Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://cyber-rick-max.github.io/Instagram-mobile-app-clone

Overview

General Information

Sample URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone
Analysis ID:1521725
Tags:openphish
Infos:

Detection

HTMLPhisher
Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Yara detected HtmlPhish64
Phishing site detected (based on image similarity)
Phishing site detected (based on logo match)
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML title does not match URL

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3068 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 --field-trial-handle=2480,i,1797990003558239978,3991572395817339401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cyber-rick-max.github.io/Instagram-mobile-app-clone" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
0.0.pages.csvJoeSecurity_HtmlPhish_64Yara detected HtmlPhish_64Joe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Multi AV Scanner detection for domain / URL
    Source: cyber-rick-max.github.ioVirustotal: Detection: 10%Perma Link
    Multi AV Scanner detection for submitted file
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-cloneVirustotal: Detection: 9%Perma Link

    Phishing

    barindex
    AI detected phishing page
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/LLM: Score: 9 Reasons: The URL 'cyber-rick-max.github.io' does not match the legitimate domain 'facebook.com'., The URL is hosted on GitHub Pages, which is not a typical hosting platform for Facebook., The URL contains no direct reference to Facebook, which is suspicious., Phishing sites often use trusted platforms like GitHub Pages to appear legitimate., The input fields (Phone number, username or email, Password) are typical for phishing attempts targeting Facebook credentials. DOM: 0.0.pages.csv
    Yara detected HtmlPhish64
    Source: Yara matchFile source: 0.0.pages.csv, type: HTML
    Phishing site detected (based on image similarity)
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/Matcher: Found strong image similarity, brand: FACEBOOK
    Phishing site detected (based on logo match)
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/Matcher: Template: instagram matched
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/HTTP Parser: Number of links: 0
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/HTTP Parser: Title: Instagram does not match URL
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/HTTP Parser: <input type="password" .../> found
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/HTTP Parser: No <meta name="author".. found
    Source: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/HTTP Parser: No <meta name="copyright".. found
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49751 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:62081 version: TLS 1.2
    Source: global trafficTCP traffic: 192.168.2.4:51917 -> 1.1.1.1:53
    Source: global trafficTCP traffic: 192.168.2.4:62079 -> 1.1.1.1:53
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/ HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/style.css HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/icons/meta.svg HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/icons/meta.svg HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/icons/insta-logo.png HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
    Source: global trafficHTTP traffic detected: GET /Instagram-mobile-app-clone/icons/insta-logo.png HTTP/1.1Host: cyber-rick-max.github.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YuypsvFBsA86cBY&MD=sErAbDpF HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
    Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YuypsvFBsA86cBY&MD=sErAbDpF HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
    Source: global trafficDNS traffic detected: DNS query: cyber-rick-max.github.io
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: chromecache_110.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Grand
    Source: chromecache_115.2.drString found in binary or memory: https://fonts.gstatic.com/s/grandhotel/v19/7Au7p_IgjDKdCRWuR1azplQEGFw-0g.woff2)
    Source: chromecache_115.2.drString found in binary or memory: https://fonts.gstatic.com/s/grandhotel/v19/7Au7p_IgjDKdCRWuR1azplQKGFw.woff2)
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62081
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62083
    Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 62083 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 62081 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49751 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:62081 version: TLS 1.2
    Source: classification engineClassification label: mal80.phis.win@21/16@6/6
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 --field-trial-handle=2480,i,1797990003558239978,3991572395817339401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cyber-rick-max.github.io/Instagram-mobile-app-clone"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 --field-trial-handle=2480,i,1797990003558239978,3991572395817339401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
    Process Injection    		1
    Process Injection    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
    Non-Application Layer Protocol    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
    Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
    Ingress Tool Transfer    		Traffic DuplicationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://cyber-rick-max.github.io/Instagram-mobile-app-clone9%VirustotalBrowse

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    SourceDetectionScannerLabelLink
    cyber-rick-max.github.io10%VirustotalBrowse
    fp2e7a.wpc.phicdn.net0%VirustotalBrowse
    www.google.com0%VirustotalBrowse

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    cyber-rick-max.github.io
    		185.199.109.153
    		truetrueunknown
    www.google.com
    		142.250.185.132
    		truefalseunknown
    fp2e7a.wpc.phicdn.net
    		192.229.221.95
    		truefalseunknown

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    https://cyber-rick-max.github.io/Instagram-mobile-app-clone/true
      		unknown
      https://cyber-rick-max.github.io/Instagram-mobile-app-clone/icons/meta.svgtrue
        		unknown
        https://cyber-rick-max.github.io/Instagram-mobile-app-clone/icons/insta-logo.pngtrue
          		unknown
          https://cyber-rick-max.github.io/Instagram-mobile-app-clonetrue
            		unknown
            https://cyber-rick-max.github.io/Instagram-mobile-app-clone/style.csstrue
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              142.250.185.132
              		www.google.comUnited States
              		15169GOOGLEUSfalse
              185.199.109.153
              		cyber-rick-max.github.ioNetherlands
              		54113FASTLYUStrue
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse
              185.199.110.153
              		unknownNetherlands
              		54113FASTLYUSfalse

              Private

              IP
              192.168.2.4
              192.168.2.5

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1521725
              Start date and time:2024-09-29 02:45:41 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 3m 21s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:browseurl.jbs
              Sample URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:8
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:MAL
              Classification:mal80.phis.win@21/16@6/6
              EGA Information:Failed
              HCA Information:
              • Successful, ratio: 100%
              • Number of executed functions: 0
              • Number of non-executed functions: 0

              Warnings

              • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
              • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.185.238, 108.177.15.84, 34.104.35.123, 142.250.181.234, 142.250.186.131, 142.250.185.138, 172.217.16.202, 142.250.185.106, 142.250.185.74, 142.250.185.170, 142.250.185.202, 142.250.184.202, 142.250.184.234, 172.217.18.10, 216.58.206.74, 216.58.206.42, 142.250.185.234, 142.250.74.202, 142.250.186.42, 142.250.186.170, 93.184.221.240, 192.229.221.95, 13.95.31.18, 20.242.39.171, 20.3.187.198, 40.69.42.241, 13.85.23.206, 131.107.255.255
              • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, dns.msftncsi.com, clients2.google.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, wu-b-net.trafficmanager.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtSetInformationFile calls found.
              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

              Simulations

              Behavior and APIs

              No simulations

              LLM Input / Output

              InputOutput
              URL: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/ Model: jbxai
              {
"brand":["Facebook",
"Instagram"],
"contains_trigger_text":true,
"trigger_text":"Continue with Facebook",
"prominent_button_name":"Log in",
"text_input_field_labels":["Phone number,
 username,
 or email",
"Password"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
              URL: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/ Model: jbxai
              {
"phishing_score":9,
"brands":"Facebook",
"legit_domain":"facebook.com",
"classification":"wellknown",
"reasons":["The URL 'cyber-rick-max.github.io' does not match the legitimate domain 'facebook.com'.",
"The URL is hosted on GitHub Pages,
 which is not a typical hosting platform for Facebook.",
"The URL contains no direct reference to Facebook,
 which is suspicious.",
"Phishing sites often use trusted platforms like GitHub Pages to appear legitimate.",
"The input fields (Phone number,
 username or email,
 Password) are typical for phishing attempts targeting Facebook credentials."],
"brand_matches":[false],
"url_match":false,
"brand_input":"Facebook",
"input_fields":"Phone number,
 username,
 or email,
 Password"}

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASNs

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              Chrome Cache Entry: 107

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text, with very long lines (311), with CRLF line terminators
              Category:downloaded
              Size (bytes):3037
              Entropy (8bit):4.757785620270492
              Encrypted:false
              SSDEEP:48:tRYfzgRVqY5nxR6y57f7Y3AQ/WYBm9ZCZWq0nLnfnLK:qgR/8yCb/WwmaWY
              MD5:6F124D11E6EF0AF012B8DF362D5D2D63
              SHA1:72B74C14F1AE3DD0DE809F5DBDAE1458FE568D84
              SHA-256:5669F2A3F98171E69B71058D3A2F1D69DFC85033C2B8DCB80E6976436E6F2009
              SHA-512:05E2B7DAD7DEF545FA08721EF0C1A61CD74351A8DE37A7E90A69642758D90722C8AFFA1E9DE5D750F2826024AF1AECBE7BAC767EA485D09554179909A0B8F9AF
              Malicious:false
              Reputation:low
              URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone/
              Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <title>Instagram</title>.. <link rel="icon" href="icons/insta-logo.png" type="image/png">.. <link rel="stylesheet" href="style.css">..</head>..<body>.. <div class="dropdown">.. <select id="dropdown" name="dropdown">.. <option value="en">English</option>.. <option value="es">Spanish</option>.. <option value="fr">French</option>.. <option value="de">German</option>.. <option value="it">Italian</option>.. <option value="pt">Portuguese</option>.. <option value="ru">Russian</option>.. <option value="zh">Chinese</option>.. <option value="ja">Japanese</option>.. <option value="ko">Korean</option>.. <option value="ar">Arabic</option>.. <option value="hi">Hindi</option>.. <option value="bn

              Chrome Cache Entry: 108

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Web Open Font Format (Version 2), TrueType, length 19188, version 1.0
              Category:downloaded
              Size (bytes):19188
              Entropy (8bit):7.988349031070966
              Encrypted:false
              SSDEEP:384:MF48+7IfY/TC2oUQT3p72dIl48yRZnl5ELO3K5BrvjlgJCvwntfUp0jHnygO4:MFWIGnVQT3piY48yJXa7blgJUMUp+HnH
              MD5:EF3D10B55286C27A64EBC733AF8B56A3
              SHA1:5E9402E8F7159634A424716CB1B14E9663278E6A
              SHA-256:02D8C91B4E1BA7A92BFD5ABA8670E569A7187044B07B84F9449E047F6FA63104
              SHA-512:AE1F7318C92DE59D0E0F3A971B5891EEC9911D61581681D01A6DBFFEA289DDF02A28A2077CB3E88528C8B3A858E6503CEE77C9B854FB758011A38280877EF4C4
              Malicious:false
              Reputation:low
              URL:https://fonts.gstatic.com/s/grandhotel/v19/7Au7p_IgjDKdCRWuR1azplQKGFw.woff2
              Preview:wOF2......J........h..J...........................(..6.`..|....a.....T..*..6..6.$..h. ..J..k...l....l. .![.Q.....`.E."m/.O.R.0)......Ba-.6..E)N,..d.=(E.c...{{.>..O......)./...`....$w...-Y.HV....rlckjI.....P........}#..}..__?%.......a...2.....l*.D....PXr....\.29..I.H...YU.X.....o........jS7c+<.....w..W.u..I. ...&U.l.n..V.ilgBw.6..S.."._............CR........4.%.4)q..@......8.<.0.@.}nm......n.<......X.,..97#....eM.o..r....4..hL..[....)_..W..Ph...w.6\.+.Dc@..*..e..!..tzs... /. ]..=..r.!..]F.Bj.....e.*..K.}. {...h...C.~.A.u!.\^Q...o..-.mS..6.1:.!.m..,..:..vG#....K.x.5.~.J..-..2....(..<....!.....!.yt..C...Vf......".)............&.........HkF....(0..l:.).0.kOA.........*...,...y..q.OV.{..l......sO...k.O..\#lX.......&E.4..2.2W?..\q3E......qb...qN..V.....T.....2...!e..O.{..A...V.2."..h.q..d.4......*|.i6.u.vp......Dg....=....xra&;...v.y.c....&Kcf....g.rc...(^.o.xr*7.....!9p.n..r..u...B&...<...C....n.......gh..K..:............XL&p)m....A.1.9_..(.,.g..

