fb 5c 4f a6 9c d9 b8 d6 79 ee 07 7a f2 8b aa 33 9a 46 df 54 82 be bf 45 46 22 dd 2d 61 c2 ae b5 a5 e6 be 93 ab ab ee e7 ce c0 dd 46 a3 Data Ascii: b//:wpcd.9kIVUj4/'$rFSgtrOs#wwFiKWRKm++kJ>$7aq6=-zjcGc9W=smUwwr#KBDN/E\Oyz3FTEF"-aF
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 79 cd 95 4b da 65 6f 14 95 89 d9 b2 9e 54 9e aa 45 8b c3 dd 21 32 36 49 59 b2 d1 8d d2 e6 26 ca db 9b 35 03 47 45 d1 8c 6f 49 c6 83 0e 8d 3f 99 eb a9 74 a8 ba 08 52 a3 7b a9 31 2c 3e 43 e8 71 af 30 3e 92 9e e6 bc b5 4e 40 56 ab 44 7a fb 00 57 89 7e 0a fb d7 c5 8f 04 d1 69 9c 69 a3 90 c0 be 59 ca ab 3c 92 82 09 f1 51 26 13 64 0a e4 35 41 8d 66 3c 2c 7a d8 0e 0c a4 13 53 5b 37 6c 25 74 77 e9 9c 97 c6 20 cb 3a 04 ac b7 a7 d0 d3 5d 6b 0c ab b3 4d f8 71 2d 79 b8 bb 44 c7 33 c7 f4 5a e5 29 2d a9 b1 ae df 99 d6 75 b6 7d 9c 92 0c 33 ab e9 91 a6 8c da 3a db 2e fe e1 88 cd e6 9f 32 ab f5 9a df a5 f5 3c ec db a9 91 35 59 0d d6 57 5a a9 99 67 5d e8 f6 ed 9d 9d b8 f9 ef 33 2b 79 8e 3f bf d7 e8 b5 17 59 5f 9d e1 a2 64 98 1f 6b ed e8 ef 68 f6 9f 1f c3 4f 5d 3a 2f cc 65 Data Ascii: yKeoTE!26IY&5GEoI?tR{1,>Cq0>N@VDzW~iiY<Q&d5Af<,zS[7l%tw :]kMq-yD3Z)-u}3:.2<5YWZg]3+y?Y_dkhO]:/e
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 93 3c 8c 9e 19 7c 94 fa a9 15 1b 6b 0c 91 af 7d 2f 24 4e b4 9d c1 ef 67 7b 6b 2b 9e 30 09 e8 8f 98 f3 8e f4 61 8f cf 7b 6f 5d ae 99 9e b4 6f 46 b5 a9 60 a3 ae 4b 77 0e 9b ac b9 95 c7 9b 20 55 70 ee e3 39 ab b5 24 b0 08 a4 a9 79 84 7b 6b a2 5d 95 7e d0 e6 ce 9a ec 55 cb 16 45 a1 2b 96 8c b2 eb 2a ab a2 94 2f ab 12 af e7 e2 b3 9f 11 07 e8 ea 23 2c 64 09 5d 11 02 67 42 e0 9c 90 f8 26 2c 25 1c c4 8b cc 96 d8 fc 91 f8 2a c2 70 f8 64 46 28 39 13 98 bd dc 1d cb c0 8b dc 1d ca ad d9 c1 53 91 5d 05 63 81 14 6e 14 cb 2a fb 04 30 72 d4 70 d1 c8 c4 ee 20 09 2f a0 b5 03 9c 89 a2 ac e6 41 5b c8 02 86 ab 62 8a d7 e9 86 cc fa d9 42 10 9f a1 d6 3a c3 69 2e 6e 5d 42 35 b1 4a 8d 07 44 d1 e4 eb 76 f1 54 f8 e5 77 ab e5 08 c5 ce b8 43 30 ba 50 36 e5 9a 50 9b c0 fa 68 ec 71 a1 Data Ascii: <\|k}/$Ng{k+0a{o]oF`Kw Up9$y{k]~UE+/#,d]gB&,%pdF(9S]cn*0rp /A[bB:i.n]B5JDvTwC0P6Phq
