Edit tour

Windows Analysis Report
http://nonevertiseblock.pages.dev/

Overview

General Information

Sample URL:	http://nonevertiseblock.pages.dev/
Analysis ID:	1521666
Tags:	openphish
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected BlockedWebSite

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 4048 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2016,i,558590195758230701,14587367230437400945,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 5476 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nonevertiseblock.pages.dev/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_47	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security
0.1.pages.csv	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected BlockedWebSite

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_47, type: DROPPED

Source: https://nonevertiseblock.pages.dev/	HTTP Parser: No favicon
Source: https://nonevertiseblock.pages.dev/	HTTP Parser: No favicon

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49738 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49741 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49738 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/styles/cf.errors.css HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://nonevertiseblock.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nonevertiseblock.pages.dev/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://nonevertiseblock.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nonevertiseblock.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: nonevertiseblock.pages.dev
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_46.2.dr, chromecache_44.2.dr	String found in binary or memory: https://coinlib.io/
Source: chromecache_46.2.dr, chromecache_44.2.dr	String found in binary or memory: https://widget.coinlib.io/widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_
Source: chromecache_47.2.dr	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: chromecache_47.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49709 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49741 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@17/10@8/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2016,i,558590195758230701,14587367230437400945,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nonevertiseblock.pages.dev/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2016,i,558590195758230701,14587367230437400945,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
nonevertiseblock.pages.dev	172.66.47.103	true	false	unknown
bg.microsoft.map.fastly.net	199.232.210.172	true	false	unknown
www.google.com	142.250.184.196	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://nonevertiseblock.pages.dev/cdn-cgi/styles/cf.errors.css	false	unknown
https://nonevertiseblock.pages.dev/	false	unknown
https://nonevertiseblock.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637	false	unknown
https://nonevertiseblock.pages.dev/favicon.ico	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
https://www.cloudflare.com/learning/access-management/phishing-attack/	chromecache_47.2.dr	false	unknown
https://widget.coinlib.io/widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_	chromecache_46.2.dr, chromecache_44.2.dr	false	unknown
https://coinlib.io/	chromecache_46.2.dr, chromecache_44.2.dr	false	unknown
https://www.cloudflare.com/5xx-error-landing	chromecache_47.2.dr	false	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.66.47.103	nonevertiseblock.pages.dev	United States	13335	CLOUDFLARENETUS	false
172.66.44.153	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1521666
Start date and time:	2024-09-29 01:52:13 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 7s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://nonevertiseblock.pages.dev/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@17/10@8/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.184.238, 108.177.15.84, 34.104.35.123, 192.229.221.95, 20.12.23.50, 20.3.187.198, 2.19.126.163, 2.19.126.137, 13.95.31.18, 93.184.221.240, 199.232.214.172
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, client.wns.windows.com, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://nonevertiseblock.pages.dev/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://nonevertiseblock.pages.dev/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Learn More", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://nonevertiseblock.pages.dev/ Model: jbxai	{ "brand":["Cloudflare"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Learn More", "text_input_field_labels":["Cloudflare Ray ID", "Your IP", "Performance & security by Cloudflare"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 43

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 54 x 54, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	452
Entropy (8bit):	7.0936408308765495
Encrypted:	false
SSDEEP:	12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
MD5:	C33DE66281E933259772399D10A6AFE8
SHA1:	B9F9D500F8814381451011D4DCF59CD2D90AD94F
SHA-256:	F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
SHA-512:	5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
Malicious:	false
Reputation:	low
URL:	https://nonevertiseblock.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Preview:	.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...\|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

Chrome Cache Entry: 44

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2700)
Category:	dropped
Size (bytes):	16704
Entropy (8bit):	5.465679049242991
Encrypted:	false
SSDEEP:	192:c9S9H5Rgq0npypHMDhRz8tyUNRBmC6tG2fEckb33T2VRNgYC0bWb5QU:uaYDnFRzy9NRICOG2f1K33KVRNNnwX
MD5:	D1C1D1F463B75F82437647BD9CAE5115
SHA1:	5870B98787A2C62C17976033F71D7137F5E8FDB7
SHA-256:	8C756C21F6FCFDEACE599F7A29E58BB353E1492F2DAA3510C9652E8C6AA822A4
SHA-512:	6A737761D157F4B4CEBF26EA0D5974B16396F32DC49CD37C8B5BCC41CB08582090A865934C67FEF2E207E1571D9CD4144E650060111A2CF1BEA04BB180A95CD3
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html><html lang="en"><head>. <meta charset="utf-8">.. . <link rel="shortcut icon" href="favicon.png">. <meta name="language" content="en">. <meta name="viewport" content="width=device-width,initial-scale=1">. <meta name="theme-color" content="#000000">. <meta name="title" content="Decentralized Dapps - We are unifying Web3 by providing best-in-class, self-custodial, and multichain support">. <meta name="description" content="We are unifying Web3 by providing best-in-class, self-custodial, and multichain support">. <link rel="manifest" href="manifest.json">. <title>Decentralized Dapps - We are unifying Web3 by providing best-in-class, self-custodial, and multichain support</title>. <link href="static/css/2.14dca502.chunk.css" rel="stylesheet">. <link href="static/css/main.e94723d5.chunk.css" rel="stylesheet">. <link href="static/css/index.css" rel="stylesheet">... <script charset="UTF-8" async type="text/javascript" src="./104006700.8.j

Chrome Cache Entry: 45

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 54 x 54, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	452
Entropy (8bit):	7.0936408308765495
Encrypted:	false
SSDEEP:	12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
MD5:	C33DE66281E933259772399D10A6AFE8
SHA1:	B9F9D500F8814381451011D4DCF59CD2D90AD94F
SHA-256:	F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
SHA-512:	5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...\|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

Chrome Cache Entry: 46

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2700)
Category:	downloaded
Size (bytes):	16704
Entropy (8bit):	5.465679049242991
Encrypted:	false
SSDEEP:	192:c9S9H5Rgq0npypHMDhRz8tyUNRBmC6tG2fEckb33T2VRNgYC0bWb5QU:uaYDnFRzy9NRICOG2f1K33KVRNNnwX
MD5:	D1C1D1F463B75F82437647BD9CAE5115
SHA1:	5870B98787A2C62C17976033F71D7137F5E8FDB7
SHA-256:	8C756C21F6FCFDEACE599F7A29E58BB353E1492F2DAA3510C9652E8C6AA822A4
SHA-512:	6A737761D157F4B4CEBF26EA0D5974B16396F32DC49CD37C8B5BCC41CB08582090A865934C67FEF2E207E1571D9CD4144E650060111A2CF1BEA04BB180A95CD3
Malicious:	false
Reputation:	low
URL:	https://nonevertiseblock.pages.dev/favicon.ico
Preview:	<!DOCTYPE html><html lang="en"><head>. <meta charset="utf-8">.. . <link rel="shortcut icon" href="favicon.png">. <meta name="language" content="en">. <meta name="viewport" content="width=device-width,initial-scale=1">. <meta name="theme-color" content="#000000">. <meta name="title" content="Decentralized Dapps - We are unifying Web3 by providing best-in-class, self-custodial, and multichain support">. <meta name="description" content="We are unifying Web3 by providing best-in-class, self-custodial, and multichain support">. <link rel="manifest" href="manifest.json">. <title>Decentralized Dapps - We are unifying Web3 by providing best-in-class, self-custodial, and multichain support</title>. <link href="static/css/2.14dca502.chunk.css" rel="stylesheet">. <link href="static/css/main.e94723d5.chunk.css" rel="stylesheet">. <link href="static/css/index.css" rel="stylesheet">... <script charset="UTF-8" async type="text/javascript" src="./104006700.8.j

Chrome Cache Entry: 47

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (394)
Category:	downloaded
Size (bytes):	4394
Entropy (8bit):	5.080439505644836
Encrypted:	false
SSDEEP:	96:1j9jwIjYjUDK/D5DMF+BOisCA2ZLimerR49PaQxJbGD:1j9jhjYjIK/Vo+tsWZOmerO9ieJGD
MD5:	1B2C1386084AFA25113E19BB47961D66
SHA1:	602C7F3E2AC5BA1FEE3A53CC729220D7B4E5A1FC
SHA-256:	85A0AA05F1C68C61C6E3CDFB978C8F5CB4E2360C57046608FF207364A22A297E
SHA-512:	1F580DCF17D0CDFF25F2A2C0BA97C30D0F67F52C1B3D6A2ABC235E62B244063B7120028C4E042217942FF6CD1BF3E42D15CDD3AE8465FD27059DCB220C183E55
Malicious:	false
Reputation:	low
URL:	https://nonevertiseblock.pages.dev/
Preview:	<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Suspected phishing site \| Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded

