Edit tour

Windows Analysis Report
https://lindex171.github.io/instalogin/index.html

Overview

General Information

Sample URL:	https://lindex171.github.io/instalogin/index.html
Analysis ID:	1521948
Tags:	openphish
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Phishing site detected (based on logo match)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Invalid 'forgot password' link found

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4460 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1708,i,5434988003253293677,12926046323521537475,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5496 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lindex171.github.io/instalogin/index.html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 9115Server: GitHub.comContent-Type: text/html; charset=utf-8permissions-policy: interest-cohort=()ETag: "66f42b03-239b"Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'X-GitHub-Request-Id: 98AE:19E0B5:29EAE0E:2EEE352:66F8D4E1Accept-Ranges: bytesAge: 0Date: Sun, 29 Sep 2024 04:17:39 GMTVia: 1.1 varnishX-Served-By: cache-nyc-kteb1890084-NYCX-Cache: MISSX-Cache-Hits: 0X-Timer: S1727583460.637250,VS0,VE12Vary: Accept-EncodingX-Fastly-Request-ID: b69c9a4bed3e44273920135772085756140eb1cd

Source: chromecache_133.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Poppins:wght
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1JlFc-K.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTucHtA.woff2)
Source: chromecache_132.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTufntAKPY.woff2)
Source: chromecache_131.2.dr	String found in binary or memory: https://githubstatus.com
Source: chromecache_131.2.dr	String found in binary or memory: https://help.github.com/pages/
Source: chromecache_131.2.dr	String found in binary or memory: https://twitter.com/githubstatus
Source: chromecache_133.2.dr	String found in binary or memory: https://www.instagram.com/static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51307
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49721 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@21/23@8/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1708,i,5434988003253293677,12926046323521537475,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lindex171.github.io/instalogin/index.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1708,i,5434988003253293677,12926046323521537475,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://lindex171.github.io/instalogin/index.html	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Label	Link
https://githubstatus.com	0%	URL Reputation	safe
https://help.github.com/pages/	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false	unknown
lindex171.github.io	185.199.108.153	true	true	unknown
www.google.com	142.250.186.164	true	false	unknown
z-p42-instagram.c10r.instagram.com	157.240.0.174	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
www.instagram.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://lindex171.github.io/instalogin/index.html	true	unknown
https://lindex171.github.io/instalogin/index.html#	true	unknown
https://lindex171.github.io/instalogin/style.css	false	unknown
https://lindex171.github.io/favicon.ico	false	unknown
https://www.instagram.com/static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://githubstatus.com	chromecache_131.2.dr	false	URL Reputation: safe	unknown
https://help.github.com/pages/	chromecache_131.2.dr	false	URL Reputation: safe	unknown
https://twitter.com/githubstatus	chromecache_131.2.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
157.240.252.174	unknown	United States	32934	FACEBOOKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false
185.199.108.153	lindex171.github.io	Netherlands	54113	FASTLYUS	true
157.240.0.174	z-p42-instagram.c10r.instagram.com	United States	32934	FACEBOOKUS	false

Private

IP
192.168.2.6
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1521948
Start date and time:	2024-09-29 06:16:43 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 13s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://lindex171.github.io/instalogin/index.html
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@21/23@8/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.186.142, 173.194.76.84, 34.104.35.123, 172.217.18.10, 142.250.185.106, 142.250.181.234, 142.250.185.234, 142.250.186.170, 216.58.206.42, 142.250.185.74, 142.250.186.42, 216.58.206.74, 142.250.185.202, 142.250.185.138, 142.250.184.234, 172.217.23.106, 142.250.184.202, 216.58.212.138, 142.250.185.170, 142.250.186.74, 142.250.184.195, 13.85.23.86, 2.16.100.168, 88.221.110.91, 192.229.221.95, 20.242.39.171, 13.85.23.206, 142.250.186.67, 199.232.210.172
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://lindex171.github.io/instalogin/index.html