              Chrome Cache Entry: 109

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SVG Scalable Vector Graphics image
              Category:dropped
              Size (bytes):2995
              Entropy (8bit):4.6811458265276995
              Encrypted:false
              SSDEEP:48:Q1uj1y3XYLKb/gUu1kXU2iHJWBDd3o/0app1WcvNSWHJWBDafWj5ZSZNMi6sViC:qXYLI/rswU7Qd00e/W6NSWQaIZcn3Z
              MD5:684A4F9A5EC198F810ADD148E96DDB71
              SHA1:D863CA7E9B588C0A83C8D12B0510029E95ECB6B3
              SHA-256:84A03758D2719BCC35B1CE97FF6E515219005BE584ACECFA6395816F14D8A1D6
              SHA-512:ECD36CCAB600D440FE504172B792A8D74F6E6129F4071086DE03AA9F5E817FCBFE662124069C1856F6B4D0809FD5264660A7A7549904DA540376B901AE89012F
              Malicious:false
              Reputation:low
              Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48" width="48px" height="48px"><path fill="#0081fb" d="M47,29.36l-2.193,1.663L42.62,29.5c0-0.16,0-0.33-0.01-0.5c0-0.16,0-0.33-0.01-0.5.c-0.14-3.94-1.14-8.16-3.14-11.25c-1.54-2.37-3.51-3.5-5.71-3.5c-2.31,0-4.19,1.38-6.27,4.38c-0.06,0.09-0.13,0.18-0.19,0.28.c-0.04,0.05-0.07,0.1-0.11,0.16c-0.1,0.15-0.2,0.3-0.3,0.46c-0.9,1.4-1.84,3.03-2.86,4.83c-0.09,0.17-0.19,0.34-0.28,0.51.c-0.03,0.04-0.06,0.09-0.08,0.13l-0.21,0.37l-1.24,2.19c-2.91,5.15-3.65,6.33-5.1,8.26C14.56,38.71,12.38,40,9.51,40.c-3.4,0-5.56-1.47-6.89-3.69C1.53,34.51,1,32.14,1,29.44l4.97,0.17c0,1.76,0.38,3.1,0.89,3.92C7.52,34.59,8.49,35,9.5,35.c1.29,0,2.49-0.27,4.77-3.43c1.83-2.53,3.99-6.07,5.44-8.3l1.37-2.09l0.29-0.46l0.3-0.45l0.5-0.77c0.76-1.16,1.58-2.39,2.46-3.57.c0.1-0.14,0.2-0.28,0.31-0.42c0.1-0.14,0.21-0.28,0.31-0.41c0.9-1.15,1.85-2.22,2.87-3.1c1.85-1.61,3.84-2.5,5.85-2.5.c3.37,0,6.58,1.95,9.04,5.61c2.51,3.74,3.82,8.4,3.97,13.25c0.01,0.16,0.01,0.33,0.01,0.5C47,29.03,47,2

              Chrome Cache Entry: 110

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with CRLF line terminators
              Category:downloaded
              Size (bytes):2566
              Entropy (8bit):4.851334017445672
              Encrypted:false
              SSDEEP:48:IG3IE0PEA+nF2Cdh/OVP0zClPwhXqh0dk8IqtrGTcCBRd1j:gE0PEAmhzo6V4wtyTcMPj
              MD5:BCC190A3663D91A090512DA6DE8293B7
              SHA1:595415B3F0DFDC13C4456B82BA83D235F1C9B284
              SHA-256:D7B8A325EDF0A0713878E61DA487708C5403CAF133E6E02BA07A1E5DBBB79E5D
              SHA-512:31155F367D358ED510A0DD090EB9FF4FC112AB856C00BA6BF103464604498234CDFC5ECB7ED581C6D6C890C75DB607F73B5788E1810AE74BA95444CBA00E921E
              Malicious:false
              Reputation:low
              URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone/style.css
              Preview:..@import url('https://fonts.googleapis.com/css2?family=Grand+Hotel&display=swap');..*{.. box-sizing: border-box;.. padding: 0;.. margin: 0;..}....body{.. width: 100%;.. height: 100vh;..}.....dropdown{.. margin: 15px;.. display: flex;.. justify-content: center;..}...dropdown #dropdown{.. border: none;.. color:rgb(104, 104, 104);..}...insta{.. font-family: "Grand hotel";.. font-size: 30px;.. display: flex;.. justify-content: center;..}.....login-fb{.. margin: 10% 15%;.. display: flex;.. justify-content: center;.. background-color: #0095F6;.. border-radius: 10px;.. height: 40px;.. gap: 5px;..}...login-fb button{.. border: none;.. background-color: transparent;.. color: white;..}...bi-bi-facebook{.. margin-top: 6.5px;..}...or{.. display: flex;.. justify-content: center;.. align-items: center;..}...or .or-dash{.. width: 70%;.. height: 1px;.. background-color: rgb(143, 142, 142);..}...or .or-text{..

              Chrome Cache Entry: 111

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SVG Scalable Vector Graphics image
              Category:downloaded
              Size (bytes):2995
              Entropy (8bit):4.6811458265276995
              Encrypted:false
              SSDEEP:48:Q1uj1y3XYLKb/gUu1kXU2iHJWBDd3o/0app1WcvNSWHJWBDafWj5ZSZNMi6sViC:qXYLI/rswU7Qd00e/W6NSWQaIZcn3Z
              MD5:684A4F9A5EC198F810ADD148E96DDB71
              SHA1:D863CA7E9B588C0A83C8D12B0510029E95ECB6B3
              SHA-256:84A03758D2719BCC35B1CE97FF6E515219005BE584ACECFA6395816F14D8A1D6
              SHA-512:ECD36CCAB600D440FE504172B792A8D74F6E6129F4071086DE03AA9F5E817FCBFE662124069C1856F6B4D0809FD5264660A7A7549904DA540376B901AE89012F
              Malicious:false
              Reputation:low
              URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone/icons/meta.svg
              Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48" width="48px" height="48px"><path fill="#0081fb" d="M47,29.36l-2.193,1.663L42.62,29.5c0-0.16,0-0.33-0.01-0.5c0-0.16,0-0.33-0.01-0.5.c-0.14-3.94-1.14-8.16-3.14-11.25c-1.54-2.37-3.51-3.5-5.71-3.5c-2.31,0-4.19,1.38-6.27,4.38c-0.06,0.09-0.13,0.18-0.19,0.28.c-0.04,0.05-0.07,0.1-0.11,0.16c-0.1,0.15-0.2,0.3-0.3,0.46c-0.9,1.4-1.84,3.03-2.86,4.83c-0.09,0.17-0.19,0.34-0.28,0.51.c-0.03,0.04-0.06,0.09-0.08,0.13l-0.21,0.37l-1.24,2.19c-2.91,5.15-3.65,6.33-5.1,8.26C14.56,38.71,12.38,40,9.51,40.c-3.4,0-5.56-1.47-6.89-3.69C1.53,34.51,1,32.14,1,29.44l4.97,0.17c0,1.76,0.38,3.1,0.89,3.92C7.52,34.59,8.49,35,9.5,35.c1.29,0,2.49-0.27,4.77-3.43c1.83-2.53,3.99-6.07,5.44-8.3l1.37-2.09l0.29-0.46l0.3-0.45l0.5-0.77c0.76-1.16,1.58-2.39,2.46-3.57.c0.1-0.14,0.2-0.28,0.31-0.42c0.1-0.14,0.21-0.28,0.31-0.41c0.9-1.15,1.85-2.22,2.87-3.1c1.85-1.61,3.84-2.5,5.85-2.5.c3.37,0,6.58,1.95,9.04,5.61c2.51,3.74,3.82,8.4,3.97,13.25c0.01,0.16,0.01,0.33,0.01,0.5C47,29.03,47,2

              Chrome Cache Entry: 112

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with no line terminators
              Category:downloaded
              Size (bytes):28
              Entropy (8bit):4.307354922057605
              Encrypted:false
              SSDEEP:3:WZoS90NY:WZoS1
              MD5:89592285E0864517933BB964B80F9554
              SHA1:36D0A6CFEC39CC590C76B50BA8755E939A20015B
              SHA-256:21A4BE381DA2E686004A408DBBA228E4B245B45F078686412287CD95E7D44523
              SHA-512:1596D0A52E0F149423AF1FE43B8D5B8C1088A2ADCFCA35DAD9304185E89354064970053DD4EB92C4CAA610F80FD610BCD8ECA21986AD2E8170BFCC5BEF129C0E
              Malicious:false
              Reputation:low
              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwli8TppaDdvzRIFDZFhlU4SBQ3Fk8Qk?alt=proto
              Preview:ChIKBw2RYZVOGgAKBw3Fk8QkGgA=

              Chrome Cache Entry: 113

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
              Category:downloaded
              Size (bytes):60380
              Entropy (8bit):7.93426476939069
              Encrypted:false
              SSDEEP:768:++Qpie2CvdBG6H4tigguQmVEIFHgI39GZfznEStaDSmy8pn3zJIaTZFnpeFW+G5G:ZWCCvTG8hmh2RaDVZDJIa7npeodHo5l
              MD5:5C570427EE23F69853D28AEC805EEE79
              SHA1:CAB97BBDC04925AA77ABAE6335ACA31DB3024FA4
              SHA-256:BD9D1254BC591F1AE799BA2893DA7AD5FBEEE4E96608907F94947DADEAA32279
              SHA-512:736F88F9413C6848FBD639383F96451E7627947290FA4E35E9F31E4A803E86F3B6BF9F894155479CD91A48E85F800651BBBE5C957CADEC8B9F02FF4A71D0E5E9
              Malicious:false
              Reputation:low
              URL:https://cyber-rick-max.github.io/Instagram-mobile-app-clone/icons/insta-logo.png
              Preview:.PNG........IHDR..............x......sBIT....|.d.....pHYs..........+......tEXtSoftware.www.inkscape.org..<... .IDATx..y.%Ey>.T.s.m.a.fa.d...m.}.E....6..(~c.......M...1...T.. &j......`.e........9.~..s....>.....L.y.y....z.....c.......w.t..T........8...l0b..`......s.!.0...0.c.....c.Ym.S...M...Z...a........%....\.>f.z.n......:./.~...-\..).>.g...U....un.x...a..[.0L.... ...o...Q.c@..J..........Tu.&......e..J.2\.....9.."/.J.....|.....c.@>.rd.|.....~<.........-...pV..9..`..9.....TM...C.... ..Z.:...`.\gk...&j.8.D.#.)....].xp5ci.>.D.2..z.Ws.&..7......M`...c..4...J!z:.O.y./"Gf......w.....)...Je..[.........l.1....%Q;....,....."h.2_.*..\..P.R...\...O.6......@..v...73".6....X.1..g..4..=.{....D4...c+r....h.F.=w1.*.TXa%.?.....r.s)j...C.I.6i...4...7..r.Q....0...q[+...L<......S...?#....T..)...n.E..........S)..=..K.#G...&._uT...}..T*G...9...8.....Z........Z.y.W..".,\'. p...0.5WV..E...-@.$...K......"...Hp...>......(s...E.m.......~...._s.S.2\[A.T....1v..Ee~r

              Chrome Cache Entry: 114

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
              Category:dropped
              Size (bytes):60380
              Entropy (8bit):7.93426476939069
              Encrypted:false
              SSDEEP:768:++Qpie2CvdBG6H4tigguQmVEIFHgI39GZfznEStaDSmy8pn3zJIaTZFnpeFW+G5G:ZWCCvTG8hmh2RaDVZDJIa7npeodHo5l
              MD5:5C570427EE23F69853D28AEC805EEE79
              SHA1:CAB97BBDC04925AA77ABAE6335ACA31DB3024FA4
              SHA-256:BD9D1254BC591F1AE799BA2893DA7AD5FBEEE4E96608907F94947DADEAA32279
              SHA-512:736F88F9413C6848FBD639383F96451E7627947290FA4E35E9F31E4A803E86F3B6BF9F894155479CD91A48E85F800651BBBE5C957CADEC8B9F02FF4A71D0E5E9
              Malicious:false
              Reputation:low
              Preview:.PNG........IHDR..............x......sBIT....|.d.....pHYs..........+......tEXtSoftware.www.inkscape.org..<... .IDATx..y.%Ey>.T.s.m.a.fa.d...m.}.E....6..(~c.......M...1...T.. &j......`.e........9.~..s....>.....L.y.y....z.....c.......w.t..T........8...l0b..`......s.!.0...0.c.....c.Ym.S...M...Z...a........%....\.>f.z.n......:./.~...-\..).>.g...U....un.x...a..[.0L.... ...o...Q.c@..J..........Tu.&......e..J.2\.....9.."/.J.....|.....c.@>.rd.|.....~<.........-...pV..9..`..9.....TM...C.... ..Z.:...`.\gk...&j.8.D.#.)....].xp5ci.>.D.2..z.Ws.&..7......M`...c..4...J!z:.O.y./"Gf......w.....)...Je..[.........l.1....%Q;....,....."h.2_.*..\..P.R...\...O.6......@..v...73".6....X.1..g..4..=.{....D4...c+r....h.F.=w1.*.TXa%.?.....r.s)j...C.I.6i...4...7..r.Q....0...q[+...L<......S...?#....T..)...n.E..........S)..=..K.#G...&._uT...}..T*G...9...8.....Z........Z.y.W..".,\'. p...0.5WV..E...-@.$...K......"...Hp...>......(s...E.m.......~...._s.S.2\[A.T....1v..Ee~r

              Chrome Cache Entry: 115

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:downloaded
              Size (bytes):806
              Entropy (8bit):5.374847524221001
              Encrypted:false
              SSDEEP:24:3dOY7a+X5LQfRVc+u/rdOY7a+X5LQ7kwy96DGSSf7:tOEa8LARVc+upOEa8LckN0oD
              MD5:9146D080B15DB2660536C97D9344EC10
              SHA1:92F7E1456253F0399ABE36FCF866A8E706021A6A
              SHA-256:8BB875798D95304F4EEBF531EF419B2D0407BA0FF61CB537C65C76E4BD1BAD31
              SHA-512:52DDE7693826F724EE6340083573C69CB0DA37532CC93EFBB2BCBC60B2B84CEFF9B9852B78478671B60C8BB76C7E607E0C1D28FEBB9C0C4EF225FE4CB73E3D1A
              Malicious:false
              Reputation:low
              URL:https://fonts.googleapis.com/css2?family=Grand+Hotel&display=swap
              Preview:/* latin-ext */.@font-face {. font-family: 'Grand Hotel';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/grandhotel/v19/7Au7p_IgjDKdCRWuR1azplQEGFw-0g.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Grand Hotel';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/grandhotel/v19/7Au7p_IgjDKdCRWuR1azplQKGFw.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}.