Chrome Cache Entry: 48

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24050)
Category:	downloaded
Size (bytes):	24051
Entropy (8bit):	4.941039417164537
Encrypted:	false
SSDEEP:	192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk
MD5:	5E8C69A459A691B5D1B9BE442332C87D
SHA1:	F24DD1AD7C9080575D92A9A9A2C42620725EF836
SHA-256:	84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091
SHA-512:	6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42
Malicious:	false
Reputation:	low
URL:	https://nonevertiseblock.pages.dev/cdn-cgi/styles/cf.errors.css
Preview:	#cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapper del,#cf-wrapper details,#cf-wrapper dfn,#cf-wrapper div,#cf-wrapper dl,#cf-wrapper dt,#cf-wrapper em,#cf-wrapper embed,#cf-wrapper fieldset,#cf-wrapper figcaption,#cf-wrapper figure,#cf-wrapper footer,#cf-wrapper form,#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3,#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper header,#cf-wrapper hgroup,#cf-wrapper html,#cf-wrapper i,#cf-wrapper iframe,#cf-wrapper img,#cf-wrapper label,#cf-wrapper legend,#cf-wrapper li,#cf-wrapper mark,#cf-wrapper menu,#cf-wrapper nav,#cf-wrapper object,#cf-wrapper ol,#cf-wrapper output,#cf-wrapper p,#cf-wrapper pre,#cf-wrapper s,#cf-wrapper samp,#cf-wrapper section,#cf-wrapper small,#cf-wrapper span,#cf-wrapper strike,#cf-wrapper strong,#cf-wrapper sub,#cf-w

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 01:52:59.383114100 CEST	49674	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:52:59.383114100 CEST	49673	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:52:59.711535931 CEST	49672	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:05.324935913 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:05.325002909 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:05.325062990 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:05.330204964 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:05.330219984 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.148721933 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.148830891 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.153973103 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.153987885 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.154247046 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.157690048 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.173775911 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.173789024 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.174283028 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.219408989 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.354058027 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.354221106 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:06.354281902 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.358176947 CEST	49709	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:06.358202934 CEST	443	49709	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.141983986 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.142018080 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.142216921 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.142422915 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.142433882 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.187130928 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.187163115 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.187263966 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.187999010 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.188010931 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.598519087 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.598885059 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.598906994 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.599905968 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.599998951 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601059914 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601109028 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601128101 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.601217985 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601233006 CEST	443	49715	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.601268053 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601747990 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601782084 CEST	49715	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.601808071 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.601882935 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.602066040 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:08.602082014 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:08.992549896 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.992732048 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.996429920 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.996439934 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.997159004 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.999372959 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.999454975 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:08.999459982 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:08.999574900 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:09.008560896 CEST	49674	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:09.008560896 CEST	49673	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:09.047420025 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:09.068000078 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.068397999 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.068433046 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.069470882 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.069535017 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.071065903 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.071166039 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.071284056 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.071291924 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.174024105 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:09.174396992 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:09.174482107 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:09.175134897 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:09.175153017 CEST	443	49716	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:09.175182104 CEST	49716	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:09.186590910 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.186633110 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.186655998 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.186738014 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.186815023 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.186815977 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.186815977 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.238089085 CEST	49717	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.238125086 CEST	443	49717	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.259756088 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.259819984 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.259892941 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.260366917 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.260384083 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.313466072 CEST	49672	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:09.741580009 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.742197990 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.742235899 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.743237972 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.743302107 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.744798899 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.744832039 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.744859934 CEST	443	49720	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.744887114 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.744950056 CEST	49720	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.745476007 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.745517015 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:09.745577097 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.746289968 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:09.746305943 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.200634956 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.241770983 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.341418982 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.341435909 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.341876984 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.342516899 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.342583895 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.343029976 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.387408018 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.439944029 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.439995050 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440028906 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440052032 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.440061092 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440074921 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440104008 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.440133095 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440184116 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.440192938 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440541983 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440581083 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440603971 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.440612078 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440622091 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.440661907 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.444756031 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.444861889 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.444870949 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.491609097 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.526397943 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526462078 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526499033 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526534081 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526556969 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.526585102 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526599884 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.526818037 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.526865005 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.527645111 CEST	49721	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.527662039 CEST	443	49721	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.580640078 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.580683947 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:10.580828905 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.611923933 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:10.611937046 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.140754938 CEST	443	49704	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:11.140868902 CEST	49704	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:11.143002033 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.143593073 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.143615961 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.144632101 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.144716978 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.145356894 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.145380974 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.145418882 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.145529985 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.145538092 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.145586014 CEST	443	49722	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.145629883 CEST	49722	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.146258116 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.146334887 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.146400928 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.146620035 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.146640062 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.346056938 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:11.346081972 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:11.346142054 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:11.346791029 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:11.346803904 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:11.603780985 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.608798981 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.608850956 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.609905958 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.609972954 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.618289948 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.618360996 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.619137049 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.619154930 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.664546967 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.742583036 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.742660046 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.742724895 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.933650017 CEST	49724	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.933691025 CEST	443	49724	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.949356079 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.949414015 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:11.949520111 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.950747967 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:11.950764894 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.019905090 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:12.020350933 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:12.020364046 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:12.021950960 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:12.022313118 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:12.024710894 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:12.024797916 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:12.025773048 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.025830984 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.032160997 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.034140110 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.034177065 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.053318977 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.053395033 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.056011915 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.057775974 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.057795048 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.069601059 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:12.069613934 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:12.118751049 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:12.424340010 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.424655914 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.424685955 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.425679922 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.425954103 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.426568031 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.426620007 CEST	443	49726	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.426640987 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.426640987 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.426727057 CEST	49726	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.427189112 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.427228928 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.427325964 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.427576065 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.427584887 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.510565042 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.515053034 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.515151978 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.516151905 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.516313076 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517018080 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517071962 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.517080069 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517085075 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517215014 CEST	443	49728	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.517359972 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517359972 CEST	49728	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517568111 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.517592907 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.517865896 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.518115997 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:12.518126011 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:12.686213970 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.691850901 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.715823889 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.715841055 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.716193914 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.757395029 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.820316076 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:12.867405891 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:12.885406017 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.885835886 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.885864973 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.886195898 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.886742115 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.886742115 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:12.886761904 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.886809111 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:12.928380966 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.083489895 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.083653927 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.083734989 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.085273981 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.097542048 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.097553968 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.098591089 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.098675966 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.099230051 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.099291086 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.099951029 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.099956989 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.137826920 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.137867928 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.137882948 CEST	49727	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.137890100 CEST	443	49727	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.150544882 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.217417002 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.217494011 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.217540979 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.240669966 CEST	49730	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.240689993 CEST	443	49730	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.261483908 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261595964 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261641026 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.261646986 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261662006 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261701107 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.261703968 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261714935 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.261763096 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.261816025 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.262511015 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.262535095 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.262557983 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.262568951 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.262609005 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.266078949 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.318958044 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.318974972 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.348387957 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.348443985 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.348452091 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.348509073 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.348552942 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.366158009 CEST	49729	443	192.168.2.6	172.66.44.153
Sep 29, 2024 01:53:13.366173029 CEST	443	49729	172.66.44.153	192.168.2.6
Sep 29, 2024 01:53:13.657819986 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.657927990 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.658010006 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.661206961 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:13.661241055 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:13.709166050 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.709233999 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:13.709301949 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.724483013 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:13.724504948 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.184690952 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.184986115 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.185022116 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.186475992 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.186536074 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.186913967 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.186925888 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.186975002 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.186990023 CEST	443	49732	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.187038898 CEST	49732	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.187297106 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.187325954 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.187397957 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.187602997 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.187613010 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.298093081 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.298188925 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.299933910 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.299981117 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.300256014 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.301362991 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.347413063 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.573622942 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.573697090 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.573765993 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.574594975 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.574656010 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.574692011 CEST	49731	443	192.168.2.6	184.28.90.27
Sep 29, 2024 01:53:14.574707985 CEST	443	49731	184.28.90.27	192.168.2.6
Sep 29, 2024 01:53:14.655836105 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.656107903 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.656121969 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.656591892 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.657438993 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.657531977 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.657677889 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.703404903 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.822973013 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823124886 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823213100 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823239088 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.823256016 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823362112 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823414087 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.823424101 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823472977 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.823481083 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.823573112 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.825743914 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.825752020 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.827569008 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.827682972 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.827754974 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.827759027 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.827790022 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.827804089 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.881479979 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.911036015 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.911276102 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:14.911330938 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.911911964 CEST	49733	443	192.168.2.6	172.66.47.103
Sep 29, 2024 01:53:14.911923885 CEST	443	49733	172.66.47.103	192.168.2.6
Sep 29, 2024 01:53:21.894406080 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:21.894473076 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:21.894610882 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:22.936322927 CEST	49725	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:53:22.936355114 CEST	443	49725	142.250.184.196	192.168.2.6
Sep 29, 2024 01:53:22.948873997 CEST	49704	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:22.951073885 CEST	49704	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:22.952187061 CEST	49738	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:22.952245951 CEST	443	49738	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:22.952399969 CEST	49738	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:22.953735113 CEST	443	49704	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:22.955862045 CEST	443	49704	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:22.958242893 CEST	49738	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:22.958266973 CEST	443	49738	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:23.563129902 CEST	443	49738	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:23.563216925 CEST	49738	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:53:34.046145916 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.046185017 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.046444893 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.047492027 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.047502041 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.834803104 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.834897041 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.840111971 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.840128899 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.840361118 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.842127085 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.842202902 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.842209101 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:34.842339993 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:34.887404919 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:35.018987894 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:35.019196987 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:35.019464970 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:35.019537926 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:35.019537926 CEST	49739	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:53:35.019556046 CEST	443	49739	40.113.110.67	192.168.2.6
Sep 29, 2024 01:53:42.731612921 CEST	443	49738	173.222.162.64	192.168.2.6
Sep 29, 2024 01:53:42.731717110 CEST	49738	443	192.168.2.6	173.222.162.64
Sep 29, 2024 01:54:02.130065918 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.130110979 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.130189896 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.131439924 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.131458998 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.919954062 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.920026064 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.922107935 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.922121048 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.922319889 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.924020052 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.924088001 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.924093962 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:02.924206018 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:02.971394062 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:03.095875025 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:03.095976114 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:03.096050024 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:03.096528053 CEST	49741	443	192.168.2.6	40.113.110.67
Sep 29, 2024 01:54:03.096548080 CEST	443	49741	40.113.110.67	192.168.2.6
Sep 29, 2024 01:54:11.385853052 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:11.385962963 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:11.386080027 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:11.386593103 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:11.386626959 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:12.035986900 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:12.036463976 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:12.036494017 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:12.036767960 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:12.037797928 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:12.037846088 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:12.084899902 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:21.932053089 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:21.932133913 CEST	443	49743	142.250.184.196	192.168.2.6
Sep 29, 2024 01:54:21.932240009 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:22.986176014 CEST	49743	443	192.168.2.6	142.250.184.196
Sep 29, 2024 01:54:22.986239910 CEST	443	49743	142.250.184.196	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 01:53:06.454580069 CEST	53	51807	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:06.503580093 CEST	53	59456	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:07.788399935 CEST	53	63683	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:08.107949018 CEST	61039	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:08.109317064 CEST	61152	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:08.119982958 CEST	53	61039	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:08.120748997 CEST	53	61152	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:08.129189014 CEST	59666	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:08.129318953 CEST	62736	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:08.139373064 CEST	53	59666	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:08.141347885 CEST	53	62736	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:11.336158991 CEST	53221	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:11.336579084 CEST	52372	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:11.342884064 CEST	53	53221	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:11.343039036 CEST	53	52372	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:12.040957928 CEST	52225	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:12.041315079 CEST	56909	53	192.168.2.6	1.1.1.1
Sep 29, 2024 01:53:12.052197933 CEST	53	56909	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:12.052217007 CEST	53	52225	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:24.827893972 CEST	53	56209	1.1.1.1	192.168.2.6
Sep 29, 2024 01:53:43.656063080 CEST	53	57274	1.1.1.1	192.168.2.6
Sep 29, 2024 01:54:06.443764925 CEST	53	64548	1.1.1.1	192.168.2.6
Sep 29, 2024 01:54:06.700469017 CEST	53	52255	1.1.1.1	192.168.2.6