Input	Output
URL: https://lindex171.github.io/instalogin/index.html Model: jbxai	{ "brand":["Facebook"], "contains_trigger_text":true, "trigger_text":"Log In", "prominent_button_name":"Log In", "text_input_field_labels":["Phone number", "username", "email", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://lindex171.github.io/instalogin/index.html# Model: jbxai	{ "brand":["Instagram"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Log In", "text_input_field_labels":["Phone number, username, or email", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://lindex171.github.io/instalogin/index.html Model: jbxai	{ "phishing_score":9, "brands":"Facebook", "legit_domain":"facebook.com", "classification":"wellknown", "reasons":["The URL 'lindex171.github.io' does not match the legitimate domain 'facebook.com'.", "The URL is hosted on GitHub Pages, which is not a typical hosting platform for Facebook.", "The URL contains no direct reference to Facebook, which is suspicious.", "The presence of input fields for sensitive information (phone number, username, email, password) on a non-legitimate domain is a common phishing tactic."], "brand_matches":[false], "url_match":false, "brand_input":"Facebook", "input_fields":"Phone number, username, email, Password"}

URL: https://lindex171.github.io/instalogin/index.html# Model: jbxai	{ "phishing_score":9, "brands":"Instagram", "legit_domain":"instagram.com", "classification":"wellknown", "reasons":["The legitimate domain for Instagram is instagram.com.", "The provided URL (lindex171.github.io) does not match the legitimate domain.", "The URL is hosted on GitHub Pages, which is commonly used for personal or project websites, not for official brand pages.", "The URL contains no direct reference to Instagram, which is suspicious.", "Phishing sites often use trusted platforms like GitHub Pages to appear legitimate.", "The input fields (Phone number, username, or email, Password) are typical for phishing attempts targeting Instagram users."], "brand_matches":[false], "url_match":false, "brand_input":"Instagram", "input_fields":"Phone number, username, or email, Password"}