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Sep 29, 2024 02:46:26.539513111 CEST49675443192.168.2.4173.222.162.32
              Sep 29, 2024 02:46:36.149041891 CEST49675443192.168.2.4173.222.162.32
              Sep 29, 2024 02:46:37.904098034 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.904109001 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.904136896 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:37.904138088 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:37.904216051 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.904217958 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.904694080 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.904711008 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:37.905199051 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:37.905217886 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.371572971 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.371933937 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.371954918 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.372941017 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.373003960 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.374075890 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.374147892 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.374363899 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.374372005 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.393346071 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.393639088 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.393683910 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.395212889 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.395288944 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.395627975 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.395704985 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.445173025 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.445204020 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.482517958 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.482637882 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.483063936 CEST49736443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.483078957 CEST44349736185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.484786034 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.531419992 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.606664896 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.606739998 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.606777906 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.606848001 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.606853008 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.606904984 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.607721090 CEST49735443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.607748032 CEST44349735185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.622279882 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.622371912 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.622467041 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.622723103 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.622730970 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.622947931 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.622962952 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:38.622972965 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.623164892 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:38.623176098 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.141320944 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.141660929 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.141669035 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.141700983 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.141905069 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.141913891 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.142195940 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.142262936 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.142560959 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.142631054 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.142868996 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.142934084 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.143033028 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.143079042 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.183414936 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.187407970 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.272802114 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.272850037 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.272891998 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.272963047 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.272989988 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.273026943 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.275307894 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.275361061 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.275413990 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.275438070 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.275477886 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.275521994 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.279439926 CEST49737443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.279469013 CEST44349737185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.283864021 CEST49738443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:39.283879995 CEST44349738185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:39.301398993 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.301444054 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.301547050 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.301702023 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.301713943 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.775073051 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.778815985 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.778867006 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.779763937 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.779827118 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.783198118 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.783262014 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.783967018 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.783976078 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.838232994 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.899657011 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.899719954 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.899753094 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.899770021 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.899821997 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.899841070 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:39.899877071 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:39.899908066 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:40.345702887 CEST49742443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:40.345741034 CEST44349742185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:41.598671913 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:41.598690987 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:41.598934889 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:41.602240086 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:41.602251053 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:41.691304922 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:41.691365004 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:41.691436052 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:41.691652060 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:41.691672087 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:42.153325081 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.153369904 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.153631926 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.154030085 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.154047012 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.248615026 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:42.248716116 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:42.255974054 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:42.255983114 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:42.256362915 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:42.348404884 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:42.400643110 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:42.450155020 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:42.609795094 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.773008108 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.861886024 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:42.861932039 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:42.862476110 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.862495899 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.862951994 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.863091946 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:42.863106966 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:42.863152027 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:42.970714092 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.970844984 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:42.971836090 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:42.976289034 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:42.981347084 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:42.981436968 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:43.019404888 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.036319971 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.079408884 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.091182947 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091411114 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091444016 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091449976 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.091468096 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091504097 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.091511011 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091906071 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.091945887 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.091954947 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.092453003 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.092489958 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.092493057 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.092499971 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.092528105 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.096174955 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.106890917 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.106940985 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.106955051 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179080963 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179136038 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179137945 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.179145098 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179203033 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.179213047 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179255009 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179280043 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179287910 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.179295063 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179327965 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.179333925 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.179416895 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:43.179452896 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:43.180032015 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180073977 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.180078983 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180107117 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180140972 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180141926 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.180147886 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180202961 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180223942 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.180228949 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.180262089 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.180267096 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181020975 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181055069 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181061983 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.181066990 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181099892 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.181104898 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181139946 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181168079 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181180954 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.181188107 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.181222916 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.194366932 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.194469929 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.194510937 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.194519043 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.221879959 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.221931934 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.221983910 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.222047091 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.222059011 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.222069979 CEST49744443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.222075939 CEST44349744184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.261845112 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.262310982 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.262368917 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.262454987 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.262697935 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.262725115 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.266457081 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266566038 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266604900 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266613007 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266622066 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266658068 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266661882 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266668081 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266714096 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266720057 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266743898 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266784906 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266854048 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266870022 CEST44349748185.199.109.153192.168.2.4
              Sep 29, 2024 02:46:43.266881943 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.266918898 CEST49748443192.168.2.4185.199.109.153
              Sep 29, 2024 02:46:43.366939068 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:43.450119972 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.450170040 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.450227976 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.450901985 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.450913906 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.925379992 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.925611019 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.931082010 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.941982985 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.942025900 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.942477942 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.944809914 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.944839001 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.945147038 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:43.947432041 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:43.967077017 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.967427969 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:43.967458963 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:43.991445065 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:44.011425972 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066293955 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066405058 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066490889 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066534042 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.066576958 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066668034 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066714048 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.066723108 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066760063 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.066843033 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066945076 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.066967964 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.066977024 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.067491055 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.067497015 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.067528009 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.067786932 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.070944071 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.152847052 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.152988911 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.153042078 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153204918 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153325081 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153408051 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153455019 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.153465033 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153491974 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.153573990 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153662920 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153748989 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153791904 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.153800964 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.153832912 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.153924942 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154011011 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154057026 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.154063940 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154170036 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.154200077 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154359102 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154432058 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.154438972 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154777050 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154896021 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.154902935 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.154983997 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155062914 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155081987 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.155091047 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155304909 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.155343056 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155512094 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155594110 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155633926 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.155642986 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.155709982 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.203058004 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:44.203141928 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:44.203299999 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:44.204113960 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:44.204113960 CEST49749443192.168.2.4184.28.90.27
              Sep 29, 2024 02:46:44.204143047 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:44.204154968 CEST44349749184.28.90.27192.168.2.4
              Sep 29, 2024 02:46:44.215240955 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239428043 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239527941 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239614964 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239654064 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.239679098 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239712954 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.239769936 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.239866972 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.240036011 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.240045071 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.240181923 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:44.240221024 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.244383097 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.253149986 CEST49750443192.168.2.4185.199.110.153
              Sep 29, 2024 02:46:44.253173113 CEST44349750185.199.110.153192.168.2.4
              Sep 29, 2024 02:46:49.091540098 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:49.091578007 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:49.091717958 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:49.093435049 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:49.093445063 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:50.099896908 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:50.099997997 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:50.108967066 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:50.108990908 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:50.109267950 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:50.163263083 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:50.935689926 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:50.983402967 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192188025 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192209959 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192215919 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192282915 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192332029 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192354918 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.192361116 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192387104 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.192390919 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.192406893 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.192430973 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.192642927 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.193053961 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.193124056 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.193161964 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.193475962 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.859777927 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.859798908 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:51.859829903 CEST49751443192.168.2.44.175.87.197
              Sep 29, 2024 02:46:51.859837055 CEST443497514.175.87.197192.168.2.4
              Sep 29, 2024 02:46:52.306375027 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:52.306444883 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:52.306521893 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:52.994419098 CEST49745443192.168.2.4142.250.185.132
              Sep 29, 2024 02:46:52.994462013 CEST44349745142.250.185.132192.168.2.4
              Sep 29, 2024 02:46:54.561633110 CEST5191753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:54.566647053 CEST53519171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:54.566715002 CEST5191753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:54.566752911 CEST5191753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:54.571593046 CEST53519171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:55.007914066 CEST53519171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:55.009742975 CEST5191753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:55.015541077 CEST53519171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:55.015649080 CEST5191753192.168.2.41.1.1.1
              Sep 29, 2024 02:47:19.500027895 CEST6207953192.168.2.41.1.1.1
              Sep 29, 2024 02:47:19.504849911 CEST53620791.1.1.1192.168.2.4
              Sep 29, 2024 02:47:19.504918098 CEST6207953192.168.2.41.1.1.1
              Sep 29, 2024 02:47:19.504946947 CEST6207953192.168.2.41.1.1.1
              Sep 29, 2024 02:47:19.509789944 CEST53620791.1.1.1192.168.2.4
              Sep 29, 2024 02:47:19.974384069 CEST53620791.1.1.1192.168.2.4
              Sep 29, 2024 02:47:19.976710081 CEST6207953192.168.2.41.1.1.1
              Sep 29, 2024 02:47:19.981794119 CEST53620791.1.1.1192.168.2.4
              Sep 29, 2024 02:47:19.982003927 CEST6207953192.168.2.41.1.1.1
              Sep 29, 2024 02:47:31.262411118 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:31.262511015 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:31.262605906 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:31.263140917 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:31.263183117 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.061800957 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.061883926 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.066477060 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.066490889 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.066728115 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.075736046 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.119426966 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.396855116 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.396878958 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.396904945 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.396965981 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.396992922 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.397010088 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.397043943 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.397156954 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.397192955 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.397218943 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.397224903 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.397245884 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.397887945 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:32.397938967 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.403292894 CEST62081443192.168.2.44.175.87.197
              Sep 29, 2024 02:47:32.403310061 CEST443620814.175.87.197192.168.2.4
              Sep 29, 2024 02:47:40.869884014 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:40.869957924 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:40.870032072 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:40.870376110 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:40.870393038 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:41.725491047 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:41.725795031 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:41.725866079 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:41.726353884 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:41.726998091 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:41.727097034 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:41.772847891 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:51.455374956 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:51.455446005 CEST44362083142.250.185.132192.168.2.4
              Sep 29, 2024 02:47:51.455506086 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:52.993993998 CEST62083443192.168.2.4142.250.185.132
              Sep 29, 2024 02:47:52.994045019 CEST44362083142.250.185.132192.168.2.4

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Sep 29, 2024 02:46:36.741007090 CEST53492401.1.1.1192.168.2.4
              Sep 29, 2024 02:46:36.756561995 CEST53636911.1.1.1192.168.2.4
              Sep 29, 2024 02:46:37.894464016 CEST5041753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:37.894768953 CEST5247953192.168.2.41.1.1.1
              Sep 29, 2024 02:46:37.902724981 CEST53499771.1.1.1192.168.2.4
              Sep 29, 2024 02:46:37.903078079 CEST53504171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:37.903122902 CEST53524791.1.1.1192.168.2.4
              Sep 29, 2024 02:46:39.292015076 CEST6111753192.168.2.41.1.1.1
              Sep 29, 2024 02:46:39.292217970 CEST5142553192.168.2.41.1.1.1
              Sep 29, 2024 02:46:39.295118093 CEST53590341.1.1.1192.168.2.4
              Sep 29, 2024 02:46:39.300870895 CEST53611171.1.1.1192.168.2.4
              Sep 29, 2024 02:46:39.300908089 CEST53514251.1.1.1192.168.2.4
              Sep 29, 2024 02:46:41.077619076 CEST6144553192.168.2.41.1.1.1
              Sep 29, 2024 02:46:41.078090906 CEST5409453192.168.2.41.1.1.1
              Sep 29, 2024 02:46:41.084235907 CEST53614451.1.1.1192.168.2.4
              Sep 29, 2024 02:46:41.084469080 CEST53540941.1.1.1192.168.2.4
              Sep 29, 2024 02:46:41.794270992 CEST53633461.1.1.1192.168.2.4
              Sep 29, 2024 02:46:54.303565025 CEST138138192.168.2.4192.168.2.255
              Sep 29, 2024 02:46:54.560837984 CEST53598871.1.1.1192.168.2.4
              Sep 29, 2024 02:46:55.499245882 CEST53621721.1.1.1192.168.2.4
              Sep 29, 2024 02:47:14.453814983 CEST53586691.1.1.1192.168.2.4
              Sep 29, 2024 02:47:19.499533892 CEST53557501.1.1.1192.168.2.4
              Sep 29, 2024 02:47:36.239653111 CEST53633691.1.1.1192.168.2.4