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 29, 2024 01:53:08.107949018 CEST	192.168.2.6	1.1.1.1	0x18b1	Standard query (0)	nonevertiseblock.pages.dev	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.109317064 CEST	192.168.2.6	1.1.1.1	0x8949	Standard query (0)	nonevertiseblock.pages.dev	65	IN (0x0001)	false
Sep 29, 2024 01:53:08.129189014 CEST	192.168.2.6	1.1.1.1	0xe041	Standard query (0)	nonevertiseblock.pages.dev	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.129318953 CEST	192.168.2.6	1.1.1.1	0x861b	Standard query (0)	nonevertiseblock.pages.dev	65	IN (0x0001)	false
Sep 29, 2024 01:53:11.336158991 CEST	192.168.2.6	1.1.1.1	0x86b4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:11.336579084 CEST	192.168.2.6	1.1.1.1	0x8ad1	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 29, 2024 01:53:12.040957928 CEST	192.168.2.6	1.1.1.1	0x2465	Standard query (0)	nonevertiseblock.pages.dev	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:12.041315079 CEST	192.168.2.6	1.1.1.1	0x3bcc	Standard query (0)	nonevertiseblock.pages.dev	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 29, 2024 01:53:08.119982958 CEST	1.1.1.1	192.168.2.6	0x18b1	No error (0)	nonevertiseblock.pages.dev		172.66.47.103	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.119982958 CEST	1.1.1.1	192.168.2.6	0x18b1	No error (0)	nonevertiseblock.pages.dev		172.66.44.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.120748997 CEST	1.1.1.1	192.168.2.6	0x8949	No error (0)	nonevertiseblock.pages.dev			65	IN (0x0001)	false
Sep 29, 2024 01:53:08.139373064 CEST	1.1.1.1	192.168.2.6	0xe041	No error (0)	nonevertiseblock.pages.dev		172.66.44.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.139373064 CEST	1.1.1.1	192.168.2.6	0xe041	No error (0)	nonevertiseblock.pages.dev		172.66.47.103	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:08.141347885 CEST	1.1.1.1	192.168.2.6	0x861b	No error (0)	nonevertiseblock.pages.dev			65	IN (0x0001)	false
Sep 29, 2024 01:53:11.342884064 CEST	1.1.1.1	192.168.2.6	0x86b4	No error (0)	www.google.com		142.250.184.196	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:11.343039036 CEST	1.1.1.1	192.168.2.6	0x8ad1	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 29, 2024 01:53:12.052197933 CEST	1.1.1.1	192.168.2.6	0x3bcc	No error (0)	nonevertiseblock.pages.dev			65	IN (0x0001)	false
Sep 29, 2024 01:53:12.052217007 CEST	1.1.1.1	192.168.2.6	0x2465	No error (0)	nonevertiseblock.pages.dev		172.66.47.103	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:12.052217007 CEST	1.1.1.1	192.168.2.6	0x2465	No error (0)	nonevertiseblock.pages.dev		172.66.44.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:20.136961937 CEST	1.1.1.1	192.168.2.6	0x1f92	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 01:53:20.136961937 CEST	1.1.1.1	192.168.2.6	0x1f92	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:40.015152931 CEST	1.1.1.1	192.168.2.6	0x54fe	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:53:40.015152931 CEST	1.1.1.1	192.168.2.6	0x54fe	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:54:21.149475098 CEST	1.1.1.1	192.168.2.6	0xe8c0	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 01:54:21.149475098 CEST	1.1.1.1	192.168.2.6	0xe8c0	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