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9797504379803623
Encrypted:	false
SSDEEP:	48:8ud/jTjTEfHtidAKZdA19ehwiZUklqeh9y+3:8KjbEney
MD5:	025C2730567AA21649AB168B897155FC
SHA1:	C70705452348C6EF920E72F0876FE4F71DBD8D04
SHA-256:	4789B9A55E45D6144D13F69FE4266DD7BB82AF8A3D1B9010D27531800619376D
SHA-512:	46EA0E2FE1F7D6A6DFB78451D07A71D874A1430DFF41CC43D4A6FA36C797C3502A2B7379D3CEF4529866ADB70F4AB85797571E9059F90D3EF36B92BC65B35E4F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....J...&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=Y3"...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.993585815320106
Encrypted:	false
SSDEEP:	48:8Ed/jTjTEfHtidAKZdA1weh/iZUkAQkqehOy+2:8IjbEN9Qry
MD5:	FAF37459CC42B5D1E83D13B122E0FFFF
SHA1:	0D7203DF1AEE372975B446D69C6CC19BB7707911
SHA-256:	B8C72716233473E76DE9FF0D3CBCAF4F210240507F949D64D9B1C43679A49B40
SHA-512:	6BB6C6F5AE90EC082F20A2E30DF956B5C074A06CE9F4AD9E8EF3E0FA2A28D149809346B610BA4D788B339DB3294756753C00FCD70B22ACB954EAA708302B126E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....Fw..&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=Y3"...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.007734352753158
Encrypted:	false
SSDEEP:	48:8xsd/jTjTsHtidAKZdA14tseh7sFiZUkmgqeh7ssy+BX:8xgjbUnKy
MD5:	0836EC3CA9014A98D5CB8B88F6173626
SHA1:	F2E8EEE2253128A5E4895F021B53BB360326678C
SHA-256:	2D268A176E9C55C335D55A4EE21D93B2CAB958C2BC8FC468D56F657F62BA5A8F
SHA-512:	8A9C0900ECC36B632F96932A55566D93B3DC38928A961C2CCC94D672A11B588AABD480945C8F3D812F1494D94E3C188F54C4D3ECF435C72D886AB7E56BAB3AD6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.992348797908365
Encrypted:	false
SSDEEP:	48:8bd/jTjTEfHtidAKZdA1vehDiZUkwqehiy+R:89jbEuky
MD5:	CCB31D85A3B6F3ECB8CE24EF6ED1065E
SHA1:	4A776BAF95240E72C2D172C4507234F745184E2C
SHA-256:	16070E2742014C5AE45F92972DE34827E354656792F2A8D87035B4A4B6354A59
SHA-512:	C2EA8846BC0A342D69E3D4777C68FC2E178CCE70FD62DA42A5D11780E5612FA3C2D1B605540425BA2EBE840A207800BA28697C431BAA098E16205E9A83148FCA
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....sb..&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=Y3"...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.985175646890683
Encrypted:	false
SSDEEP:	48:8fd/jTjTEfHtidAKZdA1hehBiZUk1W1qehYy+C:8xjbEe94y
MD5:	BD479AB105C67F828FBB1CF7042E3174
SHA1:	FC306E5FAD6A52720902F6C07DDC1B3C81F5BC5F
SHA-256:	81E9C5B42EF4BCC80ECE93D56E8A49B111D9B27A0A2B49C0D9D61315BC607ADF
SHA-512:	69A091F79C330940AAEE8BF6E1F56E11C9BF396F304352E792EFB6D2601880C313F4707730ABF059A6422D5F386BB15E671E42F59BF2C0E6982ED18B5DFC5B4E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=Y3"...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 03:17:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9901823017829647
Encrypted:	false
SSDEEP:	48:8ld/jTjTEfHtidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbKy+yT+:8HjbEAT/TbxWOvTbKy7T
MD5:	2883079D5487F3126251AED4ECE90984
SHA1:	7B1C40B8FF637D153B41CE1AB2B205A3E85EFF12
SHA-256:	972E9A149F3283313236EDC2EFD1EA7BD06197C5192752A3962725130DF72F9F
SHA-512:	CA2C2EFDB3E83C66E5F99F4808980B87C101A8A552F0F3C6ADF808D6744C852BAD4319F94DC4FAF44518559483FDF9E3A63132F5BFB0E795C0441219DA21C36F
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....p0..&...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=Y0"....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=Y0"....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=Y0"....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=Y0"..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=Y3"...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............\|\|.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.066108939837481
Encrypted:	false
SSDEEP:	3:GMyoSt:jFSt
MD5:	96B191AE794C2C78387B3F4F9BB7A251
SHA1:	F974547DF0ADFFB7E80699552C6BCE3E709343A6
SHA-256:	CE76758AEEF2CAF12021AFB5257D0CA4E9E5C20015C2C85D68BB27FA6B1AFB28
SHA-512:	07EE1CFDBD53C1046FA4F44FF7C83F4456CDAA099299816B451D114E3EEAAD4BE8F0CD0FC09F0E838418BCBB5E50547E806E8E080B8E3421D0DB26FF4C15D412
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlaDVEzWmnEnRIFDeeNQA4SBQ3OQUx6?alt=proto
Preview:	ChIKBw3njUAOGgAKBw3OQUx6GgA=

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Category:	downloaded
Size (bytes):	8000
Entropy (8bit):	7.97130996744173
Encrypted:	false
SSDEEP:	192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ
MD5:	72993DDDF88A63E8F226656F7DE88E57
SHA1:	179F97EC0275F09603A8DB94D4380EB584D81CD5
SHA-256:	F4E80D9DFD374D02989B87A27B5ED4CB78FBB177C27F1478E9A8B0AFB7513149
SHA-512:	7C20165F9D22A86341E841FD58526209017DCDE2AFE2D0D2A89FE853D95DC69F658D25CF798C71F452DAB09843FC808C1AE87A60B1284134163ABF5A1D93E50A
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Preview:	wOF2.......@......?@.................................`..T..t...6..6.$..h. ..T.....1E.r.8...KD......2.>L.......0..c.h...y_)s...N..(._C,/.v...7B...Z..gT@....u*.\t.9....{.&.;<...j.2.H-...A.S......E..)..f.Y8vuw^.^_.n{.Z..U.h..Kcm.........E..........'.J.-.-.......=.."...E...../R.8P....>?.]...R..Ag:.Pt..j..s..pG. .!f?.Q.T.".O.....D.r......3>gJN!V.\.!....+.......X.B.v....c9.&iW-[.,.. ...Q.k%I.s.%...d...8q..._~.C.n".v0..6B.eT..?..7.....l....3..7...M...5......k......^.....F.v~\|.....3N=.....[.!......}....F(...fA..c)0X$,FYL..=).(h<4...M5..<3.c....K/.{.p....3+'W...Z.[..;.w.....X....nx..v.(c;._.W......\|.b.....{...9..A6...V\|.N...Z?+\|H/.#.W%.._.8,...>._..w...RP..-.?.k7X..".._S.3,J.........&.8Gs.?yH.Yx......I_....._o.0K......(e.Q.W....=...J.7.\k.n.pd.....s..%...sD......_..&-...(.7..6.U..&<~8...9......uV..\|h.#m\.d./!....s.......b.j. ."...wX...B.`..Bj=......VnM....p..k.%..U.F..-VN).Y........_..W.p...B..\|.j..f..7....).~....n......c.3....t.......s..>...