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 4a a4 8a 44 69 13 30 81 60 28 9a d4 90 dc e5 dc e1 a9 7c a8 f2 56 5e 41 26 b2 6f 2f d1 9a cb 39 7b f3 b2 ea 7b 88 6e 2a fa 59 3e af c5 af 75 53 39 7d 6b d6 d7 47 0b 82 e6 27 0a f5 f5 16 6e 5e 3e af 34 b8 80 a9 1d 1b ba 8c fe d3 9e ab 39 17 a3 b5 a4 63 85 86 83 69 57 dd e3 18 a0 91 b7 7a d9 9f 5b c9 51 26 d5 13 ca 8c 7c 72 87 d0 fa 10 aa 2d f0 e7 41 22 35 fc 5a 9e 3b 55 59 b2 90 fc de a6 8e fa 8e 69 8c 48 cf 5d b8 23 36 7d 83 54 ed d1 bd bc e8 75 fc 3c 81 75 cc 0c b7 5d 47 0a 5d 15 40 13 d2 d0 e8 b2 39 f6 8a c3 3c 79 d2 f6 0d 7d 79 37 86 cf b1 ed 6b 26 85 8f 2d 10 e0 3f 4c 0d dd da f1 cd 87 32 13 42 e4 6b 23 cb 87 32 64 ba ec 8a 27 e8 7e 7e 8a 1a 2b cb cc 7e 66 43 49 57 6d 5d 10 62 17 52 32 bc e6 68 1e 93 94 d0 f3 f4 1e 40 89 d7 a3 1e e4 e8 94 7f 11 ae 63 Data Ascii: JDi0`(\|V^A&o/9{{n*Y>uS9}kG'n^>49ciWz[Q&\|r-A"5Z;UYiH]#6}Tu<u]G]@9<y}y7k&-?L2Bk#2d'~~+~fCIWm]bR2h@c
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 86 a3 94 b1 c9 18 a4 8c 78 a6 8d e7 0c a6 80 af 4c 6f 7b d4 b8 46 01 11 46 45 b6 a4 69 eb 27 1c 04 78 c9 93 1a 6e 78 c9 73 41 97 37 85 d8 55 5a f3 fb 67 95 5e 57 9d d0 1d 13 4f 2d c0 33 33 eb ce 47 64 ce 4f a5 1d a5 74 ac 7d 1e 47 b2 36 58 a6 93 d1 c1 54 7b 18 bb f3 9d 47 59 c9 e9 eb 24 67 ed 75 f3 89 3e 05 8c f9 a2 56 af 56 b5 3e 7b e8 be 71 7e 37 b1 2c 43 9c 73 c9 97 09 3b 06 67 aa 9a da 33 3c 00 d0 e6 26 c5 6b 07 4d 73 4d 72 af 6b 82 4d d5 1d c4 9e d1 2e 9a fb c9 f4 da 87 87 5a f0 e2 b4 a9 6c 48 d4 99 08 79 6d 22 46 7a 46 9b 6e 6a 6b c7 44 2e 4d ad 2d cb 56 24 01 64 ce e5 37 b8 dd 30 83 a4 cf df 6b 9e 73 ab 3a f1 7d ae 72 49 56 75 17 34 65 43 e4 52 6d 00 71 4f 47 b6 4d 90 c5 bf 81 c2 99 09 f1 f6 97 35 68 e3 dc ec eb f5 79 f5 66 45 2e 2f 4e e4 73 4d a6 Data Ascii: xLo{FFEi'xnxsA7UZg^WO-33GdOt}G6XT{GY$gu>VV>{q~7,Cs;g3<&kMsMrkM.ZlHym"FzFnjkD.M-V$d70ks:}rIVu4eCRmqOGM5hyfE./NsM
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: cc 48 22 2c 9c 51 4c 71 ed 77 30 ec df 77 72 f6 9d 0a 39 11 15 96 4c 33 15 31 f1 c9 32 e7 22 8d ce 07 01 18 f6 36 88 d7 27 c8 f4 06 85 47 4d 44 f6 94 c7 2f 0d 39 5e 21 c9 3c 95 9c 37 20 09 2d 5b 47 54 49 90 0d 44 b2 0e 74 f3 74 98 86 cf 92 0f 8b fb bf 8a 67 d8 0f 48 f3 af 48 79 68 08 9d a7 0f 80 96 29 b9 bd c9 ce 0d c6 13 4e db 4a 4c b1 d2 e4 74 39 39 f6 8e 26 76 bb 35 a7 d1 dc e2 99 ea 7d ba f2 ad 0d e6 6f 3c 7d cf c9 7d 5f cb b7 aa 0e 6b 3b be 80 ce b9 b2 cf 8f 26 dd 0d 4b d7 d1 2e a8 74 5e 67 ce e4 bc c3 d4 3c c3 5e 6d c5 bd 25 ad 78 d2 df 19 c3 91 77 9a d3 09 82 38 80 10 e6 c5 0f 28 a0 d0 67 da e4 ee 4d 75 d9 1d 5d d0 6a 74 b4 b2 bd 7a 46 7b 45 e4 fa 91 a8 6d b3 f3 d3 37 69 9b b1 d3 3e a0 7d 6d d9 85 5b 23 a1 4b 2b 63 99 c7 9b 92 d5 e7 36 72 02 58 b9 Data Ascii: H",QLqw0wr9L312"6'GMD/9^!