nonevertiseblock.pages.dev

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port
0	192.168.2.6	49709	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:06 UTC	70	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 78 79 4d 72 48 36 58 51 42 6b 32 57 4e 57 31 65 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 61 64 39 63 61 39 33 62 64 30 33 61 31 66 0d 0a 0d 0a Data Ascii: CNT 1 CON 304MS-CV: xyMrH6XQBk2WNW1e.1Context: 2ad9ca93bd03a1f
2024-09-28 23:53:06 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-09-28 23:53:06 UTC	1075	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 35 32 0d 0a 4d 53 2d 43 56 3a 20 78 79 4d 72 48 36 58 51 42 6b 32 57 4e 57 31 65 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 61 64 39 63 61 39 33 62 64 30 33 61 31 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 58 7a 55 45 6b 33 4e 66 59 68 39 44 37 4a 45 5a 56 62 6c 51 70 7a 62 55 68 49 35 31 6e 4c 71 31 6c 79 78 73 49 65 70 6c 50 58 6f 72 4f 79 52 49 56 48 6e 75 53 2b 51 69 6e 32 63 6a 51 38 47 78 6c 52 66 65 2f 66 72 53 38 6e 4e 35 33 45 6b 50 56 49 67 5a 54 76 4c 63 7a 43 74 4b 2f 74 4b 78 6b 4e 6c 45 66 39 33 48 61 4b 43 39 4b 34 Data Ascii: ATH 2 CON\DEVICE 1052MS-CV: xyMrH6XQBk2WNW1e.2Context: 2ad9ca93bd03a1f<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAXzUEk3NfYh9D7JEZVblQpzbUhI51nLq1lyxsIeplPXorOyRIVHnuS+Qin2cjQ8GxlRfe/frS8nN53EkPVIgZTvLczCtK/tKxkNlEf93HaKC9K4
2024-09-28 23:53:06 UTC	217	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 78 79 4d 72 48 36 58 51 42 6b 32 57 4e 57 31 65 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 61 64 39 63 61 39 33 62 64 30 33 61 31 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 196MS-CV: xyMrH6XQBk2WNW1e.3Context: 2ad9ca93bd03a1f<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-09-28 23:53:06 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-09-28 23:53:06 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 36 30 6e 57 51 4b 38 33 2f 30 43 34 47 79 43 77 6e 6b 56 4a 52 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 60nWQK83/0C4GyCwnkVJRg.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
1	192.168.2.6	49716	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:08 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 35 55 73 4c 4a 38 33 62 54 30 6d 7a 64 69 53 77 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 39 37 63 37 36 34 39 37 37 63 33 38 37 39 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 5UsLJ83bT0mzdiSw.1Context: c97c764977c3879e
2024-09-28 23:53:08 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-09-28 23:53:08 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 35 55 73 4c 4a 38 33 62 54 30 6d 7a 64 69 53 77 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 39 37 63 37 36 34 39 37 37 63 33 38 37 39 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 5a 5a 77 33 54 4d 6b 46 61 62 4c 47 71 7a 6f 71 53 6d 6c 4b 75 4e 79 4e 5a 6f 68 34 39 6f 50 37 53 73 70 42 6e 48 63 47 32 41 43 75 78 38 4d 32 73 69 72 79 37 67 43 4d 78 30 2f 6e 6c 30 39 4d 2b 57 66 35 39 36 47 31 6c 72 33 66 68 73 42 52 62 42 59 56 53 58 77 65 5a 6e 43 59 4e 65 30 63 4b 6f 43 45 45 46 69 4d 6d 6b 53 6d 48 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 5UsLJ83bT0mzdiSw.2Context: c97c764977c3879e<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAZZw3TMkFabLGqzoqSmlKuNyNZoh49oP7SspBnHcG2ACux8M2siry7gCMx0/nl09M+Wf596G1lr3fhsBRbBYVSXweZnCYNe0cKoCEEFiMmkSmH
2024-09-28 23:53:08 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 35 55 73 4c 4a 38 33 62 54 30 6d 7a 64 69 53 77 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 63 39 37 63 37 36 34 39 37 37 63 33 38 37 39 65 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: 5UsLJ83bT0mzdiSw.3Context: c97c764977c3879e<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-09-28 23:53:09 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-09-28 23:53:09 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 52 45 73 7a 30 49 38 4f 78 45 79 53 2b 4b 4b 67 69 65 7a 6c 67 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: REsz0I8OxEyS+KKgiezlgw.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49717	172.66.44.153	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:09 UTC	669	OUT	GET / HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:09 UTC	616	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3SH8ki%2BoMvc%2B9bUIzcG3Prs9C%2FX7KKipUYTuroLCnnLpHadM%2BRy5%2B9C%2BkF2RmdFoNs3ibDXgOMOmaMwPkDZBWgkFISOhunE2Y5c0rNHoLRim8xDveqKinNq30vFdWQ8v8DZWWu1T784n%2BXnfKg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8ca7a6b81ffa0fa4-EWR
2024-09-28 23:53:09 UTC	753	IN	Data Raw: 31 31 32 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112a<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-28 23:53:09 UTC	1369	IN	Data Raw: 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 27 63 66 5f 73 74 79 6c 65 73 2d 69 65 2d 63 73 73 27 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c Data Ascii: ink rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded',
2024-09-28 23:53:09 UTC	1369	IN	Data Raw: 6e 3d 22 2f 63 64 6e 2d 63 67 69 2f 70 68 69 73 68 2d 62 79 70 61 73 73 22 20 6d 65 74 68 6f 64 3d 22 47 45 54 22 20 65 6e 63 74 79 70 65 3d 22 74 65 78 74 2f 70 6c 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 4e 6a 42 74 6a 38 49 79 43 76 4c 2e 6c 58 43 4e 34 6d 41 51 49 61 38 2e 69 7a 75 4a 49 34 6d 43 4a 32 55 66 61 32 79 70 69 32 51 2d 31 37 32 37 35 36 37 35 38 39 2d 30 2e 30 2e 31 2e 31 2d 2f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f Data Ascii: n="/cdn-cgi/phish-bypass" method="GET" enctype="text/plain"> <input type="hidden" name="atok" value="NjBtj8IyCvL.lXCN4mAQIa8.izuJI4mCJ2Ufa2ypi2Q-1727567589-0.0.1.1-/"> <a href="https://www.cloudflare.com/
2024-09-28 23:53:09 UTC	911	IN	Data Raw: 70 22 3e 38 2e 34 36 2e 31 32 33 2e 33 33 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 Data Ascii: p">8.46.123.33</span> <span class="cf-footer-separator sm:hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5x
2024-09-28 23:53:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49721	172.66.44.153	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:10 UTC	579	OUT	GET /cdn-cgi/styles/cf.errors.css HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://nonevertiseblock.pages.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:10 UTC	411	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:10 GMT Content-Type: text/css Content-Length: 24051 Connection: close Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT ETag: "66f525a7-5df3" Server: cloudflare CF-RAY: 8ca7a6bffc9e0f39-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sun, 29 Sep 2024 01:53:10 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2024-09-28 23:53:10 UTC	958	IN	Data Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70 Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 61 62 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 66 6f 6f 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 65 61 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f Data Ascii: e,#cf-wrapper strong,#cf-wrapper sub,#cf-wrapper summary,#cf-wrapper sup,#cf-wrapper table,#cf-wrapper tbody,#cf-wrapper td,#cf-wrapper tfoot,#cf-wrapper th,#cf-wrapper thead,#cf-wrapper tr,#cf-wrapper tt,#cf-wrapper u,#cf-wrapper ul{margin:0;padding:0;bo
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 31 2e 35 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 6e 6f 72 6d 61 6c 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 36 2c 31 33 39 2c 33 31 2c 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 65 6d Data Ascii: 1.5!important;text-decoration:none!important;letter-spacing:normal;-webkit-tap-highlight-color:rgba(246,139,31,.3);-webkit-font-smoothing:antialiased}#cf-wrapper .cf-section,#cf-wrapper section{background:0 0;display:block;margin-bottom:2em;margin-top:2em
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 77 6f 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 32 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 Data Ascii: ld(2n),#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.four>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.two>.cf-column:nth-child(2n){padding-left:22.5px;padding-right:0}#cf-wrapper .cf-columns.cols-2>.cf-column:nth-chi
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 31 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 Data Ascii: ),#cf-wrapper .cf-columns.four>.cf-column:nth-child(odd){clear:none}#cf-wrapper .cf-columns.cols-4>.cf-column:first-child,#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+1),#cf-wrapper .cf-columns.four>.cf-column:first-child,#cf-wrapper .cf-columns
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 30 3b 70 61 64 64 69 6e 67 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 7d 23 63 66 2d 77 72 61 70 70 65 Data Ascii: 0;padding:0}#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3{font-weight:400}#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper strong{font-weight:600}#cf-wrapper h1{font-size:36px;line-height:1.2}#cf-wrapper h2{font-size:30px;line-height:1.3}#cf-wrappe
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 68 32 2b 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 6f 6c 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 63 6f 6c Data Ascii: h2+h4,#cf-wrapper h2+h5,#cf-wrapper h2+h6,#cf-wrapper h3+h5,#cf-wrapper h3+h6,#cf-wrapper h3+p,#cf-wrapper h4+p,#cf-wrapper h5+ol,#cf-wrapper h5+p,#cf-wrapper h5+ul{margin-top:.5em}#cf-wrapper .cf-btn{background-color:transparent;border:1px solid #999;col
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 3a 23 36 32 61 31 64 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 31 36 33 39 35 39 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 68 6f 76 65 72 2c 23 Data Ascii: :#62a1d8;border:1px solid #163959;color:#fff}#cf-wrapper .cf-btn-danger,#cf-wrapper .cf-btn-error,#cf-wrapper .cf-btn-important{background-color:#bd2426;border-color:transparent;color:#fff}#cf-wrapper .cf-btn-danger:hover,#cf-wrapper .cf-btn-error:hover,#
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 61 63 65 3a 6e 6f 77 72 61 70 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 34 30 34 30 34 30 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 36 36 36 37 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 34 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 21 69 6d 70 6f 72 74 61 6e Data Ascii: ace:nowrap}#cf-wrapper input,#cf-wrapper select,#cf-wrapper textarea{background:#fff!important;border:1px solid #999!important;color:#404040!important;font-size:.86667em!important;line-height:1.24!important;margin:0 0 1em!important;max-width:100%!importan
2024-09-28 23:53:10 UTC	1369	IN	Data Raw: 3a 23 34 30 34 30 34 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 3a 37 2e 35 70 78 20 31 35 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 3a 65 6d 70 74 79 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 20 2e 63 66 2d 63 6c 6f 73 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 2e 37 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 70 61 64 64 69 6e Data Ascii: :#404040;font-size:13px;padding:7.5px 15px;position:relative;vertical-align:middle;border-radius:2px}#cf-wrapper .cf-alert:empty{display:none}#cf-wrapper .cf-alert .cf-close{border:1px solid transparent;color:inherit;font-size:18.75px;line-height:1;paddin