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 403 x 393, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	75003
Entropy (8bit):	7.990185264839041
Encrypted:	true
SSDEEP:	1536:ZHfMYX44J9Y0Rr+FfhbEH/PMmVu+mjRYpMGaI+2y0jZ60Lk:ZHfMYXzJ9RefhIfPMBjRaMxWy0jZ604
MD5:	60704678C56F65B5C141DBB970D2DF15
SHA1:	0AE408067E5C09DC4C873FE1B66BA2CDC6EFCA4D
SHA-256:	74493159AABFEBA948158A6172BB5DA0ED5E66A62F7182F32330BB5FDE1AC1F2
SHA-512:	2237BE480DF4D5E7C430597CEFEC449370989C9A6FF1C4DEA2CF9F79E20CDE185D9CF6E39B97309EDF6E9FD30E2BCD0A265FCC2FF698348DBA06B8A36DC120A2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............OQ...$.IDATx..].\T...w[......oQ..Ms..45s....S3.4.2-..47.wEs.P.T.rGP..U..D.a...........0..>..7..w.....]...V.v.H. .G..i3... ...D$5S"...>....<F.U1oNNN..W.q.:u.._...6.gg.p...\\]].U9.....X..=..U...H..z.YH.Ha..s.....7...9tn..S.4i..2..H.q.."."....Hc.5.Z.e_...+....h.k.O"..Q\....q.-.r.HG3.@..T...}.-.......C.\|..u....g6>?......_A:.t...}.....9\|.:...,QwJ......!.E....9H.)...!. -F......}...].e.5.....&./..u.(F`.\|..&.;......9p.G..TQ.J2.........A....H. .1p.".../@....n..c.y.^z...M..;W.K..4....c7..w....E~@.(\H....q...f ..}.w.....s.\....15..9..Bs.....\......Z_..d...G;.........g.'n....G....<....sss#.MDR3%.1...P_:..U......Y..\|."./$..!.O.P..[.i.....'..5..].?f9.p?....J...:!.}...i..]....,.4G.....ua^...k.......,Q..{...:.>....JJJ..h.!P...-...hL{..\|.k ._.DZ.L......_..<.".M.k.5..4......P6...0..V.yw(......@s.192h.-*P.....)..&......&..H2........Q.....,x6==}.K..n.46]......2.\|.F.e..z\|6..P.jH..k....N.G.G.4..H<.${2..\hN<7q..h.6.~.....}:......