<7 -[GTIDttgHHyh)NJLt99&v5}o<}}_k;&K.t^g<^m%xw8(gMu]jtzF{Em7i>}m[#K+c6rX
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 77 d5 fc 87 d4 7d ce d0 d2 68 f3 5e ef ca d7 67 6d 2b fc 6f a7 97 ea de 43 eb 7e 11 91 c8 6c 31 f3 74 45 11 3b 7d 77 b9 aa ee 54 da b2 ac ec 5b 1c c8 41 10 53 98 f2 3a dc 96 5f 29 cd 56 c7 1d a6 a7 28 5c ea 47 a3 f9 f7 a2 72 6f 9f 83 67 51 1a 6b 3d 57 c3 fd 5b cd e8 bb cb ea 45 ce b1 c1 94 be ad d3 83 44 dd 9d 1b a7 46 d1 08 2b 1e 91 20 2c 24 a3 4a 88 67 3a bc ed 9c ce 7c aa 75 f9 1b 5e fc 36 ed c3 c3 ec e5 d0 e0 ed e8 f9 2c 90 6c 26 d5 66 60 ee 60 e5 ad 4d 45 c6 70 75 92 e2 5c f5 72 7a e6 d2 05 a5 75 e7 eb 0f 05 5c b9 75 84 2a d2 45 4d a9 73 9c 17 d5 bd 59 cd 93 87 ce 8b cc 68 19 e0 78 c8 d6 23 09 c3 70 ca aa d4 9a c5 8e c5 1f 31 d7 73 1c d2 f7 38 94 5e 75 4f 39 38 82 94 12 0c de 76 be 30 2d 75 82 73 63 82 f3 df 41 c4 72 f7 ed 36 39 2d 6f 77 99 33 37 a6 Data Ascii: w}h^gm+oC~l1tE;}wT[AS:_)V(\GrogQk=W[EDF+ ,$Jg:\|u^6,l&f``MEpu\rzu\u*EMsYhx#p1s8^uO98v0-uscAr69-ow37
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 82 7b d9 cd 10 4a 8d 33 97 a8 4e 55 67 39 af 25 c8 5e 72 c5 47 38 57 35 e4 21 b8 d3 9a 0a 5a 73 f3 f9 fe 43 d0 31 9c de 87 a2 68 68 6f 3a fc 37 79 0f ae 79 2c fa 78 59 51 6c 1b 04 a0 4d cb 6b e9 36 f3 3b 38 70 55 9e 93 17 2e 8f 21 90 ae ec f1 a7 35 59 d3 cd 0f b9 93 42 4e 1e 3a fa 3e b7 cd 7d 17 cb f5 7c e6 83 d1 b0 bd 1e fe 32 56 86 62 e4 a8 d0 85 74 f6 1b ea f4 17 78 79 94 d4 56 50 31 78 99 75 d6 1e c7 96 fb 28 17 f9 f4 fa c5 0d ee 7f 97 c5 99 e4 1e e9 e1 ab da e0 b8 4b e8 92 b2 fb d4 39 fe 7b 0f a9 b8 07 27 35 7c 6b 18 ec 8c f5 1d 0d 19 18 5c 07 c9 05 e6 f9 35 72 82 db a1 2e 7b 19 83 6b a3 34 7c 0b ca d7 49 cd 2b 12 74 22 21 02 51 b1 79 52 93 1f 27 94 05 50 94 9e 58 c6 68 d1 64 aa 9a ad 06 7e ed 65 33 97 8b 16 4f 55 49 39 9f 5b 9c 95 ae 50 5b 6e 69 ba Data Ascii: {J3NUg9%^rG8W5!ZsC1hho:7yy,xYQlMk6;8pU.!5YBN:>}\|2VbtxyVP1xu(K9{'5\|k\5r.{k4\|I+t"!QyR'PXhd~e3OUI9[P[ni