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
              Sep 29, 2024 02:46:37.894464016 CEST192.168.2.41.1.1.10xe91eStandard query (0)cyber-rick-max.github.ioA (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:37.894768953 CEST192.168.2.41.1.1.10x216cStandard query (0)cyber-rick-max.github.io65IN (0x0001)false
              Sep 29, 2024 02:46:39.292015076 CEST192.168.2.41.1.1.10x9f7fStandard query (0)cyber-rick-max.github.ioA (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:39.292217970 CEST192.168.2.41.1.1.10xfc95Standard query (0)cyber-rick-max.github.io65IN (0x0001)false
              Sep 29, 2024 02:46:41.077619076 CEST192.168.2.41.1.1.10xf48bStandard query (0)www.google.comA (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:41.078090906 CEST192.168.2.41.1.1.10x5f70Standard query (0)www.google.com65IN (0x0001)false

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
              Sep 29, 2024 02:46:37.903078079 CEST1.1.1.1192.168.2.40xe91eNo error (0)cyber-rick-max.github.io185.199.109.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:37.903078079 CEST1.1.1.1192.168.2.40xe91eNo error (0)cyber-rick-max.github.io185.199.110.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:37.903078079 CEST1.1.1.1192.168.2.40xe91eNo error (0)cyber-rick-max.github.io185.199.108.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:37.903078079 CEST1.1.1.1192.168.2.40xe91eNo error (0)cyber-rick-max.github.io185.199.111.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:39.300870895 CEST1.1.1.1192.168.2.40x9f7fNo error (0)cyber-rick-max.github.io185.199.110.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:39.300870895 CEST1.1.1.1192.168.2.40x9f7fNo error (0)cyber-rick-max.github.io185.199.109.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:39.300870895 CEST1.1.1.1192.168.2.40x9f7fNo error (0)cyber-rick-max.github.io185.199.108.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:39.300870895 CEST1.1.1.1192.168.2.40x9f7fNo error (0)cyber-rick-max.github.io185.199.111.153A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:41.084235907 CEST1.1.1.1192.168.2.40xf48bNo error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
              Sep 29, 2024 02:46:41.084469080 CEST1.1.1.1192.168.2.40x5f70No error (0)www.google.com65IN (0x0001)false
              Sep 29, 2024 02:46:52.326349974 CEST1.1.1.1192.168.2.40xebb4No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
              Sep 29, 2024 02:46:52.326349974 CEST1.1.1.1192.168.2.40xebb4No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

              HTTP Request Dependency Graph

              • cyber-rick-max.github.io
              • https:
              • fs.microsoft.com
              • slscr.update.microsoft.com

              HTTPS Proxied Packets

              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              0192.168.2.449736185.199.109.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:38 UTC693OUTGET /Instagram-mobile-app-clone HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:38 UTC592INHTTP/1.1 301 Moved Permanently
              Connection: close
              Content-Length: 162
              Server: GitHub.com
              Content-Type: text/html
              permissions-policy: interest-cohort=()
              x-origin-cache: HIT
              Location: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/
              X-GitHub-Request-Id: FAF3:139701:263E505:2A5D3B1:66F8A36D
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:38 GMT
              Via: 1.1 varnish
              X-Served-By: cache-nyc-kteb1890070-NYC
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570798.426210,VS0,VE11
              Vary: Accept-Encoding
              X-Fastly-Request-ID: d83c95193fc46573dc66b07bcdcb8c167bb3dc98
              2024-09-29 00:46:38 UTC162INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
              Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              1192.168.2.449735185.199.109.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:38 UTC694OUTGET /Instagram-mobile-app-clone/ HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:38 UTC734INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 3037
              Server: GitHub.com
              Content-Type: text/html; charset=utf-8
              permissions-policy: interest-cohort=()
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-bdd"
              expires: Sun, 29 Sep 2024 00:56:38 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: 7DBF:295654:23C6A61:27E5B34:66F8A36E
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:38 GMT
              Via: 1.1 varnish
              X-Served-By: cache-nyc-kteb1890092-NYC
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570799.535197,VS0,VE17
              Vary: Accept-Encoding
              X-Fastly-Request-ID: a58445b66fa6761d0f9185aa90047f554178ff55
              2024-09-29 00:46:38 UTC1378INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 49 6e 73 74 61 67 72 61 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 69 63 6f 6e 73 2f 69 6e 73 74 61 2d 6c 6f 67 6f 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20
              Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Instagram</title> <link rel="icon" href="icons/insta-logo.png" type="image/png"> <link
              2024-09-29 00:46:38 UTC1378INData Raw: 6c 61 73 73 3d 22 62 69 2d 62 69 2d 66 61 63 65 62 6f 6f 6b 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 36 20 38 2e 30 34 39 63 30 2d 34 2e 34 34 36 2d 33 2e 35 38 32 2d 38 2e 30 35 2d 38 2d 38 2e 30 35 43 33 2e 35 38 20 30 2d 2e 30 30 32 20 33 2e 36 30 33 2d 2e 30 30 32 20 38 2e 30 35 63 30 20 34 2e 30 31 37 20 32 2e 39 32 36 20 37 2e 33 34 37 20 36 2e 37 35 20 37 2e 39 35 31 76 2d 35 2e 36 32 35 68 2d 32 2e 30 33 56 38 2e 30 35 48 36 2e 37 35 56 36 2e 32 37 35 63 30 2d 32 2e 30 31 37 20 31 2e 31 39 35 2d 33 2e 31 33 31 20 33 2e 30 32 32 2d 33 2e 31 33 31 2e 38 37 36 20 30 20 31 2e 37 39 31 2e 31 35 37 20 31 2e 37 39 31 2e 31 35 37 76 31 2e 39 38 68 2d 31 2e
              Data Ascii: lass="bi-bi-facebook" viewBox="0 0 16 16"> <path d="M16 8.049c0-4.446-3.582-8.05-8-8.05C3.58 0-.002 3.603-.002 8.05c0 4.017 2.926 7.347 6.75 7.951v-5.625h-2.03V8.05H6.75V6.275c0-2.017 1.195-3.131 3.022-3.131.876 0 1.791.157 1.791.157v1.98h-1.
              2024-09-29 00:46:38 UTC281INData Raw: 77 70 61 73 73 28 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 61 73 73 3d 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 70 61 73 73 2e 74 79 70 65 20 3d 3d 3d 20 22 70 61 73 73 77 6f 72 64 22 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 73 73 2e 74 79 70 65 20 3d 20 22 74 65 78 74 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 73 65 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 73 73 2e 74 79 70 65 20 3d 20 22 70 61 73 73 77 6f 72 64 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73
              Data Ascii: wpass(){ var pass= document.getElementById("pass"); if(pass.type === "password"){ pass.type = "text"; } else{ pass.type = "password"; } } </s


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              2192.168.2.449738185.199.109.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:39 UTC610OUTGET /Instagram-mobile-app-clone/style.css HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              sec-ch-ua-platform: "Windows"
              Accept: text/css,*/*;q=0.1
              Sec-Fetch-Site: same-origin
              Sec-Fetch-Mode: no-cors
              Sec-Fetch-Dest: style
              Referer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:39 UTC753INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 2566
              Server: GitHub.com
              Content-Type: text/css; charset=utf-8
              permissions-policy: interest-cohort=()
              x-origin-cache: HIT
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-a06"
              expires: Sun, 29 Sep 2024 00:56:39 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: 73E3:DF2FB:262FD9F:2A4EFF4:66F8A36F
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:39 GMT
              Via: 1.1 varnish
              X-Served-By: cache-ewr-kewr1740029-EWR
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570799.195866,VS0,VE33
              Vary: Accept-Encoding
              X-Fastly-Request-ID: a86cb70dc90ca93d392ea2197fa436813ee6c165
              2024-09-29 00:46:39 UTC1378INData Raw: 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 47 72 61 6e 64 2b 48 6f 74 65 6c 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0d 0a 2a 7b 0d 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 7d 0d 0a 0d 0a 62 6f 64 79 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 76 68 3b 0d 0a 7d 0d 0a 0d 0a 2e 64 72 6f 70 64 6f 77 6e 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 35 70 78 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b
              Data Ascii: @import url('https://fonts.googleapis.com/css2?family=Grand+Hotel&display=swap');*{ box-sizing: border-box; padding: 0; margin: 0;}body{ width: 100%; height: 100vh;}.dropdown{ margin: 15px; display: flex;
              2024-09-29 00:46:39 UTC1188INData Raw: 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 20 72 67 62 28 32 30 34 2c 20 32 30 34 2c 20 32 30 34 29 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0d 0a 7d 0d 0a 2e 70 61 73 73 77 6f 72 64 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0d 0a 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0d 0a 7d 0d 0a 2e 69 6e 70 75 74 20 2e 70 61 73 73 77 6f 72 64 20 70 7b 0d 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 20 20 20 20 72 69 67 68 74 3a 20 31 37 25 3b 0d 0a 7d 0d 0a 0d 0a 2e 69 6e 70 75 74 20 2e 66 6f 72 67 6f 74 2d 70 61 73 73 7b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 3b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 32 39 30 70 78 3b 0d 0a 20 20 20
              Data Ascii: r: 1px solid rgb(204, 204, 204); padding: 0 10px;}.password{ display: flex; align-items: center;}.input .password p{ position: absolute; right: 17%;}.input .forgot-pass{ padding: 10px 0; width: 290px;


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              3192.168.2.449737185.199.109.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:39 UTC661OUTGET /Instagram-mobile-app-clone/icons/meta.svg HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              sec-ch-ua-platform: "Windows"
              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
              Sec-Fetch-Site: same-origin
              Sec-Fetch-Mode: no-cors
              Sec-Fetch-Dest: image
              Referer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:39 UTC723INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 2995
              Server: GitHub.com
              Content-Type: image/svg+xml
              permissions-policy: interest-cohort=()
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-bb3"
              expires: Sun, 29 Sep 2024 00:56:39 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: 8109:2A290C:2533FF3:29530B3:66F8A36E
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:39 GMT
              Via: 1.1 varnish
              X-Served-By: cache-ewr-kewr1740071-EWR
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570799.195605,VS0,VE30
              Vary: Accept-Encoding
              X-Fastly-Request-ID: ba59c6f8dfb5d988788e469063e215148133f46e
              2024-09-29 00:46:39 UTC1378INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 20 77 69 64 74 68 3d 22 34 38 70 78 22 20 68 65 69 67 68 74 3d 22 34 38 70 78 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 30 38 31 66 62 22 20 64 3d 22 4d 34 37 2c 32 39 2e 33 36 6c 2d 32 2e 31 39 33 2c 31 2e 36 36 33 4c 34 32 2e 36 32 2c 32 39 2e 35 63 30 2d 30 2e 31 36 2c 30 2d 30 2e 33 33 2d 30 2e 30 31 2d 30 2e 35 63 30 2d 30 2e 31 36 2c 30 2d 30 2e 33 33 2d 30 2e 30 31 2d 30 2e 35 09 63 2d 30 2e 31 34 2d 33 2e 39 34 2d 31 2e 31 34 2d 38 2e 31 36 2d 33 2e 31 34 2d 31 31 2e 32 35 63 2d 31 2e 35 34 2d 32 2e 33 37 2d 33 2e 35 31 2d 33 2e 35 2d 35 2e 37 31 2d 33 2e 35 63 2d
              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48" width="48px" height="48px"><path fill="#0081fb" d="M47,29.36l-2.193,1.663L42.62,29.5c0-0.16,0-0.33-0.01-0.5c0-0.16,0-0.33-0.01-0.5c-0.14-3.94-1.14-8.16-3.14-11.25c-1.54-2.37-3.51-3.5-5.71-3.5c-
              2024-09-29 00:46:39 UTC1378INData Raw: 32 2c 35 2e 33 34 36 2c 38 2e 34 31 39 2c 31 30 2e 38 32 38 6c 31 2e 31 38 32 2c 31 2e 39 36 37 09 63 32 2e 38 35 34 2c 34 2e 37 34 36 2c 34 2e 34 37 37 2c 37 2e 31 38 37 2c 35 2e 34 32 38 2c 38 2e 33 33 39 43 33 37 2e 31 32 35 2c 33 34 2e 36 30 36 2c 33 37 2e 38 38 38 2c 33 35 2c 33 39 2c 33 35 63 32 2e 38 32 2c 30 2c 33 2e 36 31 37 2d 32 2e 35 34 2c 33 2e 36 31 37 2d 35 2e 35 30 31 4c 34 37 2c 32 39 2e 33 36 32 09 63 30 2c 33 2e 30 39 35 2d 30 2e 36 31 31 2c 35 2e 33 36 39 2d 31 2e 36 35 31 2c 37 2e 31 36 35 43 34 34 2e 33 34 35 2c 33 38 2e 32 36 34 2c 34 32 2e 33 38 37 2c 34 30 2c 33 39 2e 30 39 33 2c 34 30 63 2d 32 2e 30 34 38 2c 30 2d 33 2e 38 36 32 2d 30 2e 34 34 34 2d 35 2e 38 36 38 2d 32 2e 33 33 33 09 63 2d 31 2e 35 34 32 2d 31 2e 34 35 2d 33 2e
              Data Ascii: 2,5.346,8.419,10.828l1.182,1.967c2.854,4.746,4.477,7.187,5.428,8.339C37.125,34.606,37.888,35,39,35c2.82,0,3.617-2.54,3.617-5.501L47,29.362c0,3.095-0.611,5.369-1.651,7.165C44.345,38.264,42.387,40,39.093,40c-2.048,0-3.862-0.444-5.868-2.333c-1.542-1.45-3.
              2024-09-29 00:46:39 UTC239INData Raw: 34 2c 32 2e 33 37 2c 33 2e 36 35 63 30 2e 30 39 2d 30 2e 31 37 2c 30 2e 31 39 2d 30 2e 33 34 2c 30 2e 32 38 2d 30 2e 35 31 43 32 33 2e 31 39 2c 32 32 2e 35 2c 32 32 2e 33 39 2c 32 31 2e 32 39 2c 32 31 2e 36 37 2c 32 30 2e 32 37 20 7a 20 4d 32 34 2e 36 33 2c 31 35 2e 39 33 63 30 2e 37 33 2c 30 2e 39 31 2c 31 2e 34 37 2c 31 2e 39 34 2c 32 2e 32 35 2c 33 2e 31 63 30 2e 31 2d 30 2e 31 36 2c 30 2e 32 2d 30 2e 33 31 2c 30 2e 33 2d 30 2e 34 36 63 2d 30 2e 37 37 2d 31 2e 31 34 2d 31 2e 35 32 2d 32 2e 31 36 2d 32 2e 32 34 2d 33 2e 30 36 20 43 32 34 2e 38 33 2c 31 35 2e 36 35 2c 32 34 2e 37 33 2c 31 35 2e 37 39 2c 32 34 2e 36 33 2c 31 35 2e 39 33 7a 22 20 6f 70 61 63 69 74 79 3d 22 2e 30 37 22 2f 3e 3c 2f 73 76 67 3e
              Data Ascii: 4,2.37,3.65c0.09-0.17,0.19-0.34,0.28-0.51C23.19,22.5,22.39,21.29,21.67,20.27 z M24.63,15.93c0.73,0.91,1.47,1.94,2.25,3.1c0.1-0.16,0.2-0.31,0.3-0.46c-0.77-1.14-1.52-2.16-2.24-3.06 C24.83,15.65,24.73,15.79,24.63,15.93z" opacity=".07"/></svg>