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	1628
Entropy (8bit):	4.119028945591641
Encrypted:	false
SSDEEP:	24:hY8C0oLCGQMN4T5SKTRk2NOORhvNWNt3y/5gx9M:PGXNcM2BvNWNpt9M
MD5:	79645E61EA77D6F7C044D4E2BFF94FA2
SHA1:	DFAC03463903A011998AD31F9780196B52C0E236
SHA-256:	A69ABA4891EE87783FED7023C9815F0FC210380571B832AD0C99877F5F979E05
SHA-512:	A1C8D258AED4C89306E903097333AAAC262D07A7CDABBAD191C050925E7506C13F5A477A112FCFEEDED981B409AEA2286B610FB7A39B35B04BF2708364811508
Malicious:	false
Reputation:	low
URL:	https://lindex171.github.io/instalogin/index.html
Preview:	<!DOCTYPE html>.<html lang="en">..<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Instagram Login</title>. <link rel="stylesheet" href="style.css">.</head>..<body>. <div class="container">. <div class="box">. <div class="heading"></div>. <form class="login-form">. <div class="field">. <input id="username" type="name" placeholder="Phone number, username, or email" />. <label for="username">Phone number, username, or email</label>. </div>. <div class="field">. <input id="password" type="password" placeholder="password" />. <label for="password">Password</label>. </div>. <button class="login-button" title="login">Log In</button>. <div class="separator">. <div class="line"></div>. <p>

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 403 x 393, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	75003
Entropy (8bit):	7.990185264839041
Encrypted:	true
SSDEEP:	1536:ZHfMYX44J9Y0Rr+FfhbEH/PMmVu+mjRYpMGaI+2y0jZ60Lk:ZHfMYXzJ9RefhIfPMBjRaMxWy0jZ604
MD5:	60704678C56F65B5C141DBB970D2DF15
SHA1:	0AE408067E5C09DC4C873FE1B66BA2CDC6EFCA4D
SHA-256:	74493159AABFEBA948158A6172BB5DA0ED5E66A62F7182F32330BB5FDE1AC1F2
SHA-512:	2237BE480DF4D5E7C430597CEFEC449370989C9A6FF1C4DEA2CF9F79E20CDE185D9CF6E39B97309EDF6E9FD30E2BCD0A265FCC2FF698348DBA06B8A36DC120A2
Malicious:	false
Reputation:	low
URL:	https://www.instagram.com/static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png
Preview:	.PNG........IHDR.............OQ...$.IDATx..].\T...w[......oQ..Ms..45s....S3.4.2-..47.wEs.P.T.rGP..U..D.a...........0..>..7..w.....]...V.v.H. .G..i3... ...D$5S"...>....<F.U1oNNN..W.q.:u.._...6.gg.p...\\]].U9.....X..=..U...H..z.YH.Ha..s.....7...9tn..S.4i..2..H.q.."."....Hc.5.Z.e_...+....h.k.O"..Q\....q.-.r.HG3.@..T...}.-.......C.\|..u....g6>?......_A:.t...}.....9\|.:...,QwJ......!.E....9H.)...!. -F......}...].e.5.....&./..u.(F`.\|..&.;......9p.G..TQ.J2.........A....H. .1p.".../@....n..c.y.^z...M..;W.K..4....c7..w....E~@.(\H....q...f ..}.w.....s.\....15..9..Bs.....\......Z_..d...G;.........g.'n....G....<....sss#.MDR3%.1...P_:..U......Y..\|."./$..!.O.P..[.i.....'..5..].?f9.p?....J...:!.}...i..]....,.4G.....ua^...k.......,Q..{...:.>....JJJ..h.!P...-...hL{..\|.k ._.DZ.L......_..<.".M.k.5..4......P6...0..V.yw(......@s.192h.-*P.....)..&......&..H2........Q.....,x6==}.K..n.46]......2.\|.F.e..z\|6..P.jH..k....N.G.G.4..H<.${2..\hN<7q..h.6.~.....}:......