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.8	49740	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:05 UTC	365	OUT	GET /lander/slava2/api.js HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:05 UTC	752	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:05 GMT Content-Type: application/javascript Content-Length: 798 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-31e" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88193 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BLaPK2LTJbyBDtnrD%2F4Jc8WQv3O3%2BOxfV7EsoPx5%2BE7O6bWnTQUJJf0eMH4lT9F9%2FKM1eaM%2BMXpDBMuv5qiHsUvTuNLl%2BkPOYpjvyrkJVGRtq2gZxhS38RF%2FsiV6Jr5Saj2qMrcLKA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c99643f7b8b8c8f-EWR
2024-09-27 06:21:05 UTC	617	IN	Data Raw: 20 20 6c 65 74 20 66 62 63 56 61 6c 75 65 20 3d 20 22 22 3b 0a 20 20 6c 65 74 20 66 62 70 56 61 6c 75 65 20 3d 20 22 22 3b 0a 20 20 66 75 6e 63 74 69 6f 6e 20 63 68 65 63 6b 43 6f 6f 6b 69 65 73 41 6e 64 53 65 74 56 61 6c 75 65 73 28 29 20 7b 0a 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 73 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 3b 0a 20 20 20 20 6c 65 74 20 63 6f 6f 6b 69 65 73 41 72 72 61 79 20 3d 20 63 6f 6f 6b 69 65 73 2e 73 70 6c 69 74 28 22 3b 22 29 3b 0a 20 20 20 20 63 6f 6f 6b 69 65 73 41 72 72 61 79 2e 66 6f 72 45 61 63 68 28 63 6f 6f 6b 69 65 20 3d 3e 20 7b 0a 20 20 20 20 20 20 63 6f 6f 6b 69 65 20 3d 20 63 6f 6f 6b 69 65 2e 74 72 69 6d 28 29 3b 0a 20 20 20 20 20 20 69 66 20 28 63 6f 6f 6b 69 65 2e 73 74 61 72 74 73 57 69 74 68 28 Data Ascii: let fbcValue = ""; let fbpValue = ""; function checkCookiesAndSetValues() { let cookies = document.cookie; let cookiesArray = cookies.split(";"); cookiesArray.forEach(cookie => { cookie = cookie.trim(); if (cookie.startsWith(
2024-09-27 06:21:05 UTC	181	IN	Data Raw: 74 42 79 49 64 28 22 66 62 70 22 29 2e 76 61 6c 75 65 20 3d 20 66 62 70 56 61 6c 75 65 3b 0a 20 20 20 20 69 66 20 28 66 62 63 56 61 6c 75 65 20 21 3d 3d 20 22 22 20 26 26 20 66 62 70 56 61 6c 75 65 20 21 3d 3d 20 22 22 29 20 7b 0a 20 20 20 20 20 20 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 69 6e 74 65 72 76 61 6c 49 64 29 3b 0a 20 20 20 20 7d 0a 20 20 7d 0a 63 6f 6e 73 74 20 69 6e 74 65 72 76 61 6c 49 64 20 3d 20 73 65 74 49 6e 74 65 72 76 61 6c 28 63 68 65 63 6b 43 6f 6f 6b 69 65 73 41 6e 64 53 65 74 56 61 6c 75 65 73 2c 20 35 30 29 3b Data Ascii: tById("fbp").value = fbpValue; if (fbcValue !== "" && fbpValue !