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49724	172.66.44.153	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:11 UTC	671	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://nonevertiseblock.pages.dev/cdn-cgi/styles/cf.errors.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:11 UTC	409	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:11 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT ETag: "66f525a7-1c4" Server: cloudflare CF-RAY: 8ca7a6c81bba5e6d-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sun, 29 Sep 2024 01:53:11 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2024-09-28 23:53:11 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49727	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:12 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-28 23:53:13 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=147110 Date: Sat, 28 Sep 2024 23:53:12 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49729	172.66.44.153	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:12 UTC	608	OUT	GET /favicon.ico HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://nonevertiseblock.pages.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:13 UTC	747	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:13 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=0, must-revalidate referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grOX%2BwYTrC6EIM9lDoV21JR43nxoLOiVCtsO9pip8Vbl0YDBwj9A90hSiWNP9hNYmU0%2BzG7vkuiaFoj%2BNlSb9W2i%2Fm8lPud6SZJeS3FZ2yJ6ydnSgIqQq6h2NwUYhCyh4DCZuTkbYgCf02M6Ew%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8ca7a6d15c960f78-EWR
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 34 31 34 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 0a 20 20 20 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 70 6e 67 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6c 61 6e 67 75 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 Data Ascii: 4140<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <link rel="shortcut icon" href="favicon.png"> <meta name="language" content="en"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="t
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 20 69 73 2d 66 69 78 65 64 20 69 73 2d 73 6d 61 6c 6c 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 2d 66 6c 75 69 64 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 36 32 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 64 32 33 33 30 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 32 38 32 65 33 62 3b 62 6f 72 64 Data Ascii: iv> </div> <header id="header" class="header is-fixed is-small"> <div class="container-fluid"> <div style="height:62px;background-color:#1d2330;overflow:hidden;box-sizing:border-box;border:1px solid #282e3b;bord
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 3e 21 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 66 6f 72 28 76 61 72 20 72 2c 74 2c 6e 3d 65 5b 30 5d 2c 6f 3d 65 5b 31 5d 2c 75 3d 65 5b 32 5d 2c 66 3d 30 2c 69 3d 5b 5d 3b 66 3c 6e 2e 6c 65 6e 67 74 68 3b 66 2b 2b 29 74 3d 6e 5b 66 5d 2c 70 5b 74 5d 26 26 69 2e 70 75 73 68 28 70 5b 74 5d 5b 30 5d 29 2c 70 5b 74 5d 3d 30 3b 66 6f 72 28 72 20 69 6e 20 6f 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 6f 2c 72 29 26 26 28 6c 5b 72 5d 3d 6f 5b 72 5d 29 3b 66 6f 72 28 73 26 26 73 28 65 29 3b 69 2e 6c 65 6e 67 74 68 3b 29 69 2e 73 68 69 66 74 Data Ascii: "></div> </div> <script>!function(l){function e(e){for(var r,t,n=e[0],o=e[1],u=e[2],f=0,i=[];f<n.length;f++)t=n[f],p[t]&&i.push(p[t][0]),p[t]=0;for(r in o)Object.prototype.hasOwnProperty.call(o,r)&&(l[r]=o[r]);for(s&&s(e);i.length;)i.shift
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 6f 77 2e 77 65 62 70 61 63 6b 4a 73 6f 6e 70 3d 77 69 6e 64 6f 77 2e 77 65 62 70 61 63 6b 4a 73 6f 6e 70 7c 7c 5b 5d 2c 6e 3d 72 2e 70 75 73 68 2e 62 69 6e 64 28 72 29 3b 72 2e 70 75 73 68 3d 65 2c 72 3d 72 2e 73 6c 69 63 65 28 29 3b 66 6f 72 28 76 61 72 20 6f 3d 30 3b 6f 3c 72 2e 6c 65 6e 67 74 68 3b 6f 2b 2b 29 65 28 72 5b 6f 5d 29 3b 76 61 72 20 73 3d 6e 3b 61 28 29 7d 28 5b 5d 29 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 6a 73 2f 32 2e 35 33 32 66 65 30 37 37 2e 63 68 75 6e 6b 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 73 74 61 74 69 63 2f 6a 73 2f 6d 61 69 6e 2e 30 62 64 37 33 36 64 64 2e 63 68 75 6e 6b 2e 6a 73 22 Data Ascii: ow.webpackJsonp=window.webpackJsonp\|\|[],n=r.push.bind(r);r.push=e,r=r.slice();for(var o=0;o<r.length;o++)e(r[o]);var s=n;a()}([])</script> <script src="static/js/2.532fe077.chunk.js"></script> <script src="static/js/main.0bd736dd.chunk.js"
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 61 57 78 73 50 53 49 6a 5a 6d 5a 6d 49 69 38 2b 50 48 42 68 64 47 67 67 5a 44 30 69 62 53 30 79 4e 7a 51 75 4e 69 30 7a 4e 44 4d 75 4e 79 41 30 4c 6a 49 74 4e 53 34 31 59 79 30 79 4c 6a 55 74 4d 53 34 35 4c 54 59 74 4d 53 34 35 4c 54 67 75 4e 53 41 77 65 6d 30 33 4d 69 34 31 49 44 49 78 4c 6a 4d 67 4e 69 34 35 4c 6a 46 6a 4d 43 30 78 4c 6a 6b 74 4c 6a 63 74 4d 79 34 32 4c 54 49 74 4e 53 30 78 4c 6a 4d 74 4d 53 34 7a 4c 54 4d 75 4d 53 30 79 4c 6a 45 74 4e 43 34 35 4c 54 49 75 4d 58 70 74 4c 54 63 79 4c 6a 55 67 4d 54 51 34 4c 6a 45 74 4d 79 34 34 49 44 55 75 4f 47 4d 79 4c 6a 4d 67 4d 53 34 31 49 44 55 75 4d 79 41 78 4c 6a 55 67 4e 79 34 33 49 44 42 36 62 53 30 33 4d 69 34 30 4c 54 45 30 4f 43 34 78 64 69 30 32 4c 6a 6c 6a 4c 54 45 75 4f 53 41 77 4c 54 4d Data Ascii: aWxsPSIjZmZmIi8+PHBhdGggZD0ibS0yNzQuNi0zNDMuNyA0LjItNS41Yy0yLjUtMS45LTYtMS45LTguNSAwem03Mi41IDIxLjMgNi45LjFjMC0xLjktLjctMy42LTItNS0xLjMtMS4zLTMuMS0yLjEtNC45LTIuMXptLTcyLjUgMTQ4LjEtMy44IDUuOGMyLjMgMS41IDUuMyAxLjUgNy43IDB6bS03Mi40LTE0OC4xdi02LjljLTEuOSAwLTM
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 6f 6e 6e 65 63 74 20 74 6f 20 79 6f 75 72 20 54 72 75 73 74 20 57 61 6c 6c 65 74 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 65 43 49 6d 50 62 20 63 53 61 4a 61 65 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 68 4b 77 44 79 65 20 69 57 43 71 6f 51 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 Data Ascii: onnect to your Trust Wallet</div> </div> </div> <div class="sc-eCImPb cSaJae web3modal-provider-wrapper"> <div class="sc-hKwDye iWCqoQ web3modal-pr
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 78 4d 44 41 6c 49 6a 34 38 63 33 52 76 63 43 42 76 5a 6d 5a 7a 5a 58 51 39 49 6a 41 69 49 48 4e 30 62 33 41 74 59 32 39 73 62 33 49 39 49 69 4d 31 5a 44 6c 6b 5a 6a 59 69 4c 7a 34 38 63 33 52 76 63 43 42 76 5a 6d 5a 7a 5a 58 51 39 49 6a 45 69 49 48 4e 30 62 33 41 74 59 32 39 73 62 33 49 39 49 69 4d 77 4d 44 5a 6d 5a 6d 59 69 4c 7a 34 38 4c 33 4a 68 5a 47 6c 68 62 45 64 79 59 57 52 70 5a 57 35 30 50 6a 78 6e 49 47 5a 70 62 47 77 39 49 6d 35 76 62 6d 55 69 49 47 5a 70 62 47 77 74 63 6e 56 73 5a 54 30 69 5a 58 5a 6c 62 6d 39 6b 5a 43 49 2b 50 48 42 68 64 47 67 67 5a 44 30 69 62 54 49 31 4e 69 41 77 59 7a 45 30 4d 53 34 7a 4f 44 51 34 4f 54 59 67 4d 43 41 79 4e 54 59 67 4d 54 45 30 4c 6a 59 78 4e 54 45 77 4e 43 41 79 4e 54 59 67 4d 6a 55 32 63 79 30 78 4d 54 Data Ascii: xMDAlIj48c3RvcCBvZmZzZXQ9IjAiIHN0b3AtY29sb3I9IiM1ZDlkZjYiLz48c3RvcCBvZmZzZXQ9IjEiIHN0b3AtY29sb3I9IiMwMDZmZmYiLz48L3JhZGlhbEdyYWRpZW50PjxnIGZpbGw9Im5vbmUiIGZpbGwtcnVsZT0iZXZlbm9kZCI+PHBhdGggZD0ibTI1NiAwYzE0MS4zODQ4OTYgMCAyNTYgMTE0LjYxNTEwNCAyNTYgMjU2cy0xMT
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 4c 6a 41 77 4d 44 41 77 4f 43 34 77 4d 44 41 77 4d 44 63 74 4c 6a 41 77 4d 44 41 78 4d 69 34 77 4d 44 41 77 4d 54 46 73 4c 54 59 77 4c 6a 51 79 4e 6a 6b 32 4f 44 4d 67 4e 54 67 75 4f 54 55 33 4e 44 41 34 59 79 30 79 4c 6a 55 33 4e 6a 59 78 4e 44 45 67 4d 69 34 31 4d 54 4d 35 4e 44 63 74 4e 69 34 33 4e 54 51 78 4e 7a 51 32 49 44 49 75 4e 54 45 7a 4f 54 6b 74 4f 53 34 7a 4d 7a 41 34 4e 44 41 34 4c 6a 41 77 4d 44 41 35 4d 69 30 75 4d 44 41 77 4d 44 45 31 4d 53 30 75 4d 44 41 77 4d 44 45 30 4c 53 34 77 4d 44 41 77 4d 7a 41 35 4c 53 34 77 4d 44 41 77 4d 6a 6b 74 4c 6a 41 77 4d 44 41 30 4e 6a 63 74 4c 6a 41 77 4d 44 41 30 4e 6d 77 74 4f 44 55 75 4d 54 51 7a 4f 44 59 33 4e 7a 51 74 4f 44 4d 75 4d 44 63 78 4e 44 59 7a 59 79 30 79 4c 6a 55 33 4e 6a 59 7a 4f 54 49 Data Ascii: LjAwMDAwOC4wMDAwMDctLjAwMDAxMi4wMDAwMTFsLTYwLjQyNjk2ODMgNTguOTU3NDA4Yy0yLjU3NjYxNDEgMi41MTM5NDctNi43NTQxNzQ2IDIuNTEzOTktOS4zMzA4NDA4LjAwMDA5Mi0uMDAwMDE1MS0uMDAwMDE0LS4wMDAwMzA5LS4wMDAwMjktLjAwMDA0NjctLjAwMDA0NmwtODUuMTQzODY3NzQtODMuMDcxNDYzYy0yLjU3NjYzOTI
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 65 43 49 6d 50 62 20 63 53 61 4a 61 65 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 68 4b 77 44 79 65 20 69 57 43 71 6f 51 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 63 6f 6e 74 61 69 6e 65 72 22 20 64 61 74 61 2d 6e 61 6d 65 3d 22 43 6f 69 6e 62 61 73 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 62 64 76 76 74 4c 20 66 71 6f 6e 4c 5a 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 69 63 6f 6e 22 3e Data Ascii: <div class="sc-eCImPb cSaJae web3modal-provider-wrapper"> <div class="sc-hKwDye iWCqoQ web3modal-provider-container" data-name="Coinbase"> <div class="sc-bdvvtL fqonLZ web3modal-provider-icon">