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3909)
Category:	downloaded
Size (bytes):	9115
Entropy (8bit):	6.0587900718391925
Encrypted:	false
SSDEEP:	192:Ywnb1iC9OA9XXMa9kukrALQDUnulGVopLAGCALQD6vnglET31iCLL3d:7B8H3DUulGmmv3D6vglETliCfN
MD5:	1EB970CE5A18BEC7165F016DF8238566
SHA1:	9EFD1514AF80FE14DB4ED28E9BC53975B9EE089C
SHA-256:	70D613E3ACFBA24FD2876FCBACAF639E1E111EF4D54BAF70761C47673F37D6A3
SHA-512:	21B4D800CC282CA452F7394E95D5382340AC3481A002C21DA681005A44F18EA6CF43959990CD715B4657F180E0E96D6087FE724F3200E909F9FD70EBCD5511BD
Malicious:	false
Reputation:	low
URL:	https://lindex171.github.io/favicon.ico
Preview:	<!DOCTYPE html>.<html>. <head>. <meta http-equiv="Content-type" content="text/html; charset=utf-8">. <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'">. <title>Site not found · GitHub Pages</title>. <style type="text/css" media="screen">. body {. background-color: #f1f1f1;. margin: 0;. font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;. }.. .container { margin: 50px auto 40px auto; width: 600px; text-align: center; }.. a { color: #4183c4; text-decoration: none; }. a:hover { text-decoration: underline; }.. h1 { width: 800px; position:relative; left: -100px; letter-spacing: -1px; line-height: 60px; font-size: 60px; font-weight: 100; margin: 0px 0 50px 0; text-shadow: 0 1px 0 #fff; }. p { color: rgba(0, 0, 0, 0.5); margin: 20px 0; line-height: 1.6; }.. ul { list-style: none; margin: 25px 0; padding: 0; }. li { d

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	5512
Entropy (8bit):	5.357717357457875
Encrypted:	false
SSDEEP:	96:QOS0aZVc+ukOS0aRNQO6azVc+ukO6aoNQO1a+Vc+ukO1abNQOEaDVc+ukOEaHNQ2:0pllp5behEdFLQyU3T9a7gJN
MD5:	D2E42CDACFEE15D4C784EA2FC71D1FB6
SHA1:	4A40F2B048E988B7EB348BA16B059B4F4383D0BC
SHA-256:	4B685746324C78B0BCA8449B4D6378C7AB70D243CA8F45942A67EDE56F02D4B1
SHA-512:	F7C6F6A51E678E123742332F6280C2A13092FC658195380495BC9C15165D238C7B92D57E1B99D1C8BFFF31FB11849E9EDA1EECDEC7F479437ABD2295D6740A88
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700&display=swap
Preview:	/* latin-ext /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTufntAKPY.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrLPTucHtA.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./ latin-ext */.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1JlFc-K.woff2) format('

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2622
Entropy (8bit):	4.945017936235728
Encrypted:	false
SSDEEP:	48:6wcNXgCM6fCMhGzw/5Xt67p+ym+ARWSRWL2+0xM+CMLhWHNpCM1yIyx4myyqx1o:7cNXgCDfCpK07p+EARWSRWLSxM+CyANa
MD5:	C097B22D4022C963703FBA90B783B4C4
SHA1:	153C40585BBE69595233E59A70F230DEB4E90835
SHA-256:	FC9BEE6F569A8FDD8A01F87E28DEEB8703BA881309395ECF22F19D580041F5EF
SHA-512:	838D39F3FFAAC20575B5C55545C4312F554A84D1840ECCD385F57DACB52B2DCBAB8754FF4856864B4CAEDB98AE3EDF441BC5D0F054FCEF3D68B55905D48682E4
Malicious:	false
Reputation:	low
URL:	https://lindex171.github.io/instalogin/style.css
Preview:	@import url("https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700&display=swap");..body {. box-sizing: border-box;. font-family: "Poppins", sans-serif;. background-color: black;.}..a {. text-decoration: none;.}...container {. max-width: 1000px;. margin: 0 auto;. display: flex;. justify-content: center;. flex-direction: column;. align-items: center;. margin-top: 3rem;. font-size: 14px;.}...box {. max-width: 350px;. width: 100%;. display: flex;. justify-content: center;. align-items: center;. flex-direction: column;. background-color: #ffff;. border: 1px solid #e6e6e6;. border-radius: 1px;. margin: 0 0 10px;. padding: 10px 0;. flex-grow: 1;. border-radius: 5px;.}...heading {. margin: 22px auto 12px;. background-image: url("https://www.instagram.com/static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png");. background-position: -98px 0;. height: 51px;. width: 177px;. overflow: hidden;.}...field {. margin: 10px 0;. pos