== "") { clearInterval(intervalId); } }const intervalId = setInterval(checkCookiesAndSetValues, 50);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.8	49741	188.114.97.3	443	6548	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-27 06:21:05 UTC	376	OUT	GET /lander/slava2/images/tg-day.jpg HTTP/1.1 Host: fishing-lake-vip.pics Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 06:21:05 UTC	743	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 06:21:05 GMT Content-Type: image/jpeg Content-Length: 123247 Connection: close Last-Modified: Mon, 19 Aug 2024 08:45:05 GMT ETag: "66c30611-1e16f" Expires: Sun, 06 Oct 2024 05:51:12 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 88193 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nuBskbKYw4bZJxIHB6pTs8ODp7rzFBD%2BkdrVhsQ2OflDrmfhjrwSyQFr%2BBN8t8G8%2FVIMx6KSpEEIMk7hPDJMuPgdMYMi9L0BNxQb%2Ffxpi1Zsvz6%2F5nqBvhrg6V8n%2F0CrkAedZwjrgFY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8c99643fbd21421d-EWR
2024-09-27 06:21:05 UTC	626	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 78 00 78 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 03 5d 06 db 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 Data Ascii: JFIFxxC%# , #&')*)-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((]"}!1AQa"q2
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 67 23 da a3 04 8c 30 e4 6e 34 be 51 56 3b 08 c1 ec 69 a1 24 0b b7 a8 cf 5c d7 94 64 39 48 59 1b 70 0b bb 91 4f 2c a3 a9 14 c0 a5 46 0a ef f7 a6 84 6d ab 84 c1 07 39 34 00 f9 0e 54 01 d5 a9 f4 d5 52 0e 58 e5 bf 95 3a a8 02 8a 29 ac d8 20 01 92 68 01 d4 8c ca bd 4d 44 ec 47 de 6f f8 0a ff 00 8d 44 41 3d 46 07 a0 fe b5 37 11 38 97 74 81 55 7d c9 34 f3 d6 9b 0a 6c 5f 73 d6 9f 4d 00 94 c7 40 c7 3d 0f a8 a7 9a 40 41 19 1d 29 81 5d b7 46 0e 3f 4e 9f fd 6a 68 68 c0 03 63 7d 40 ab 58 a3 14 ac 05 70 54 83 b4 c8 3f 3a 92 25 da 80 1e bd 4d 3f 14 62 98 09 45 3a 9b 40 05 14 54 52 48 c1 8e 0a 80 3b 1e f4 08 96 91 f9 46 07 8c 8a 51 d2 86 00 8c 1a 00 8d 58 b4 4a 57 04 e2 97 76 06 5c 6d 15 18 56 8d f0 bc 83 d8 f7 f7 a7 3c 85 57 25 1a a6 e0 32 77 72 83 c9 e4 e7 9a 59 9b 0a Data Ascii: g#0n4QV;i$\d9HYpO,Fm94TRX:) hMDGoDA=F78tU}4l_sM@=@A)]F?Njhhc}@XpT?:%M?bE:@TRH;FQXJWv\mV<W%2wrY
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: ca 8e 83 04 0e 3a 7a 54 26 29 24 72 c7 e5 f6 cf 51 e8 71 4b 22 96 28 0c 1d 0f 6c 50 22 71 22 96 da 0e 4f b5 35 3e 69 9d bb 01 b6 a3 44 93 73 e0 08 d5 8f d4 d4 e8 a1 14 05 e9 4c 62 d1 45 14 00 50 7a 54 46 46 60 4a 00 17 fb cc 7f a5 56 95 cb 70 b9 95 bd 5b 85 1f 85 2b 85 cb 0f 3a 2f 43 b8 fb 51 04 8d 2a 6e 2b b4 1e 9f 4a a9 1c 26 49 00 62 48 ea 4f 4e 3f c2 b4 00 c0 c0 e9 42 d4 48 28 a2 90 b0 04 02 79 3d 29 8c 86 48 06 3e 4c 63 ae d3 fd 3d 2a bb c8 7c c5 59 54 ba af 38 23 9c d5 fa 29 58 56 29 89 21 ed 1c ab f4 04 53 c2 ef 74 0a 64 2b 9c 9d d5 66 8a 2c 16 0a 28 a2 98 c2 8a 29 1c ed 42 71 9c 0a 00 5a 2a 08 64 66 7d ac 51 b2 33 f2 8e 95 3d 00 43 2b 05 9a 2c 91 ce 45 3d d9 c1 f9 50 30 fa d3 27 87 cc 1c 75 f6 ef f8 d3 61 92 4d b8 65 de 07 19 1c 1f ca 90 89 4c a8 Data Ascii: :zT&)$rQqK"(lP"q"O5>iDsLbEPzTFF`JVp[+:/CQn+J&IbHON?BH(y=)H>Lc=\|YT8#)XV)!Std+f,()BqZ*df}Q3=C+,E=P0'uaMeL