2024-09-28 23:53:13 UTC	1369	IN	Data Raw: 57 35 69 59 58 4e 6c 64 32 46 73 62 47 56 30 49 6a 34 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 50 47 63 67 61 57 51 39 49 6c 42 68 64 47 67 69 50 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 50 47 31 68 63 32 73 67 61 57 51 39 49 6d 31 68 63 32 73 74 4d 69 49 67 5a 6d 6c 73 62 44 30 69 64 32 68 70 64 47 55 69 50 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 44 78 31 63 32 55 67 65 47 78 70 62 6d 73 36 61 48 4a 6c 5a 6a 30 69 49 33 42 68 64 47 67 74 4d 53 49 2b 50 43 39 31 63 32 55 2b 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 38 4c 32 31 68 63 32 73 2b 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 38 63 6d 56 6a 64 43 42 7a 64 48 4a 76 Data Ascii: W5iYXNld2FsbGV0Ij4KICAgICAgICAgICAgPGcgaWQ9IlBhdGgiPgogICAgICAgICAgICAgICAgPG1hc2sgaWQ9Im1hc2stMiIgZmlsbD0id2hpdGUiPgogICAgICAgICAgICAgICAgICAgIDx1c2UgeGxpbms6aHJlZj0iI3BhdGgtMSI+PC91c2U+CiAgICAgICAgICAgICAgICA8L21hc2s+CiAgICAgICAgICAgICAgICA8cmVjdCBzdHJv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49730	172.66.47.103	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:13 UTC	396	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:13 UTC	409	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:13 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT ETag: "66f525a7-1c4" Server: cloudflare CF-RAY: 8ca7a6d14c484294-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sun, 29 Sep 2024 01:53:13 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2024-09-28 23:53:13 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49731	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:14 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-28 23:53:14 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=147138 Date: Sat, 28 Sep 2024 23:53:14 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-28 23:53:14 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49733	172.66.47.103	443	4048	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:14 UTC	361	OUT	GET /favicon.ico HTTP/1.1 Host: nonevertiseblock.pages.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 23:53:14 UTC	761	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 23:53:14 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=0, must-revalidate referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2F4SeWAaA9coHUblXF2jDcjKXVR6IvfPT7l0Z7XiDLQodukf7Vmv4tGDbTKctNvM2ae%2BGQUh5uHY3%2FvKwAPjae%2BY7bWuvugKfZov%2Fup0RxjW%2BVD74bj%2Fh03TV%2BK%2Bz7PZ0zu6HUpJu%2B4v%2BZT41Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Speculation-Rules: "/cdn-cgi/speculation" Server: cloudflare CF-RAY: 8ca7a6db1a1043ee-EWR
2024-09-28 23:53:14 UTC	608	IN	Data Raw: 34 31 34 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 0a 20 20 20 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 70 6e 67 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6c 61 6e 67 75 61 67 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 Data Ascii: 4140<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <link rel="shortcut icon" href="favicon.png"> <meta name="language" content="en"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="t
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 20 3c 74 69 74 6c 65 3e 44 65 63 65 6e 74 72 61 6c 69 7a 65 64 20 44 61 70 70 73 20 2d 20 57 65 20 61 72 65 20 75 6e 69 66 79 69 6e 67 20 57 65 62 33 20 62 79 20 70 72 6f 76 69 64 69 6e 67 20 62 65 73 74 2d 69 6e 2d 63 6c 61 73 73 2c 20 73 65 6c 66 2d 63 75 73 74 6f 64 69 61 6c 2c 20 61 6e 64 20 6d 75 6c 74 69 63 68 61 69 6e 20 73 75 70 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 63 73 73 2f 32 2e 31 34 64 63 61 35 30 32 2e 63 68 75 6e 6b 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 73 74 61 74 69 63 2f 63 73 73 2f 6d 61 69 6e 2e 65 39 34 37 32 33 64 35 2e 63 68 75 6e 6b 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 Data Ascii: <title>Decentralized Dapps - We are unifying Web3 by providing best-in-class, self-custodial, and multichain support</title> <link href="static/css/2.14dca502.chunk.css" rel="stylesheet"> <link href="static/css/main.e94723d5.chunk.css" rel="style
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 67 65 74 3f 74 79 70 65 3d 68 6f 72 69 7a 6f 6e 74 61 6c 5f 76 32 26 61 6d 70 3b 74 68 65 6d 65 3d 64 61 72 6b 26 61 6d 70 3b 70 72 65 66 5f 63 6f 69 6e 5f 69 64 3d 31 35 30 35 26 61 6d 70 3b 69 6e 76 65 72 74 5f 68 6f 76 65 72 3d 6e 6f 22 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 68 65 69 67 68 74 3d 22 33 36 70 78 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 61 75 74 6f 22 20 6d 61 72 67 69 6e 77 69 64 74 68 3d 22 30 22 20 6d 61 72 67 69 6e 68 65 69 67 68 74 3d 22 30 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 62 6f 72 64 65 72 3d 22 30 22 20 73 74 79 6c 65 3d 22 62 6f 72 64 65 72 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 69 66 72 61 6d 65 3e Data Ascii: get?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_hover=no" width="100%" height="36px" scrolling="auto" marginwidth="0" marginheight="0" frameborder="0" border="0" style="border:0;margin:0;padding:0"> </iframe>
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 6c 2c 66 2e 63 3d 74 2c 66 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 72 2c 74 29 7b 66 2e 6f 28 65 2c 72 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 72 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 74 7d 29 7d 2c 66 2e 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 26 26 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 53 79 6d 62 6f 6c 2e 74 6f 53 74 72 69 6e 67 54 61 67 2c 7b 76 61 6c 75 65 3a 22 4d 6f 64 75 6c 65 22 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 Data Ascii: l,f.c=t,f.d=function(e,r,t){f.o(e,r)\|\|Object.defineProperty(e,r,{enumerable:!0,get:t})},f.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{valu
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 63 2d 66 75 72 77 63 72 20 63 43 45 78 6b 7a 20 77 65 62 33 6d 6f 64 61 6c 2d 6d 6f 64 61 6c 2d 63 61 72 64 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 65 43 49 6d 50 62 20 63 53 61 4a 61 65 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 68 4b 77 44 79 65 20 69 57 43 71 6f 51 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 63 6f 6e 74 61 69 6e 65 72 22 20 64 61 74 61 2d 6e 61 6d 65 3d 22 54 72 75 73 74 20 57 61 6c 6c 65 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: c-furwcr cCExkz web3modal-modal-card"> <div class="sc-eCImPb cSaJae web3modal-provider-wrapper"> <div class="sc-hKwDye iWCqoQ web3modal-provider-container" data-name="Trust Wallet">
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 4c 6a 63 67 4d 54 63 75 4f 43 30 78 4d 53 34 35 49 44 49 30 4c 6a 45 74 4d 6a 45 67 4e 69 34 7a 4c 54 6b 75 4e 43 41 78 4d 43 34 31 4c 54 49 78 4c 6a 59 67 4d 54 4d 75 4d 69 30 7a 4f 53 34 79 49 44 49 75 4e 79 30 78 4e 79 34 30 49 44 51 75 4d 53 30 30 4d 53 41 30 4c 6a 59 74 4e 7a 4d 75 4e 58 70 74 4c 54 59 78 4c 6a 63 67 4d 54 51 79 4c 6a 52 6a 4c 54 45 7a 4c 6a 6b 74 4f 53 34 7a 4c 54 49 31 4c 6a 4d 74 4d 54 55 75 4d 53 30 7a 4e 43 34 79 4c 54 49 77 4c 6a 52 7a 4c 54 45 30 4c 6a 6b 74 4f 53 34 32 4c 54 45 35 4c 6a 63 74 4d 54 59 75 4f 57 4d 74 4e 43 34 33 4c 54 63 74 4f 43 34 30 4c 54 45 32 4c 6a 6b 74 4d 54 41 75 4f 53 30 7a 4d 79 34 32 4c 54 49 75 4e 69 30 78 4e 69 34 34 4c 54 4d 75 4f 53 30 7a 4f 53 34 30 4c 54 51 75 4e 53 30 33 4d 53 34 32 62 43 30 Data Ascii: LjcgMTcuOC0xMS45IDI0LjEtMjEgNi4zLTkuNCAxMC41LTIxLjYgMTMuMi0zOS4yIDIuNy0xNy40IDQuMS00MSA0LjYtNzMuNXptLTYxLjcgMTQyLjRjLTEzLjktOS4zLTI1LjMtMTUuMS0zNC4yLTIwLjRzLTE0LjktOS42LTE5LjctMTYuOWMtNC43LTctOC40LTE2LjktMTAuOS0zMy42LTIuNi0xNi44LTMuOS0zOS40LTQuNS03MS42bC0
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 64 6b 50 74 52 4e 20 6b 46 49 54 57 7a 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 64 65 73 63 72 69 70 74 69 6f 6e 22 3e 43 6f 6e 6e 65 63 74 20 74 6f 20 79 6f 75 72 20 4d 65 74 61 6d 61 73 6b 20 57 61 6c 6c 65 74 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 63 2d 65 43 49 6d 50 62 20 63 53 61 4a 61 65 20 77 65 62 33 6d 6f 64 61 6c 2d 70 72 6f 76 69 64 65 72 2d 77 72 61 70 70 65 72 22 Data Ascii: <div class="sc-dkPtRN kFITWz web3modal-provider-description">Connect to your Metamask Wallet</div> </div> </div> <div class="sc-eCImPb cSaJae web3modal-provider-wrapper"
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 74 4d 53 34 79 4f 44 67 7a 4d 6a 45 67 4d 53 34 79 4e 54 59 35 4e 6a 45 35 4c 54 4d 75 4d 7a 63 33 4d 53 41 78 4c 6a 49 31 4e 6a 6b 32 4d 54 6b 74 4e 43 34 32 4e 6a 55 30 4d 6a 45 67 4d 47 77 74 4f 43 34 31 4d 7a 51 33 4e 6a 59 74 4f 43 34 7a 4d 6a 63 77 4d 6a 41 31 59 79 30 7a 4e 53 34 35 4e 54 41 31 4e 7a 4d 74 4d 7a 55 75 4d 44 63 31 4e 44 6b 32 4d 69 30 35 4e 43 34 79 4d 7a 63 35 4e 6a 6b 74 4d 7a 55 75 4d 44 63 31 4e 44 6b 32 4d 69 30 78 4d 7a 41 75 4d 54 67 34 4e 54 51 30 49 44 42 73 4c 54 6b 75 4d 54 51 77 4d 44 49 34 4d 69 41 34 4c 6a 6b 78 4e 7a 55 31 4d 54 6c 6a 4c 54 45 75 4d 6a 67 34 4d 7a 49 78 4e 79 41 78 4c 6a 49 31 4e 6a 6b 32 4d 44 6b 74 4d 79 34 7a 4e 7a 63 78 4d 44 45 32 49 44 45 75 4d 6a 55 32 4f 54 59 77 4f 53 30 30 4c 6a 59 32 4e 54 Data Ascii: tMS4yODgzMjEgMS4yNTY5NjE5LTMuMzc3MSAxLjI1Njk2MTktNC42NjU0MjEgMGwtOC41MzQ3NjYtOC4zMjcwMjA1Yy0zNS45NTA1NzMtMzUuMDc1NDk2Mi05NC4yMzc5NjktMzUuMDc1NDk2Mi0xMzAuMTg4NTQ0IDBsLTkuMTQwMDI4MiA4LjkxNzU1MTljLTEuMjg4MzIxNyAxLjI1Njk2MDktMy4zNzcxMDE2IDEuMjU2OTYwOS00LjY2NT
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 4e 54 45 7a 4f 54 67 67 4e 69 34 33 4e 54 51 78 4e 44 49 74 4d 69 34 31 4d 54 51 77 4e 7a 51 7a 49 44 6b 75 4d 7a 4d 77 4f 44 51 74 4c 6a 41 77 4d 44 49 78 4d 44 4d 75 4d 44 41 77 4d 44 4d 33 4c 6a 41 77 4d 44 41 7a 4e 54 51 75 4d 44 41 77 4d 44 63 79 4c 6a 41 77 4d 44 41 33 4d 44 6b 75 4d 44 41 77 4d 54 41 33 4c 6a 41 77 4d 44 45 77 4e 6a 4e 73 4e 6a 41 75 4e 44 49 35 4d 44 55 32 49 44 55 34 4c 6a 6b 31 4f 44 4d 31 4e 44 68 6a 4c 6a 59 30 4e 44 45 31 4f 53 34 32 4d 6a 67 30 4e 7a 6b 67 4d 53 34 32 4f 44 67 31 4e 44 6b 75 4e 6a 49 34 4e 44 63 35 49 44 49 75 4d 7a 4d 79 4e 7a 41 35 49 44 42 73 4e 6a 41 75 4e 44 49 34 4d 44 63 35 4c 54 55 34 4c 6a 6b 31 4e 7a 45 35 4d 6a 56 6a 4d 69 34 31 4e 7a 59 32 4e 43 30 79 4c 6a 55 78 4d 7a 6b 79 4d 7a 45 67 4e 69 34 Data Ascii: NTEzOTggNi43NTQxNDItMi41MTQwNzQzIDkuMzMwODQtLjAwMDIxMDMuMDAwMDM3LjAwMDAzNTQuMDAwMDcyLjAwMDA3MDkuMDAwMTA3LjAwMDEwNjNsNjAuNDI5MDU2IDU4Ljk1ODM1NDhjLjY0NDE1OS42Mjg0NzkgMS42ODg1NDkuNjI4NDc5IDIuMzMyNzA5IDBsNjAuNDI4MDc5LTU4Ljk1NzE5MjVjMi41NzY2NC0yLjUxMzkyMzEgNi4
2024-09-28 23:53:14 UTC	1369	IN	Data Raw: 5a 58 52 6a 61 43 41 31 4e 43 34 78 49 43 67 33 4e 6a 51 35 4d 43 6b 67 4c 53 42 6f 64 48 52 77 63 7a 6f 76 4c 33 4e 72 5a 58 52 6a 61 47 46 77 63 43 35 6a 62 32 30 67 4c 53 30 2b 43 69 41 67 49 43 41 38 64 47 6c 30 62 47 55 2b 51 32 39 70 62 6d 4a 68 63 32 55 67 56 32 46 73 62 47 56 30 49 46 4e 45 53 7a 77 76 64 47 6c 30 62 47 55 2b 43 69 41 67 49 43 41 38 5a 47 56 7a 59 7a 35 44 63 6d 56 68 64 47 56 6b 49 48 64 70 64 47 67 67 55 32 74 6c 64 47 4e 6f 4c 6a 77 76 5a 47 56 7a 59 7a 34 4b 49 43 41 67 49 44 78 6b 5a 57 5a 7a 50 67 6f 67 49 43 41 67 49 43 41 67 49 44 78 79 5a 57 4e 30 49 47 6c 6b 50 53 4a 77 59 58 52 6f 4c 54 45 69 49 48 67 39 49 6a 41 69 49 48 6b 39 49 6a 41 69 49 48 64 70 5a 48 52 6f 50 53 49 7a 4f 44 4d 69 49 47 68 6c 61 57 64 6f 64 44 30 Data Ascii: ZXRjaCA1NC4xICg3NjQ5MCkgLSBodHRwczovL3NrZXRjaGFwcC5jb20gLS0+CiAgICA8dGl0bGU+Q29pbmJhc2UgV2FsbGV0IFNESzwvdGl0bGU+CiAgICA8ZGVzYz5DcmVhdGVkIHdpdGggU2tldGNoLjwvZGVzYz4KICAgIDxkZWZzPgogICAgICAgIDxyZWN0IGlkPSJwYXRoLTEiIHg9IjAiIHk9IjAiIHdpZHRoPSIzODMiIGhlaWdodD0