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Category:	downloaded
Size (bytes):	7884
Entropy (8bit):	7.971946419873228
Encrypted:	false
SSDEEP:	192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI
MD5:	9212F6F9860F9FC6C69B02FEDF6DB8C3
SHA1:	AC6D71B4D5FDD2B3DABC9A06FF6C001E4251DA0B
SHA-256:	7D93459D86585BFCDBB7E0376056226ADB25821EE54B96236FE2123E9560929F
SHA-512:	67317495F4B53E20A9F31C034E456E6C37F387DFFB2C092CAA5159BC441CFCADD02749FFE5BBED1D580D5300A59E48A767EF2C6D9978B474F84C1A2CD095C126
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Preview:	wOF2..............?....x.............................`..T..L.6..6..6.$..h. ..\....~2.".8. .w.Q.Y,.?$pC.....)bT(i..@X.m...+...D.Q.O.\-?g.U..Z..._...l..!.lKD.Q..>.9v..V..<...Td$.E..,...o..c.t....!...#..8.A..3..cx~n=Di#....U......K.5jXH.].....j.(.6..]{..IDhZ.......R.....[..X".B~.(Su2..../.I.E...T.l%....'.N.aN.2\,70.....V.RQ..k~..".1. Lg.zd....}.yyys&D.K.g....)....2&%$.nm.\.._.e.tU..I.w;W.\|..6..XUv...!......>@.V..'..`.H`...5.7.X.?..@#..:..<.R.\|.;K..}.6..IA.C.....z.n.G............[.....z........`.X....D..{<..j...).......FQ..T..m.&s_k[%ZILV.8.l.o.z$.)/]......}..Kg.}..O...o\|..>.,U..?..{b<........._.._.06.........R01.@..[......a8..7.V%..B.0F...4 ....q..u#.lg....x....a.=w...8..A6.>f.+.8..Xm@`.m....G.....i..^R}9.aB...?._#.[f.d,V....bG.]...iED.@[.:.....P...........~.{,.x...~.!...C....b.....ze..).:+N....2sd..s..MEp.?^[.k........p..nz...[-.XI.%.."..`..<.2b\.w.VS.a.+......~..J..uGq..)..1...4o3v.Sb......5.w7...-....Wd>..B....R^.4'..B.2G>.en.q..._.@s......