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              4192.168.2.449742185.199.110.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:39 UTC389OUTGET /Instagram-mobile-app-clone/icons/meta.svg HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: */*
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: cors
              Sec-Fetch-Dest: empty
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:39 UTC721INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 2995
              Server: GitHub.com
              Content-Type: image/svg+xml
              permissions-policy: interest-cohort=()
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-bb3"
              expires: Sun, 29 Sep 2024 00:56:39 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: 5306:8089:284045D:2C5F553:66F8A368
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:39 GMT
              Via: 1.1 varnish
              X-Served-By: cache-nyc-kteb1890046-NYC
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570800.834546,VS0,VE17
              Vary: Accept-Encoding
              X-Fastly-Request-ID: 4aa97a2482987072054713f5f7545321fac7067b
              2024-09-29 00:46:39 UTC1378INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 20 77 69 64 74 68 3d 22 34 38 70 78 22 20 68 65 69 67 68 74 3d 22 34 38 70 78 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 30 38 31 66 62 22 20 64 3d 22 4d 34 37 2c 32 39 2e 33 36 6c 2d 32 2e 31 39 33 2c 31 2e 36 36 33 4c 34 32 2e 36 32 2c 32 39 2e 35 63 30 2d 30 2e 31 36 2c 30 2d 30 2e 33 33 2d 30 2e 30 31 2d 30 2e 35 63 30 2d 30 2e 31 36 2c 30 2d 30 2e 33 33 2d 30 2e 30 31 2d 30 2e 35 09 63 2d 30 2e 31 34 2d 33 2e 39 34 2d 31 2e 31 34 2d 38 2e 31 36 2d 33 2e 31 34 2d 31 31 2e 32 35 63 2d 31 2e 35 34 2d 32 2e 33 37 2d 33 2e 35 31 2d 33 2e 35 2d 35 2e 37 31 2d 33 2e 35 63 2d
              Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48" width="48px" height="48px"><path fill="#0081fb" d="M47,29.36l-2.193,1.663L42.62,29.5c0-0.16,0-0.33-0.01-0.5c0-0.16,0-0.33-0.01-0.5c-0.14-3.94-1.14-8.16-3.14-11.25c-1.54-2.37-3.51-3.5-5.71-3.5c-
              2024-09-29 00:46:39 UTC1378INData Raw: 32 2c 35 2e 33 34 36 2c 38 2e 34 31 39 2c 31 30 2e 38 32 38 6c 31 2e 31 38 32 2c 31 2e 39 36 37 09 63 32 2e 38 35 34 2c 34 2e 37 34 36 2c 34 2e 34 37 37 2c 37 2e 31 38 37 2c 35 2e 34 32 38 2c 38 2e 33 33 39 43 33 37 2e 31 32 35 2c 33 34 2e 36 30 36 2c 33 37 2e 38 38 38 2c 33 35 2c 33 39 2c 33 35 63 32 2e 38 32 2c 30 2c 33 2e 36 31 37 2d 32 2e 35 34 2c 33 2e 36 31 37 2d 35 2e 35 30 31 4c 34 37 2c 32 39 2e 33 36 32 09 63 30 2c 33 2e 30 39 35 2d 30 2e 36 31 31 2c 35 2e 33 36 39 2d 31 2e 36 35 31 2c 37 2e 31 36 35 43 34 34 2e 33 34 35 2c 33 38 2e 32 36 34 2c 34 32 2e 33 38 37 2c 34 30 2c 33 39 2e 30 39 33 2c 34 30 63 2d 32 2e 30 34 38 2c 30 2d 33 2e 38 36 32 2d 30 2e 34 34 34 2d 35 2e 38 36 38 2d 32 2e 33 33 33 09 63 2d 31 2e 35 34 32 2d 31 2e 34 35 2d 33 2e
              Data Ascii: 2,5.346,8.419,10.828l1.182,1.967c2.854,4.746,4.477,7.187,5.428,8.339C37.125,34.606,37.888,35,39,35c2.82,0,3.617-2.54,3.617-5.501L47,29.362c0,3.095-0.611,5.369-1.651,7.165C44.345,38.264,42.387,40,39.093,40c-2.048,0-3.862-0.444-5.868-2.333c-1.542-1.45-3.
              2024-09-29 00:46:39 UTC239INData Raw: 34 2c 32 2e 33 37 2c 33 2e 36 35 63 30 2e 30 39 2d 30 2e 31 37 2c 30 2e 31 39 2d 30 2e 33 34 2c 30 2e 32 38 2d 30 2e 35 31 43 32 33 2e 31 39 2c 32 32 2e 35 2c 32 32 2e 33 39 2c 32 31 2e 32 39 2c 32 31 2e 36 37 2c 32 30 2e 32 37 20 7a 20 4d 32 34 2e 36 33 2c 31 35 2e 39 33 63 30 2e 37 33 2c 30 2e 39 31 2c 31 2e 34 37 2c 31 2e 39 34 2c 32 2e 32 35 2c 33 2e 31 63 30 2e 31 2d 30 2e 31 36 2c 30 2e 32 2d 30 2e 33 31 2c 30 2e 33 2d 30 2e 34 36 63 2d 30 2e 37 37 2d 31 2e 31 34 2d 31 2e 35 32 2d 32 2e 31 36 2d 32 2e 32 34 2d 33 2e 30 36 20 43 32 34 2e 38 33 2c 31 35 2e 36 35 2c 32 34 2e 37 33 2c 31 35 2e 37 39 2c 32 34 2e 36 33 2c 31 35 2e 39 33 7a 22 20 6f 70 61 63 69 74 79 3d 22 2e 30 37 22 2f 3e 3c 2f 73 76 67 3e
              Data Ascii: 4,2.37,3.65c0.09-0.17,0.19-0.34,0.28-0.51C23.19,22.5,22.39,21.29,21.67,20.27 z M24.63,15.93c0.73,0.91,1.47,1.94,2.25,3.1c0.1-0.16,0.2-0.31,0.3-0.46c-0.77-1.14-1.52-2.16-2.24-3.06 C24.83,15.65,24.73,15.79,24.63,15.93z" opacity=".07"/></svg>