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.6	49739	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:53:34 UTC	70	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 52 38 56 4e 46 56 56 70 5a 55 75 43 53 56 6c 48 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 30 61 31 33 62 35 37 32 35 34 36 39 31 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 304MS-CV: R8VNFVVpZUuCSVlH.1Context: d0a13b572546916
2024-09-28 23:53:34 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-09-28 23:53:34 UTC	1083	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 30 0d 0a 4d 53 2d 43 56 3a 20 52 38 56 4e 46 56 56 70 5a 55 75 43 53 56 6c 48 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 30 61 31 33 62 35 37 32 35 34 36 39 31 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 5a 5a 77 33 54 4d 6b 46 61 62 4c 47 71 7a 6f 71 53 6d 6c 4b 75 4e 79 4e 5a 6f 68 34 39 6f 50 37 53 73 70 42 6e 48 63 47 32 41 43 75 78 38 4d 32 73 69 72 79 37 67 43 4d 78 30 2f 6e 6c 30 39 4d 2b 57 66 35 39 36 47 31 6c 72 33 66 68 73 42 52 62 42 59 56 53 58 77 65 5a 6e 43 59 4e 65 30 63 4b 6f 43 45 45 46 69 4d 6d 6b 53 6d 48 51 Data Ascii: ATH 2 CON\DEVICE 1060MS-CV: R8VNFVVpZUuCSVlH.2Context: d0a13b572546916<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAZZw3TMkFabLGqzoqSmlKuNyNZoh49oP7SspBnHcG2ACux8M2siry7gCMx0/nl09M+Wf596G1lr3fhsBRbBYVSXweZnCYNe0cKoCEEFiMmkSmHQ
2024-09-28 23:53:34 UTC	217	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 52 38 56 4e 46 56 56 70 5a 55 75 43 53 56 6c 48 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 30 61 31 33 62 35 37 32 35 34 36 39 31 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 196MS-CV: R8VNFVVpZUuCSVlH.3Context: d0a13b572546916<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-09-28 23:53:35 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-09-28 23:53:35 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 66 39 4b 64 68 2f 71 35 53 30 4b 4f 2b 6f 79 64 68 49 57 59 56 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: f9Kdh/q5S0KO+oydhIWYVQ.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.6	49741	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:54:02 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 53 64 65 4f 50 42 41 56 2b 55 6d 47 52 75 4b 71 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 33 38 61 38 32 31 38 63 34 65 65 61 33 39 66 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: SdeOPBAV+UmGRuKq.1Context: 638a8218c4eea39f
2024-09-28 23:54:02 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-09-28 23:54:02 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 53 64 65 4f 50 42 41 56 2b 55 6d 47 52 75 4b 71 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 33 38 61 38 32 31 38 63 34 65 65 61 33 39 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 5a 5a 77 33 54 4d 6b 46 61 62 4c 47 71 7a 6f 71 53 6d 6c 4b 75 4e 79 4e 5a 6f 68 34 39 6f 50 37 53 73 70 42 6e 48 63 47 32 41 43 75 78 38 4d 32 73 69 72 79 37 67 43 4d 78 30 2f 6e 6c 30 39 4d 2b 57 66 35 39 36 47 31 6c 72 33 66 68 73 42 52 62 42 59 56 53 58 77 65 5a 6e 43 59 4e 65 30 63 4b 6f 43 45 45 46 69 4d 6d 6b 53 6d 48 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: SdeOPBAV+UmGRuKq.2Context: 638a8218c4eea39f<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAZZw3TMkFabLGqzoqSmlKuNyNZoh49oP7SspBnHcG2ACux8M2siry7gCMx0/nl09M+Wf596G1lr3fhsBRbBYVSXweZnCYNe0cKoCEEFiMmkSmH
2024-09-28 23:54:02 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 53 64 65 4f 50 42 41 56 2b 55 6d 47 52 75 4b 71 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 33 38 61 38 32 31 38 63 34 65 65 61 33 39 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: SdeOPBAV+UmGRuKq.3Context: 638a8218c4eea39f<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-09-28 23:54:03 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-09-28 23:54:03 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 67 78 78 77 55 71 62 6a 41 30 79 75 61 30 6f 56 4d 47 76 50 46 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: gxxwUqbjA0yua0oVMGvPFA.0Payload parsing failed.