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 01 c4 64 e3 24 9c 50 0b 2e 13 1f 36 3a f6 a9 01 f4 c1 20 2f b4 67 eb da 97 6e e1 cb 12 3d a9 19 31 82 3b 1c e2 a8 07 d1 8a 01 c8 c8 e9 45 01 61 2a 06 95 b7 37 dd f9 4e 31 dc d5 8a 4c 0c e7 14 08 4c 52 10 09 e4 03 4e c5 14 00 da 29 71 46 28 01 ac a1 86 18 66 9a 62 53 f7 8b 1f c6 a4 c5 2d 21 10 f9 2b df 24 7a 13 40 0c 9c 01 b9 7f 51 52 51 45 80 80 88 f3 92 8c 0f b2 9f e9 4a 09 c6 23 8c 8f 73 c5 4d 49 8a 2c 03 11 36 8e b9 27 a9 a1 ce d1 9e a7 b0 a7 31 0a 09 3d 05 44 63 32 7c c4 90 7b 01 da 98 0e 45 da be e7 93 4d 03 6c a4 76 6e 69 db d8 f2 13 a7 5c d3 1d c1 64 20 11 f3 77 1d 6a 44 49 46 29 d4 98 aa 01 a4 64 60 f2 29 82 25 1e b8 1d b3 53 54 6c ca bd 4f 3e 94 00 b4 53 37 9e c8 d8 a5 57 04 e3 a1 f4 34 00 b8 a6 48 a4 e1 97 a8 fd 6a 4a 28 11 55 d9 72 49 e8 47 cc Data Ascii: d$P.6: /gn=1;Ea*7N1LLRN)qF(fbS-!+$z@QRQEJ#sMI,6'1=Dc2\|{EMlvni\d wjDIF)d`)%STlO>S7W4HjJ(UrIG
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: ab 9d a0 0c fa 52 d1 45 00 15 1b 42 a4 e4 65 49 ea 47 7a 92 8a 00 87 ec e9 ce 77 67 eb 48 60 03 95 24 3f f7 8f 35 3d 14 58 2c 40 c4 95 db 2c 5b 87 aa f2 29 9f ba 1d 23 90 fb 6c 35 6a 8c 51 61 58 80 87 97 86 1b 13 d3 3c 9a 94 0c 74 a7 62 a3 95 8e 42 27 df 3f a0 f5 a0 2c 31 ff 00 7a fb 07 dd 1c b7 f8 54 92 28 74 2a 7b d4 2b 19 b7 6d c0 bb 83 d4 75 e6 9f e6 32 ff 00 ac 43 cf 4d bc d2 01 61 6d f1 82 7a f4 3f 51 52 54 36 ec 19 e5 03 23 e6 ce 0f 6e 2a 7c 50 08 4a 63 c6 ae 41 23 91 d0 8e b5 26 28 38 14 ec 3b 11 a2 04 ce 33 93 d4 9a 7d 46 66 5f e1 cb 7d 28 f3 31 f7 a3 70 3d 7a d2 11 25 14 8a 55 c6 54 82 3d a9 d4 0c ae c3 cb dc 19 49 8d bb 81 9c 55 79 1d 3e 5c b6 e9 17 ee 95 e7 35 a1 8a 4c 0e b8 a5 61 34 47 0a 95 8c 06 eb d7 e9 52 52 d4 5e 7a 16 c2 65 cf fb 34 c0 Data Ascii: REBeIGzwgH`$?5=X,@,[)#l5jQaX<tbB'?,1zT(t{+mu2CMamz?QRT6#n\|PJcA#&(8;3}Ff_}(1p=z%UT=IUy>\5La4GRR^ze4
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: c8 f5 ab 20 86 00 8e 86 a2 54 d8 ac 57 aa 9f cc 53 e1 ff 00 54 3d 39 a1 08 76 2a 39 23 0c 0f 50 d8 c6 41 a9 71 4b 40 ca e0 33 15 0c b8 0b cf 5a 96 97 14 c7 60 be e4 f4 03 bd 02 1d 51 97 1d 14 16 3e d4 28 2e 4e f3 d3 f8 47 6a 78 00 0c 0e 2a 80 8f 73 8e a9 c7 b1 a5 56 0c 32 29 ae 5a 3c 1d c5 bd b1 47 49 81 07 21 87 4f 4a 91 04 80 e5 48 1b b0 7a 53 1d 81 46 57 05 49 1d 2a c5 26 28 b0 10 c5 1e dc 12 