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              5192.168.2.449748185.199.109.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:42 UTC667OUTGET /Instagram-mobile-app-clone/icons/insta-logo.png HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              sec-ch-ua-platform: "Windows"
              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
              Sec-Fetch-Site: same-origin
              Sec-Fetch-Mode: no-cors
              Sec-Fetch-Dest: image
              Referer: https://cyber-rick-max.github.io/Instagram-mobile-app-clone/
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:43 UTC742INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 60380
              Server: GitHub.com
              Content-Type: image/png
              permissions-policy: interest-cohort=()
              x-origin-cache: HIT
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-ebdc"
              expires: Sun, 29 Sep 2024 00:56:43 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: D8ED:394571:2876096:2C95342:66F8A372
              Accept-Ranges: bytes
              Age: 0
              Date: Sun, 29 Sep 2024 00:46:43 GMT
              Via: 1.1 varnish
              X-Served-By: cache-ewr-kewr1740056-EWR
              X-Cache: MISS
              X-Cache-Hits: 0
              X-Timer: S1727570803.023348,VS0,VE24
              Vary: Accept-Encoding
              X-Fastly-Request-ID: a57b822fbb2c9c4fca6f5132b428c17a7ae5fe01
              2024-09-29 00:46:43 UTC1378INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 06 00 00 00 f4 78 d4 fa 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 77 77 77 2e 69 6e 6b 73 63 61 70 65 2e 6f 72 67 9b ee 3c 1a 00 00 20 00 49 44 41 54 78 9c ec bd 79 bc 25 45 79 3e fe 54 9f 73 f7 6d f6 61 18 66 61 06 64 99 01 94 6d 86 7d 86 45 04 01 15 18 36 0d 8a 28 7e 63 d0 e8 d7 dd 18 c4 f8 4d dc 92 a8 89 31 9a c4 fc 54 92 a8 20 26 6a 12 8c 0b 8a 82 ec 60 d8 65 87 19 b6 d9 e7 de 99 b9 db 39 a7 7e 7f 9c 73 cf a9 ae ae e5 ad aa 3e e7 f4 9d e9 e7 a3 4c d5 79 eb 79 fb ad ae ee 7a 9f ee db d5 cd 90 63 8f 04 7f ed 1f f4 8d 15 77 cd a9 74 16 e6 54 ca 18 e2 e0 03 11 8b
              Data Ascii: PNGIHDRxsBIT|dpHYs+tEXtSoftwarewww.inkscape.org< IDATxy%Ey>Tsmafadm}E6(~cM1T &j`e9~s>LyyzcwtT
              2024-09-29 00:46:43 UTC1378INData Raw: ad e1 2e 40 dd ad 95 6b db 76 f2 44 f4 17 01 69 0a 08 99 9f 2f 0f 4c 57 04 18 b8 96 44 ae 15 10 f5 44 9e a6 08 b0 70 db b6 3c d0 e0 5b c7 25 27 f2 14 05 84 a7 08 48 61 79 a0 85 ab b0 fb 8a 80 46 1f 5f e6 c0 bf b2 28 fa e6 31 bf bd e4 21 e4 50 22 17 00 0a f0 f3 ce 1b 28 17 76 bf 89 23 7a 33 18 4e 03 50 a8 5a 5c 12 b9 cb 89 28 73 35 76 c3 89 68 e4 5a 96 07 d6 43 72 e6 1a b6 9d 82 08 08 59 1e d8 3e 11 90 e6 ca 80 b8 3d bb cb 03 65 7f 74 11 a0 9d e0 7d 05 44 fe 8e 00 ed b6 83 b8 be 22 80 70 47 47 7b 17 c1 97 cb 65 3b bb 0f c0 b7 3a ba c7 be fd 9a 5f 5d b1 1d 39 ea c8 05 40 0d fc da 6b a3 f2 03 b7 9e 05 b0 b7 00 78 03 07 6a 2f d2 31 24 07 8d a2 6e 8e 08 b0 9f 88 74 11 90 a6 80 90 f9 c9 13 d1 59 04 90 ee 02 d8 b8 84 2b 6a d1 e4 2b 02 3c c4 5c be 3c 50 e6 ca b1
              Data Ascii: .@kvDi/LWDDp<[%'HayF_(1!P"(v#z3NPZ\(s5vhZCrY>=et}D"pGG{e;:_]9@kxj/1$ntY+j+<\<P
              2024-09-29 00:46:43 UTC1378INData Raw: 76 ae b1 ce 54 fb 52 8a 4b c5 65 f6 f9 34 6e 0f e1 0a 63 c9 f9 39 3c 2a 3c 70 c7 aa 1b ae 50 86 3d 8d a0 9f b7 33 0e be ee b8 1e b0 8e cf 82 e3 bd 8d 1f e5 56 0a 15 c7 0d 36 13 d7 f7 e9 7e 0d d7 b6 6d 5e 6f e0 c1 35 5c 01 c6 e3 0e e1 4a f6 fc 13 c2 09 6e cc b7 62 2c 5b b7 3c 30 6e 0f 59 19 90 e4 c7 c7 31 bb ef 08 70 19 47 99 2b f9 e6 b2 9d c8 55 8c a5 a9 cf 75 9b 76 1c 65 6e a3 ae 9e 7b 68 5c 00 2d 5e 1e 58 ab fb 72 9b fc 8e 00 a5 bd 31 67 fd 80 f1 e2 55 ab ee 3a 7f 0b a6 21 a6 a5 00 e0 97 9e b0 02 e5 c2 77 01 ac ac fe 20 1a e5 d6 ad 12 01 69 0a 08 c1 9e ba 08 48 53 40 48 f6 cc 2e 0f 4c 51 04 24 c6 23 cd e5 81 1a df a9 88 00 47 6e ab 97 07 86 70 b5 22 80 2e e6 ec 02 42 b2 ef e1 9f 10 56 cf 3d c4 fd e5 95 c8 03 05 44 ab 96 07 aa b9 af 70 f0 b7 af be f3 e2
              Data Ascii: vTRKe4nc9<*<pP=3V6~m^o5\Jnb,[<0nY1pG+Uuven{h\-^Xr1gU:!w iHS@H.LQ$#Gnp".BV=Dp
              2024-09-29 00:46:43 UTC1378INData Raw: b6 13 d1 55 04 c0 7f 65 80 d1 6e db 3f 9e 0f 0d b2 d0 b8 e4 09 9e c0 35 0a 1d 43 a2 56 3c 64 45 8f 4b b6 13 b9 64 11 20 f9 4a 4d 04 38 70 49 22 40 61 23 88 80 d4 05 84 55 04 88 9b d0 9f cf 4e 02 c2 8b 6b 3b 5e 0d 5c c3 03 9e 56 01 e1 cc ad cd 5b 16 61 6e eb b3 a9 ae be b6 91 85 60 a8 08 20 72 95 f6 ca 21 8c f3 5f 65 45 04 b4 5d 00 f0 75 eb 0a e8 d9 fc ff 01 78 b3 e5 12 dd a1 ac 90 fd ae 22 80 6c 97 6c 8e be eb 36 65 22 4f 4b 40 c8 b0 9d 88 ae 4b fc 42 b8 b4 c9 ca 5b 04 08 3f 84 71 cd 71 da 44 80 a9 9e 4c e4 96 b8 8c 5c 83 38 51 71 03 44 80 c9 e6 2e 02 08 5c 2f 11 40 8f 4b 99 1c 9a ba 3c 50 b4 fb 25 d3 98 5d 3b 7d 5a b8 4e c7 6b a8 80 90 e7 1e 47 2e 13 bb 69 9a ab d5 5c d5 b6 92 5c c9 9e 98 43 88 5c cd 85 24 67 95 e5 40 e5 e6 5b 4f f8 ce be 68 33 da 2a 00
              Data Ascii: Uen?5CV<dEKd JM8pI"@a#UNk;^\V[an` r!_eE]ux"ll6e"OK@KB[?qqDL\8QqD.\/@K<P%];}ZNkG.i\\C\$g@[Oh3*
              2024-09-29 00:46:43 UTC1378INData Raw: cb cb 03 15 fb 73 ca 96 7f 42 d8 cc b5 8a 00 7a 1f 69 c9 36 80 9b c1 4f 08 6b eb da b9 87 28 3e 2c db 52 5f 9b ba 72 4d c7 2b 07 80 d9 e5 a8 fc 83 df 1e 77 7d 8f 6a 73 69 a2 f9 77 00 0a ec 6f 00 76 1c 39 79 a7 25 02 28 7e c8 b0 27 72 2f f5 48 aa 8b 21 bb fb d6 8b 80 50 01 d1 aa 77 04 84 70 93 7c a5 cd 41 04 c4 9d 69 12 b5 86 eb 26 02 34 5c 5f 11 a0 19 c7 b0 e5 81 c9 38 63 5c df e5 81 d4 b8 54 f6 fa f4 e0 e8 db 72 bc 36 b8 32 1c 84 8d dc 5e 29 02 08 5c 72 22 d7 c7 19 2e 02 88 5c 43 22 57 cf 1f ae 5c 9b 08 50 fb 56 d6 5b ba 3c 50 1e 4b d9 c6 8e 88 2a d1 97 94 01 a4 88 a6 0a 00 fe ce 35 6f 06 c3 3b 9b 92 bc 5b e9 07 80 5d 04 38 0c 7e 4b 97 07 36 f3 1d 01 16 6e 90 08 f0 e4 2a ed 04 2e 51 04 34 f7 1d 01 66 6e 98 08 40 ac 8f 6e dc e4 b1 4e e6 7a be 66 b6 7a 6a
              Data Ascii: sBzi6Ok(>,R_rM+w}jsiwov9y%(~'r/H!Pwp|Ai&4\_8c\Tr62^)\r".\C"W\PV[<PK*5o;[]8~K6n*.Q4fn@nNzfzj
              2024-09-29 00:46:43 UTC1378INData Raw: 57 63 2c bd b8 ac 4e 37 c6 19 b6 32 40 b2 fb be 5f 40 31 96 c9 f3 49 c1 d5 9c 93 a6 b8 43 b8 8d 06 ea fd 69 e4 32 4a 5c b2 3d 84 0b 24 af e6 15 71 59 ea b4 3c a0 de 3f 0c 00 67 e8 e2 2c fa 1b 65 08 1e 48 e7 4f 00 95 ca 5f 01 98 eb c4 49 25 49 37 bb ec 2e 02 62 e5 d4 44 80 03 d7 29 21 0a 5c 8d 08 b0 26 5b 6d a6 0e 15 10 86 67 11 32 b5 3c 30 be 3f 53 13 01 8a e3 cb 8d 6b 4a 6a fa 49 d5 ea 5b 65 37 8c 63 88 08 08 59 19 a0 ae 3b c4 65 15 01 0e dc b6 7e 42 58 1f 67 b8 08 f0 88 4b b2 c7 c5 a7 1b d7 76 4e 1a 13 b5 b7 08 b0 c7 a5 e4 32 8b 5d 17 a7 9a 7b e6 ed ab 6f 38 df 40 26 43 7f 71 49 04 7f f7 69 6b c1 f9 2f 20 df 9b f5 2e 73 7d 1b 27 5f 3c 30 0e 0f 3f 89 c3 82 49 6d 34 76 a1 1e b3 51 7c ab ec 9c e0 db 9b 2b db 6b 5c ae b2 d9 b8 48 1c 36 b2 6f 7f ae cc 17 6c
              Data Ascii: Wc,N72@_@1ICi2J\=$qY<?g,eHO_I%I7.bD)!\&[mg2<0?SkJjI[e7cY;e~BXgKvN2]{o8@&CqIik/ .s}'_<0?Im4vQ|+k\H6ol
              2024-09-29 00:46:43 UTC1378INData Raw: 2a eb f9 27 84 b5 be fc b8 36 11 60 e1 c6 52 8d 2d 91 27 b9 aa 38 d5 5c 93 08 70 13 1f 1c b8 dc e7 59 00 27 01 c0 df f7 fe 22 d2 00 00 20 00 49 44 41 54 7f e6 2c 00 ef 96 22 69 9f 08 20 25 5f 15 2c 0d 5a 29 02 c8 76 c9 e6 e8 5b dc 85 2a b5 4e 12 10 36 df 09 d8 d5 38 5d 04 84 0a 08 62 62 f1 15 01 cc 60 23 73 1d 13 b5 ef 3b 02 3c c4 5c 6b 97 07 0a 13 7c a6 97 07 26 cf 23 4a 5c ca 09 de e1 1d 01 a6 3e da 13 b9 5f 32 8d d9 15 27 3c 89 eb f9 ea 67 72 5c 0a 7b 73 de 11 10 c2 b5 89 00 75 9c 46 6e f5 87 02 43 f9 03 ca 40 0d 70 bb 03 50 2e bd 03 0c 03 f5 fa 74 11 01 ae 7e a8 48 43 04 10 14 a3 0b 97 2e 02 3c b8 a4 44 6e 9e 54 dd 13 39 b1 4f 24 3b 91 4b 14 01 09 84 88 00 95 1b 0a 37 ff 84 b0 45 40 24 e3 24 71 0d c7 6b 83 ab f0 6d 14 73 36 11 e0 c9 25 89 00 85 2f 45
              Data Ascii: *'6`R-'8\pY'" IDAT,"i %_,Z)v[*N68]bb`#s;<\k|&#J\>_2'<gr\{suFnC@pP.t~HC.<DnT9O$;K7E@$$qkms6%/E
              2024-09-29 00:46:43 UTC1378INData Raw: 30 f6 f0 0b 18 ff fd 4b d5 67 15 5c 92 96 35 91 9b ee 02 d8 b8 1a 7b 53 44 80 81 6b 48 e4 d6 64 9b ba 08 b0 70 8d 0f 05 5a e2 76 e2 f2 2d b3 66 0e 2d 3c f0 a6 b3 c7 61 80 fd 21 40 c6 2e 07 e7 55 df 53 5b ae 97 19 a6 e5 43 78 cd f0 a3 84 a2 81 96 cf 01 48 0f 7c 68 1e 92 49 82 c6 8d d9 63 be 84 07 ff 34 0f 11 d9 b8 98 37 0f d1 8a c3 c0 0e 3e 04 d1 81 af 02 5b bc 04 28 14 34 f1 e6 c8 91 c3 08 06 74 2c 9c 85 8e 85 b3 d0 bf 76 05 00 80 4f 94 30 f6 d8 8b 18 7b 60 3d 46 1f 5c 8f d1 07 d6 83 8f 4f 42 3c 27 ab e7 a9 70 8e 32 40 7c 60 2e 39 23 69 b8 f5 86 06 df 12 5f 8c dd 95 cb 00 f0 c4 dc 03 1a 97 01 5c f3 40 b2 7e de 82 95 6b ac 33 16 4b 11 da 3e c9 dc c4 43 81 b6 b8 e1 c9 65 b3 b7 6c dd 71 2e 80 ef 27 42 14 5d 9a 8c fc da 35 dd d8 51 d8 08 d4 5e fe a3 bd 92 e5
              Data Ascii: 0Kg\5{SDkHdpZv-f-<a!@.US[CxH|hIc47>[(4t,vO0{`=F\OB<'p2@|`.9#i_\@~k3K>Celq.'B]5Q^
              2024-09-29 00:46:43 UTC1378INData Raw: 51 b6 47 8c bf 1e 64 01 c0 f8 49 2d 4f 70 21 7e a8 60 80 d3 43 78 59 13 13 00 00 e1 b5 bd 9a 13 91 2d 5c 0c 5c 72 05 d8 71 a7 18 77 47 8e 1c 39 72 28 11 31 0c be 76 25 06 4e 39 08 db 7e 70 1f b6 5e 77 3b 2a a3 d5 3b c8 6a 11 20 42 9f 88 fd 12 39 0c 36 07 01 61 b8 a0 b2 89 00 59 e8 24 7c 07 0b 08 59 04 40 48 53 0e 5c 8d 08 60 c0 19 50 20 b1 97 f9 87 cf d8 17 e0 2f c4 06 47 dc 69 de e5 69 ea c7 ea 8b 07 c6 e1 e1 a7 36 6c 5c aa 63 e6 6c b0 8b af 00 d6 9e 95 7f 74 27 47 8e 1c a9 61 f2 95 61 6c fa ca 2f b0 f3 d6 27 eb bf 55 e7 1f 26 54 98 da 56 87 c2 ae 9d d7 2c dc fc 1d 01 66 2e 97 ed 8c 47 93 7c de d1 f7 5e b6 59 f4 90 cc 12 8c 9f 18 f7 c5 74 fd 75 2c 4f 53 3f 56 28 1a 7b c5 c4 08 6d a6 20 1d 0e 11 03 ce 59 07 f6 37 d7 01 a7 bd 3e 4f fe 39 72 e4 48 15 1d f3
              Data Ascii: QGdI-Op!~`CxY-\\rqwG9r(1v%N9~p^w;*;j B96aY$|Y@HS\`P /Gii6l\clt'Gaal/'U&TV,f.G|^Ytu,OS?V({m Y7>O9rH
              2024-09-29 00:46:43 UTC1378INData Raw: 22 d8 7c 2b ec ac d1 c0 dd 37 93 ea 2a df 69 df 45 88 a5 29 13 97 1d 7c cf 51 5f ef 00 e2 77 00 96 a9 9c b9 97 a7 91 08 70 f5 e3 83 84 2f 49 4c 0c d6 ae fc f7 5d e2 e7 3f 47 8e 1c 39 a6 09 3a f6 9d 81 fd fe ea 22 14 e7 f4 23 7c 65 00 ed f9 81 ea b4 eb 9a 6c 43 b8 b5 64 ab 15 01 16 ae b1 8f 96 2b 7d 9a 08 e8 e4 dd bd cb ea ed f8 b5 d7 46 98 bc 6d 37 80 2e e1 a3 c7 fa 3f 25 98 fe ec c2 85 02 85 6f 2d ef c1 7e ba 7a 80 8f 7f 09 d8 ff 20 e4 c8 d1 2c f0 b1 71 a0 54 32 b4 a8 4d 17 a3 63 40 b9 6c 9c 56 01 80 ef 1a 45 6c 9e 50 f9 1a 9b 00 9f 9c 84 51 38 97 ca d5 d8 04 ae 6d db aa 6d b1 de 6e b0 28 02 07 c0 0a 11 58 4f 57 a3 45 57 27 58 47 b1 5a 89 18 58 5f 0f 58 47 11 ac 2b 7f 9b 66 3b 31 f1 dc 16 3c ff c7 df 43 79 fb 6e 24 af 69 e5 63 46 61 e7 06 9b 89 cb d5 76
              Data Ascii: "|+7*iE)|Q_wp/IL]?G9:"#|elCd+}Fm7.?%o-~z ,qT2Mc@lVElPQ8mmn(XOWEW'XGZX_XG+f;1<Cyn$icFav