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.6	49745	40.113.110.67	443

Timestamp	Bytes transferred	Direction	Data
2024-09-28 23:54:31 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 38 52 4a 30 55 38 5a 31 4d 30 75 36 64 5a 52 62 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 36 63 61 32 38 66 32 37 65 63 35 63 32 32 31 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 8RJ0U8Z1M0u6dZRb.1Context: 26ca28f27ec5c221
2024-09-28 23:54:31 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-09-28 23:54:31 UTC	1084	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 38 52 4a 30 55 38 5a 31 4d 30 75 36 64 5a 52 62 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 36 63 61 32 38 66 32 37 65 63 35 63 32 32 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 5a 5a 77 33 54 4d 6b 46 61 62 4c 47 71 7a 6f 71 53 6d 6c 4b 75 4e 79 4e 5a 6f 68 34 39 6f 50 37 53 73 70 42 6e 48 63 47 32 41 43 75 78 38 4d 32 73 69 72 79 37 67 43 4d 78 30 2f 6e 6c 30 39 4d 2b 57 66 35 39 36 47 31 6c 72 33 66 68 73 42 52 62 42 59 56 53 58 77 65 5a 6e 43 59 4e 65 30 63 4b 6f 43 45 45 46 69 4d 6d 6b 53 6d 48 Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: 8RJ0U8Z1M0u6dZRb.2Context: 26ca28f27ec5c221<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAZZw3TMkFabLGqzoqSmlKuNyNZoh49oP7SspBnHcG2ACux8M2siry7gCMx0/nl09M+Wf596G1lr3fhsBRbBYVSXweZnCYNe0cKoCEEFiMmkSmH
2024-09-28 23:54:31 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 38 52 4a 30 55 38 5a 31 4d 30 75 36 64 5a 52 62 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 36 63 61 32 38 66 32 37 65 63 35 63 32 32 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: 8RJ0U8Z1M0u6dZRb.3Context: 26ca28f27ec5c221<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-09-28 23:54:31 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-09-28 23:54:31 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 65 51 71 62 57 6f 5a 47 4f 30 32 42 6f 65 67 75 6b 67 68 51 4f 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: eQqbWoZGO02BoegukghQOQ.0Payload parsing failed.

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 5500, Parent PID: 380

General

Target ID:	0
Start time:	19:53:00
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4048, Parent PID: 5500

General

Target ID:	2
Start time:	19:53:04
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2016,i,558590195758230701,14587367230437400945,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5476, Parent PID: 380

General

Target ID:	3
Start time:	19:53:06
Start date:	28/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nonevertiseblock.pages.dev/"
Imagebase:	0x7ff684c40000
File size:	3'242'272 bytes
MD5 hash:	5BBFA6CBDF4C254EB368D534F9E23C92
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://nonevertiseblock.pages.dev/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 43

Chrome Cache Entry: 44

Chrome Cache Entry: 45

Chrome Cache Entry: 46

Chrome Cache Entry: 47

Chrome Cache Entry: 48

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5500, Parent PID: 380

General

Chronological Activities

Analysis Process: chrome.exePID: 4048, Parent PID: 5500

General

Chronological Activities

Windows Analysis Report
http://nonevertiseblock.pages.dev/