4e 71 d3 d2 a4 a7 62 a3 66 3b b6 a0 cb 75 e7 a0 a0 07 53 42 2a 92 54 00 4f 5c 0a 4d b2 7f 79 4f b6 28 f3 00 1f 37 0c 3b 50 03 aa 27 e2 54 27 a6 08 1f 5a 71 77 ff 00 9e 47 1f 51 4a 0a c8 08 fc c1 a0 08 01 e4 12 c4 30 3f 36 4f f4 a4 41 99 38 e9 bb 77 d2 a6 30 8c e7 73 7e 74 e5 40 a3 0a 30 29 0a c2 1e 01 a8 61 42 40 67 1c f5 03 d2 a7 a3 14 c6 37 14 62 9d 8a 8e 6f ba Data Ascii: TWST=9v9#PAqK@3Z`Q>(.NGjxsV2)Z<GI!OJHzSFWI&(Nqbf;uSBTO\MyO(7;P'T'ZqwGQJ0?6OA8w0s~t@0)aB@g7bo
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: a4 9d db 25 53 3c 0d cc 47 5c 7a 0a 00 25 9d 53 81 cb 7f 2a 8c 24 93 72 e7 0b e8 7a 7e 5f e3 4d 8b 62 e0 85 69 1f d0 0e 05 4a e2 42 85 a4 f9 54 0c ed 53 d7 f1 a4 21 85 13 ee aa f9 8f ea dc 81 4f 66 68 c0 44 c1 2a b9 24 fa 52 2b ba a7 0b 1a 8f 50 78 14 91 ab b1 25 0e d0 7f 89 87 2d f8 7a 50 02 ae 24 f9 a3 cc 72 63 24 11 d7 eb 53 46 db e3 56 c6 32 2a 00 a4 bb 28 6d cc 78 66 f4 1e 95 60 00 00 03 a0 a0 10 b4 51 45 31 95 e4 75 79 4a 12 76 af 50 3b 9f 4a 56 d8 c3 98 5b eb 8c 51 13 2a 46 ec dc 7c ed 9f ce 8d b2 4b cb 92 89 fd d1 d4 fd 4d 48 8a ed 32 ac a8 92 12 54 1e ac 39 03 1d 0d 4f 0c 8a 24 d8 09 2a 79 5c f6 f6 a8 e7 44 04 ec 50 04 63 3f 8d 39 c6 c9 63 41 d0 b6 57 db d4 52 02 d5 14 51 54 32 03 19 8e 40 d1 a9 2b 8c 15 cf 4f a5 3e 25 20 bb 30 c1 63 9c 7a 54 94 Data Ascii: %S<G\z%S$rz~_MbiJBTS!OfhD$R+Px%-zP$rc$SFV2(mxf`QE1uyJvP;JV[QF\|KMH2T9O$*y\DPc?9cAWRQT2@+O>% 0czT
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 7f 21 eb 52 a8 0a a0 0e 82 85 40 83 0a 30 29 69 a0 13 14 52 d0 70 06 4f 4a 60 31 db 68 e9 93 d0 0f 5a 6a 26 39 6e 58 f5 a4 56 56 72 c4 e3 b0 cd 4b 40 88 62 c7 cc 3f 88 31 cd 38 30 3b bd 07 7a 59 23 57 19 20 16 ec 6a 18 d4 b8 db c8 8c 75 f7 a9 00 27 e4 67 6e e3 0a 29 54 02 e9 8e 42 0e 4d 4c ca 18 60 80 47 bd 18 c0 e0 51 61 09 45 2e 28 c5 50 09 8a 8a 11 c3 37 72 c6 a6 c5 47 17 1b 97 d0 ff 00 3a 90 15 b0 01 27 a0 a8 e3 5c fc ed f7 8f e8 29 d3 f2 a1 7d 58 0a 92 80 1b 8a 8a 61 8c 38 e0 af ea 2a 7c 54 33 91 85 42 7e f1 fd 28 01 f8 a4 a7 62 8c 50 21 98 a0 8a 75 23 10 bd 48 14 01 11 62 49 08 3a 75 26 99 26 f1 b4 b6 08 04 1e 2a 4b 7c 18 86 30 4f 7a 47 cc 84 a8 e1 47 53 48 06 a0 cc 8e 7f 0a 7e 29 ca 06 38 c7 e1 48 ec ab d4 f3 e9 4c 04 a2 a3 66 de ca a3 23 3d 7b 52 Data Ascii: !R@0)iRpOJ`1hZj&9nXVVrK@b?180;zY#W ju'gn)TBML`GQaE.(P7rG:'\)}Xa8\|T3B~(bP!u#HbI:u&&K\|0OzGGSH~)8HLf#={R