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              6192.168.2.449744184.28.90.27443
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:43 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-09-29 00:46:43 UTC467INHTTP/1.1 200 OK
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              Content-Type: application/octet-stream
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              Server: ECAcc (lpl/EF67)
              X-CID: 11
              X-Ms-ApiVersion: Distribute 1.2
              X-Ms-Region: prod-neu-z1
              Cache-Control: public, max-age=143899
              Date: Sun, 29 Sep 2024 00:46:43 GMT
              Connection: close
              X-CID: 2


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              7192.168.2.449749184.28.90.27443
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:43 UTC239OUTGET /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
              Range: bytes=0-2147483646
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-09-29 00:46:44 UTC515INHTTP/1.1 200 OK
              ApiVersion: Distribute 1.1
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              Content-Type: application/octet-stream
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              Server: ECAcc (lpl/EF06)
              X-CID: 11
              X-Ms-ApiVersion: Distribute 1.2
              X-Ms-Region: prod-weu-z1
              Cache-Control: public, max-age=143928
              Date: Sun, 29 Sep 2024 00:46:44 GMT
              Content-Length: 55
              Connection: close
              X-CID: 2
              2024-09-29 00:46:44 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              8192.168.2.449750185.199.110.1534433068C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:43 UTC395OUTGET /Instagram-mobile-app-clone/icons/insta-logo.png HTTP/1.1
              Host: cyber-rick-max.github.io
              Connection: keep-alive
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: */*
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: cors
              Sec-Fetch-Dest: empty
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-09-29 00:46:44 UTC740INHTTP/1.1 200 OK
              Connection: close
              Content-Length: 60380
              Server: GitHub.com
              Content-Type: image/png
              permissions-policy: interest-cohort=()
              x-origin-cache: HIT
              Last-Modified: Wed, 18 Sep 2024 16:39:04 GMT
              Access-Control-Allow-Origin: *
              Strict-Transport-Security: max-age=31556952
              ETag: "66eb0228-ebdc"
              expires: Sun, 29 Sep 2024 00:56:43 GMT
              Cache-Control: max-age=600
              x-proxy-cache: MISS
              X-GitHub-Request-Id: D8ED:394571:2876096:2C95342:66F8A372
              Accept-Ranges: bytes
              Date: Sun, 29 Sep 2024 00:46:44 GMT
              Via: 1.1 varnish
              Age: 1
              X-Served-By: cache-ewr-kewr1740062-EWR
              X-Cache: HIT
              X-Cache-Hits: 1
              X-Timer: S1727570804.019020,VS0,VE3
              Vary: Accept-Encoding
              X-Fastly-Request-ID: 7e5cf1436798073f2fb5bbf806ccfe0509b867af
              2024-09-29 00:46:44 UTC1378INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 06 00 00 00 f4 78 d4 fa 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 77 77 77 2e 69 6e 6b 73 63 61 70 65 2e 6f 72 67 9b ee 3c 1a 00 00 20 00 49 44 41 54 78 9c ec bd 79 bc 25 45 79 3e fe 54 9f 73 f7 6d f6 61 18 66 61 06 64 99 01 94 6d 86 7d 86 45 04 01 15 18 36 0d 8a 28 7e 63 d0 e8 d7 dd 18 c4 f8 4d dc 92 a8 89 31 9a c4 fc 54 92 a8 20 26 6a 12 8c 0b 8a 82 ec 60 d8 65 87 19 b6 d9 e7 de 99 b9 db 39 a7 7e 7f 9c 73 cf a9 ae ae e5 ad aa 3e e7 f4 9d e9 e7 a3 4c d5 79 eb 79 fb ad ae ee 7a 9f ee db d5 cd 90 63 8f 04 7f ed 1f f4 8d 15 77 cd a9 74 16 e6 54 ca 18 e2 e0 03 11 8b
              Data Ascii: PNGIHDRxsBIT|dpHYs+tEXtSoftwarewww.inkscape.org< IDATxy%Ey>Tsmafadm}E6(~cM1T &j`e9~s>LyyzcwtT
              2024-09-29 00:46:44 UTC1378INData Raw: ad e1 2e 40 dd ad 95 6b db 76 f2 44 f4 17 01 69 0a 08 99 9f 2f 0f 4c 57 04 18 b8 96 44 ae 15 10 f5 44 9e a6 08 b0 70 db b6 3c d0 e0 5b c7 25 27 f2 14 05 84 a7 08 48 61 79 a0 85 ab b0 fb 8a 80 46 1f 5f e6 c0 bf b2 28 fa e6 31 bf bd e4 21 e4 50 22 17 00 0a f0 f3 ce 1b 28 17 76 bf 89 23 7a 33 18 4e 03 50 a8 5a 5c 12 b9 cb 89 28 73 35 76 c3 89 68 e4 5a 96 07 d6 43 72 e6 1a b6 9d 82 08 08 59 1e d8 3e 11 90 e6 ca 80 b8 3d bb cb 03 65 7f 74 11 a0 9d e0 7d 05 44 fe 8e 00 ed b6 83 b8 be 22 80 70 47 47 7b 17 c1 97 cb 65 3b bb 0f c0 b7 3a ba c7 be fd 9a 5f 5d b1 1d 39 ea c8 05 40 0d fc da 6b a3 f2 03 b7 9e 05 b0 b7 00 78 03 07 6a 2f d2 31 24 07 8d a2 6e 8e 08 b0 9f 88 74 11 90 a6 80 90 f9 c9 13 d1 59 04 90 ee 02 d8 b8 84 2b 6a d1 e4 2b 02 3c c4 5c be 3c 50 e6 ca b1
              Data Ascii: .@kvDi/LWDDp<[%'HayF_(1!P"(v#z3NPZ\(s5vhZCrY>=et}D"pGG{e;:_]9@kxj/1$ntY+j+<\<P
              2024-09-29 00:46:44 UTC1378INData Raw: 76 ae b1 ce 54 fb 52 8a 4b c5 65 f6 f9 34 6e 0f e1 0a 63 c9 f9 39 3c 2a 3c 70 c7 aa 1b ae 50 86 3d 8d a0 9f b7 33 0e be ee b8 1e b0 8e cf 82 e3 bd 8d 1f e5 56 0a 15 c7 0d 36 13 d7 f7 e9 7e 0d d7 b6 6d 5e 6f e0 c1 35 5c 01 c6 e3 0e e1 4a f6 fc 13 c2 09 6e cc b7 62 2c 5b b7 3c 30 6e 0f 59 19 90 e4 c7 c7 31 bb ef 08 70 19 47 99 2b f9 e6 b2 9d c8 55 8c a5 a9 cf 75 9b 76 1c 65 6e a3 ae 9e 7b 68 5c 00 2d 5e 1e 58 ab fb 72 9b fc 8e 00 a5 bd 31 67 fd 80 f1 e2 55 ab ee 3a 7f 0b a6 21 a6 a5 00 e0 97 9e b0 02 e5 c2 77 01 ac ac fe 20 1a e5 d6 ad 12 01 69 0a 08 c1 9e ba 08 48 53 40 48 f6 cc 2e 0f 4c 51 04 24 c6 23 cd e5 81 1a df a9 88 00 47 6e ab 97 07 86 70 b5 22 80 2e e6 ec 02 42 b2 ef e1 9f 10 56 cf 3d c4 fd e5 95 c8 03 05 44 ab 96 07 aa b9 af 70 f0 b7 af be f3 e2
              Data Ascii: vTRKe4nc9<*<pP=3V6~m^o5\Jnb,[<0nY1pG+Uuven{h\-^Xr1gU:!w iHS@H.LQ$#Gnp".BV=Dp
              2024-09-29 00:46:44 UTC1378INData Raw: b6 13 d1 55 04 c0 7f 65 80 d1 6e db 3f 9e 0f 0d b2 d0 b8 e4 09 9e c0 35 0a 1d 43 a2 56 3c 64 45 8f 4b b6 13 b9 64 11 20 f9 4a 4d 04 38 70 49 22 40 61 23 88 80 d4 05 84 55 04 88 9b d0 9f cf 4e 02 c2 8b 6b 3b 5e 0d 5c c3 03 9e 56 01 e1 cc ad cd 5b 16 61 6e eb b3 a9 ae be b6 91 85 60 a8 08 20 72 95 f6 ca 21 8c f3 5f 65 45 04 b4 5d 00 f0 75 eb 0a e8 d9 fc ff 01 78 b3 e5 12 dd a1 ac 90 fd ae 22 80 6c 97 6c 8e be eb 36 65 22 4f 4b 40 c8 b0 9d 88 ae 4b fc 42 b8 b4 c9 ca 5b 04 08 3f 84 71 cd 71 da 44 80 a9 9e 4c e4 96 b8 8c 5c 83 38 51 71 03 44 80 c9 e6 2e 02 08 5c 2f 11 40 8f 4b 99 1c 9a ba 3c 50 b4 fb 25 d3 98 5d 3b 7d 5a b8 4e c7 6b a8 80 90 e7 1e 47 2e 13 bb 69 9a ab d5 5c d5 b6 92 5c c9 9e 98 43 88 5c cd 85 24 67 95 e5 40 e5 e6 5b 4f f8 ce be 68 33 da 2a 00
              Data Ascii: Uen?5CV<dEKd JM8pI"@a#UNk;^\V[an` r!_eE]ux"ll6e"OK@KB[?qqDL\8QqD.\/@K<P%];}ZNkG.i\\C\$g@[Oh3*
              2024-09-29 00:46:44 UTC1378INData Raw: cb cb 03 15 fb 73 ca 96 7f 42 d8 cc b5 8a 00 7a 1f 69 c9 36 80 9b c1 4f 08 6b eb da b9 87 28 3e 2c db 52 5f 9b ba 72 4d c7 2b 07 80 d9 e5 a8 fc 83 df 1e 77 7d 8f 6a 73 69 a2 f9 77 00 0a ec 6f 00 76 1c 39 79 a7 25 02 28 7e c8 b0 27 72 2f f5 48 aa 8b 21 bb fb d6 8b 80 50 01 d1 aa 77 04 84 70 93 7c a5 cd 41 04 c4 9d 69 12 b5 86 eb 26 02 34 5c 5f 11 a0 19 c7 b0 e5 81 c9 38 63 5c df e5 81 d4 b8 54 f6 fa f4 e0 e8 db 72 bc 36 b8 32 1c 84 8d dc 5e 29 02 08 5c 72 22 d7 c7 19 2e 02 88 5c 43 22 57 cf 1f ae 5c 9b 08 50 fb 56 d6 5b ba 3c 50 1e 4b d9 c6 8e 88 2a d1 97 94 01 a4 88 a6 0a 00 fe ce 35 6f 06 c3 3b 9b 92 bc 5b e9 07 80 5d 04 38 0c 7e 4b 97 07 36 f3 1d 01 16 6e 90 08 f0 e4 2a ed 04 2e 51 04 34 f7 1d 01 66 6e 98 08 40 ac 8f 6e dc e4 b1 4e e6 7a be 66 b6 7a 6a
              Data Ascii: sBzi6Ok(>,R_rM+w}jsiwov9y%(~'r/H!Pwp|Ai&4\_8c\Tr62^)\r".\C"W\PV[<PK*5o;[]8~K6n*.Q4fn@nNzfzj