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: 7e 74 80 64 8b b6 1d a7 96 73 82 7f 9d 39 7f 7b 20 7f e0 5f ba 7d 7d e9 4d ba b1 06 46 67 c7 40 7a 54 d8 a5 60 b0 94 52 e2 8c 53 01 2a 27 26 47 31 a9 c0 1f 78 ff 00 4a 59 e4 11 af fb 47 a0 a2 0d 81 42 a3 02 7a 9f 53 40 0d 9c 05 87 81 f2 a9 04 8f 6c d4 8c ea a9 bb 39 1e d4 fc 55 49 e2 58 c8 64 5c 67 3f 77 d7 b5 20 26 91 c8 00 2f df 6e 9e d5 19 28 92 20 c8 01 01 27 f1 a9 21 46 fb f2 63 79 f4 ed 4f f2 d7 76 ed a3 77 ae 28 01 90 82 13 9e 32 49 c7 a5 49 4b 8a 31 4c 04 a8 ee 39 8f 6f f7 88 5f d6 a5 a8 ee 01 f2 89 1d 54 86 fc 8e 68 60 48 06 2a 39 89 38 8d 7a b7 e8 2a 40 72 01 1d 0d 46 83 37 12 1f 40 07 f5 a4 03 d1 42 28 55 18 02 96 8a 28 28 8a 31 b2 56 41 f7 71 b8 7b 54 b5 0c 4e 1e 67 20 8e 38 15 35 08 90 a2 8a 28 28 47 60 8a 4b 74 a6 03 23 72 02 a8 f4 3c d3 66 Data Ascii: ~tds9{ _}}MFg@zT`RS'&G1xJYGBzS@l9UIXd\g?w &/n( '!FcyOvw(2IIK1L9o_Th`H98z*@rF7@B(U((1VAq{TNg 85((G`Kt#r<f
2024-09-27 06:21:05 UTC	1369	IN	Data Raw: bc 80 bf de 38 a2 c2 21 19 56 06 31 85 63 80 be be f4 aa ca 19 8b 64 b1 38 c0 19 a7 b0 63 37 c9 80 02 f7 a2 05 00 31 3c b6 4e 4d 20 1d 8a 29 d8 a3 15 63 20 60 55 d8 80 59 58 73 8e a2 88 53 68 3c 10 0f 40 7b 54 d8 a3 15 22 b0 dc 52 62 91 c9 2e 10 1c 71 92 69 c0 10 30 4e 68 02 36 da c8 d9 e9 ce 69 23 c9 8d 49 ea 40 cd 23 22 99 42 8c e3 ab 0a 9b 14 00 cc 51 8a 48 f3 96 07 9c 1e b4 33 aa 7d e2 05 00 35 a4 55 24 1c f1 d7 8e 94 ee b5 12 7c ea e0 64 6f e4 1c 71 8a 7c 6e 0e 14 a9 53 ef 45 c9 1d 8a 87 94 98 e5 4f cc 70 0d 4f 8a 6c 8b b9 7a e3 1c e6 80 10 f1 45 31 37 4a 43 30 c2 8e 9e fe f4 4b 2a a1 da 3e 66 f4 1d a8 b8 87 e2 93 14 81 d0 f4 75 fc e9 59 95 46 4b 00 3e b4 00 51 51 79 df 31 38 26 3f ef 62 a4 52 18 65 4e 45 17 02 38 47 ca df ef 37 f3 a7 d3 63 f9 4b 21 Data Ascii: 8!V1cd8c71<NM )c `UYXsSh<@{T"Rb.qi0Nh6i#I@#"BQH3}5U$\|doq\|nSEOpOlzE17JC0K*>fuYFK>QQy18&?bReNE8G7cK!

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 4912, Parent PID: 3640

General

Target ID:	0
Start time:	02:20:52
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6548, Parent PID: 4912

General

Target ID:	2
Start time:	02:20:54
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1908,i,15464833917151204251,9950897790861386087,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6796, Parent PID: 3640

General

Target ID:	3
Start time:	02:20:58
Start date:	27/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://fishing-lake-vip.pics/"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://fishing-lake-vip.pics/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 65

Chrome Cache Entry: 66

Chrome Cache Entry: 67

Chrome Cache Entry: 68

Chrome Cache Entry: 69

Chrome Cache Entry: 70

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Chrome Cache Entry: 74

Chrome Cache Entry: 75

Chrome Cache Entry: 76

Chrome Cache Entry: 77

Chrome Cache Entry: 78

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

Windows Analysis Report
http://fishing-lake-vip.pics/