              2024-09-29 00:46:44 UTC1378INData Raw: 57 63 2c bd b8 ac 4e 37 c6 19 b6 32 40 b2 fb be 5f 40 31 96 c9 f3 49 c1 d5 9c 93 a6 b8 43 b8 8d 06 ea fd 69 e4 32 4a 5c b2 3d 84 0b 24 af e6 15 71 59 ea b4 3c a0 de 3f 0c 00 67 e8 e2 2c fa 1b 65 08 1e 48 e7 4f 00 95 ca 5f 01 98 eb c4 49 25 49 37 bb ec 2e 02 62 e5 d4 44 80 03 d7 29 21 0a 5c 8d 08 b0 26 5b 6d a6 0e 15 10 86 67 11 32 b5 3c 30 be 3f 53 13 01 8a e3 cb 8d 6b 4a 6a fa 49 d5 ea 5b 65 37 8c 63 88 08 08 59 19 a0 ae 3b c4 65 15 01 0e dc b6 7e 42 58 1f 67 b8 08 f0 88 4b b2 c7 c5 a7 1b d7 76 4e 1a 13 b5 b7 08 b0 c7 a5 e4 32 8b 5d 17 a7 9a 7b e6 ed ab 6f 38 df 40 26 43 7f 71 49 04 7f f7 69 6b c1 f9 2f 20 df 9b f5 2e 73 7d 1b 27 5f 3c 30 0e 0f 3f 89 c3 82 49 6d 34 76 a1 1e b3 51 7c ab ec 9c e0 db 9b 2b db 6b 5c ae b2 d9 b8 48 1c 36 b2 6f 7f ae cc 17 6c
              Data Ascii: Wc,N72@_@1ICi2J\=$qY<?g,eHO_I%I7.bD)!\&[mg2<0?SkJjI[e7cY;e~BXgKvN2]{o8@&CqIik/ .s}'_<0?Im4vQ|+k\H6ol
              2024-09-29 00:46:44 UTC1378INData Raw: 2a eb f9 27 84 b5 be fc b8 36 11 60 e1 c6 52 8d 2d 91 27 b9 aa 38 d5 5c 93 08 70 13 1f 1c b8 dc e7 59 00 27 01 c0 df f7 fe 22 d2 00 00 20 00 49 44 41 54 7f e6 2c 00 ef 96 22 69 9f 08 20 25 5f 15 2c 0d 5a 29 02 c8 76 c9 e6 e8 5b dc 85 2a b5 4e 12 10 36 df 09 d8 d5 38 5d 04 84 0a 08 62 62 f1 15 01 cc 60 23 73 1d 13 b5 ef 3b 02 3c c4 5c 6b 97 07 0a 13 7c a6 97 07 26 cf 23 4a 5c ca 09 de e1 1d 01 a6 3e da 13 b9 5f 32 8d d9 15 27 3c 89 eb f9 ea 67 72 5c 0a 7b 73 de 11 10 c2 b5 89 00 75 9c 46 6e f5 87 02 43 f9 03 ca 40 0d 70 bb 03 50 2e bd 03 0c 03 f5 fa 74 11 01 ae 7e a8 48 43 04 10 14 a3 0b 97 2e 02 3c b8 a4 44 6e 9e 54 dd 13 39 b1 4f 24 3b 91 4b 14 01 09 84 88 00 95 1b 0a 37 ff 84 b0 45 40 24 e3 24 71 0d c7 6b 83 ab f0 6d 14 73 36 11 e0 c9 25 89 00 85 2f 45
              Data Ascii: *'6`R-'8\pY'" IDAT,"i %_,Z)v[*N68]bb`#s;<\k|&#J\>_2'<gr\{suFnC@pP.t~HC.<DnT9O$;K7E@$$qkms6%/E
              2024-09-29 00:46:44 UTC1378INData Raw: 30 f6 f0 0b 18 ff fd 4b d5 67 15 5c 92 96 35 91 9b ee 02 d8 b8 1a 7b 53 44 80 81 6b 48 e4 d6 64 9b ba 08 b0 70 8d 0f 05 5a e2 76 e2 f2 2d b3 66 0e 2d 3c f0 a6 b3 c7 61 80 fd 21 40 c6 2e 07 e7 55 df 53 5b ae 97 19 a6 e5 43 78 cd f0 a3 84 a2 81 96 cf 01 48 0f 7c 68 1e 92 49 82 c6 8d d9 63 be 84 07 ff 34 0f 11 d9 b8 98 37 0f d1 8a c3 c0 0e 3e 04 d1 81 af 02 5b bc 04 28 14 34 f1 e6 c8 91 c3 08 06 74 2c 9c 85 8e 85 b3 d0 bf 76 05 00 80 4f 94 30 f6 d8 8b 18 7b 60 3d 46 1f 5c 8f d1 07 d6 83 8f 4f 42 3c 27 ab e7 a9 70 8e 32 40 7c 60 2e 39 23 69 b8 f5 86 06 df 12 5f 8c dd 95 cb 00 f0 c4 dc 03 1a 97 01 5c f3 40 b2 7e de 82 95 6b ac 33 16 4b 11 da 3e c9 dc c4 43 81 b6 b8 e1 c9 65 b3 b7 6c dd 71 2e 80 ef 27 42 14 5d 9a 8c fc da 35 dd d8 51 d8 08 d4 5e fe a3 bd 92 e5
              Data Ascii: 0Kg\5{SDkHdpZv-f-<a!@.US[CxH|hIc47>[(4t,vO0{`=F\OB<'p2@|`.9#i_\@~k3K>Celq.'B]5Q^
              2024-09-29 00:46:44 UTC1378INData Raw: 51 b6 47 8c bf 1e 64 01 c0 f8 49 2d 4f 70 21 7e a8 60 80 d3 43 78 59 13 13 00 00 e1 b5 bd 9a 13 91 2d 5c 0c 5c 72 05 d8 71 a7 18 77 47 8e 1c 39 72 28 11 31 0c be 76 25 06 4e 39 08 db 7e 70 1f b6 5e 77 3b 2a a3 d5 3b c8 6a 11 20 42 9f 88 fd 12 39 0c 36 07 01 61 b8 a0 b2 89 00 59 e8 24 7c 07 0b 08 59 04 40 48 53 0e 5c 8d 08 60 c0 19 50 20 b1 97 f9 87 cf d8 17 e0 2f c4 06 47 dc 69 de e5 69 ea c7 ea 8b 07 c6 e1 e1 a7 36 6c 5c aa 63 e6 6c b0 8b af 00 d6 9e 95 7f 74 27 47 8e 1c a9 61 f2 95 61 6c fa ca 2f b0 f3 d6 27 eb bf 55 e7 1f 26 54 98 da 56 87 c2 ae 9d d7 2c dc fc 1d 01 66 2e 97 ed 8c 47 93 7c de d1 f7 5e b6 59 f4 90 cc 12 8c 9f 18 f7 c5 74 fd 75 2c 4f 53 3f 56 28 1a 7b c5 c4 08 6d a6 20 1d 0e 11 03 ce 59 07 f6 37 d7 01 a7 bd 3e 4f fe 39 72 e4 48 15 1d f3
              Data Ascii: QGdI-Op!~`CxY-\\rqwG9r(1v%N9~p^w;*;j B96aY$|Y@HS\`P /Gii6l\clt'Gaal/'U&TV,f.G|^Ytu,OS?V({m Y7>O9rH
              2024-09-29 00:46:44 UTC1378INData Raw: 22 d8 7c 2b ec ac d1 c0 dd 37 93 ea 2a df 69 df 45 88 a5 29 13 97 1d 7c cf 51 5f ef 00 e2 77 00 96 a9 9c b9 97 a7 91 08 70 f5 e3 83 84 2f 49 4c 0c d6 ae fc f7 5d e2 e7 3f 47 8e 1c 39 a6 09 3a f6 9d 81 fd fe ea 22 14 e7 f4 23 7c 65 00 ed f9 81 ea b4 eb 9a 6c 43 b8 b5 64 ab 15 01 16 ae b1 8f 96 2b 7d 9a 08 e8 e4 dd bd cb ea ed f8 b5 d7 46 98 bc 6d 37 80 2e e1 a3 c7 fa 3f 25 98 fe ec c2 85 02 85 6f 2d ef c1 7e ba 7a 80 8f 7f 09 d8 ff 20 e4 c8 d1 2c f0 b1 71 a0 54 32 b4 a8 4d 17 a3 63 40 b9 6c 9c 56 01 80 ef 1a 45 6c 9e 50 f9 1a 9b 00 9f 9c 84 51 38 97 ca d5 d8 04 ae 6d db aa 6d b1 de 6e b0 28 02 07 c0 0a 11 58 4f 57 a3 45 57 27 58 47 b1 5a 89 18 58 5f 0f 58 47 11 ac 2b 7f 9b 66 3b 31 f1 dc 16 3c ff c7 df 43 79 fb 6e 24 af 69 e5 63 46 61 e7 06 9b 89 cb d5 76
              Data Ascii: "|+7*iE)|Q_wp/IL]?G9:"#|elCd+}Fm7.?%o-~z ,qT2Mc@lVElPQ8mmn(XOWEW'XGZX_XG+f;1<Cyn$icFav


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              9192.168.2.4497514.175.87.197443
              TimestampBytes transferredDirectionData
              2024-09-29 00:46:50 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YuypsvFBsA86cBY&MD=sErAbDpF HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
              Host: slscr.update.microsoft.com
              2024-09-29 00:46:51 UTC560INHTTP/1.1 200 OK
              Cache-Control: no-cache
              Pragma: no-cache
              Content-Type: application/octet-stream
              Expires: -1
              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
              MS-CorrelationId: 1b4b0f31-2858-489f-a233-deb306cc3da9
              MS-RequestId: 0151439b-0078-4b35-a220-d5d016553383
              MS-CV: flJxHGiJ0Eyy9bPO.0
              X-Microsoft-SLSClientCache: 2880
              Content-Disposition: attachment; filename=environment.cab
              X-Content-Type-Options: nosniff
              Date: Sun, 29 Sep 2024 00:46:50 GMT
              Connection: close
              Content-Length: 24490
              2024-09-29 00:46:51 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
              2024-09-29 00:46:51 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              10192.168.2.4620814.175.87.197443
              TimestampBytes transferredDirectionData
              2024-09-29 00:47:32 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YuypsvFBsA86cBY&MD=sErAbDpF HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
              Host: slscr.update.microsoft.com
              2024-09-29 00:47:32 UTC560INHTTP/1.1 200 OK
              Cache-Control: no-cache
              Pragma: no-cache
              Content-Type: application/octet-stream
              Expires: -1
              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
              MS-CorrelationId: f939b1f6-4390-45e8-afb4-5ddb239be287
              MS-RequestId: d3c5a562-f13e-4bc3-af37-f6436d9c7846
              MS-CV: x6s9JkNktEWDaIjE.0
              X-Microsoft-SLSClientCache: 1440
              Content-Disposition: attachment; filename=environment.cab
              X-Content-Type-Options: nosniff
              Date: Sun, 29 Sep 2024 00:47:31 GMT
              Connection: close
              Content-Length: 30005
              2024-09-29 00:47:32 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
              2024-09-29 00:47:32 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


              Statistics

              CPU Usage

              Click to jump to process

              Memory Usage

              Click to jump to process

              Behavior

              Click to jump to process

              System Behavior

              General

              Target ID:0
              Start time:20:46:30
              Start date:28/09/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:2
              Start time:20:46:35
              Start date:28/09/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 --field-trial-handle=2480,i,1797990003558239978,3991572395817339401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:3
              Start time:20:46:37
              Start date:28/09/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cyber-rick-max.github.io/Instagram-mobile-app-clone"
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:true

              Disassembly

              No disassembly