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 06:17:27.803637028 CEST	49675	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:27.803651094 CEST	49674	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:27.928584099 CEST	49673	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:36.371635914 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.371747017 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.371856928 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.372108936 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.372131109 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.372200966 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.372318983 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.372354984 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.372461081 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.372487068 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.881453037 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.882746935 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.883538961 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.883572102 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.883794069 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.883804083 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.884830952 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.884902954 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.885097980 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.885169983 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.890702009 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.890842915 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.891022921 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.891108036 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.891154051 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:36.891161919 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:36.934578896 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.014075994 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.014141083 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.035547018 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.035754919 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.035814047 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.035826921 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.035944939 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.035994053 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.117223978 CEST	49710	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.117264986 CEST	443	49710	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.170141935 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.215406895 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.298652887 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.298708916 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.298782110 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.298785925 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.298862934 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.319472075 CEST	49709	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:37.319526911 CEST	443	49709	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:37.405821085 CEST	49674	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:37.420955896 CEST	49675	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:37.541366100 CEST	49673	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:38.976939917 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:38.976967096 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:38.977113962 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.038651943 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.038661003 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.058234930 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.058347940 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.058459997 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.059412956 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.059447050 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.186057091 CEST	443	49703	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:39.186137915 CEST	49703	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:39.457437992 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:39.457539082 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:39.457623959 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:39.459579945 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:39.459616899 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:39.565207958 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.565515041 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.565524101 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.566634893 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.567023039 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.567158937 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.567162991 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.567193031 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.618211985 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.656579018 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:39.656614065 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:39.656742096 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:39.657035112 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:39.657048941 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:39.695415020 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.695552111 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.695588112 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.695616961 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.695638895 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.695647955 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.695672989 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.697628021 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.697717905 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.697722912 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.697904110 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.697966099 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.711121082 CEST	49716	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:39.711133003 CEST	443	49716	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:39.728781939 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.729958057 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.730024099 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.731080055 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.731178999 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.732882023 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.732974052 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.733582973 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:39.733601093 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:39.786741018 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.148749113 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.148859024 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.184146881 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.184201002 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.184653044 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.228825092 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.355745077 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:40.374744892 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:40.374763966 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:40.375889063 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:40.375962019 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:40.383760929 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:40.383887053 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:40.431936026 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:40.431950092 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:40.443123102 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.478883028 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:40.487411022 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.509188890 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.509237051 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.509310961 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.509366989 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.509682894 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.509731054 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.509741068 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.510369062 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.510390997 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.510443926 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.510453939 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.510502100 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.514216900 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.514285088 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.520723104 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.520782948 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.520893097 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.520939112 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.525314093 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.525376081 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.525387049 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.525409937 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.525454998 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.525463104 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.573187113 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.607556105 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.607631922 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.607664108 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.607723951 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.607738018 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.608403921 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.608670950 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.608727932 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.608735085 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.608781099 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.611579895 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.611634970 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.611674070 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.611704111 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.611754894 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.615792036 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.615847111 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.616815090 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.616851091 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.616889000 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.616902113 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.616944075 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.623059034 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.623086929 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.623116970 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.623131990 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.623174906 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.628468990 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.628520012 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.628530025 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.629014015 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.629106045 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:40.629168987 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.634429932 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.634474993 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.634625912 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.634660006 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.634723902 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.640079975 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.640165091 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.640465021 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.640646935 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.647723913 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.647794962 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.654511929 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.654586077 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.654654980 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.654712915 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.654722929 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.658919096 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.658972025 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.658972979 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.658986092 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.659038067 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.694545984 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.694634914 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.694648981 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.694667101 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.694732904 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.694741964 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.695271015 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.695426941 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.695486069 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.695494890 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.695550919 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.695940018 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.696003914 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.696259022 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.696325064 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.696758032 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.696818113 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.697123051 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.697176933 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.697185040 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.698235989 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.698401928 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.698462009 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.698471069 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.698524952 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.698966980 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.699033976 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.699094057 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.703062057 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.703274012 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.703371048 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.703381062 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.703437090 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.707284927 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.707324028 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.707376957 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.707395077 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.707447052 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.707539082 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.707611084 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.707670927 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.749471903 CEST	49717	443	192.168.2.5	157.240.0.174
Sep 29, 2024 06:17:40.749512911 CEST	443	49717	157.240.0.174	192.168.2.5
Sep 29, 2024 06:17:40.775098085 CEST	49719	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:40.775135040 CEST	443	49719	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.109040022 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.109105110 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.109211922 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.110706091 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.110723972 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.801892996 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.802006960 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.807163000 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.807197094 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.807452917 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:41.811708927 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:41.811768055 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:41.811862946 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:41.812505007 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:41.812537909 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:41.813602924 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:41.855447054 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:42.083693981 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:42.083775043 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:42.083868027 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:42.092236996 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:42.092262983 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:42.092292070 CEST	49721	443	192.168.2.5	184.28.90.27
Sep 29, 2024 06:17:42.092299938 CEST	443	49721	184.28.90.27	192.168.2.5
Sep 29, 2024 06:17:42.465625048 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:42.466243029 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:42.466278076 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:42.469868898 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:42.469944954 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:42.470884085 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:42.471115112 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:42.471476078 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:42.471491098 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:42.557993889 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.415873051 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.416115999 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.416218042 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.416254044 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.416281939 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.416313887 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.419234991 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.419297934 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.419346094 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.425945997 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.426014900 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.426031113 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.426141024 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.426203966 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.426214933 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.434284925 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.434359074 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.434371948 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.434446096 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.434540987 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.434566021 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.445682049 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.445775986 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.445791006 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.445914984 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.445977926 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.445988894 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.495511055 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.516834021 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.517035961 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.517050028 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.521410942 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.521508932 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.521522045 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.521641970 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.521706104 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.521717072 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.536809921 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.536894083 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.536899090 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.536945105 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.537110090 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.537139893 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.537158966 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.537430048 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.540165901 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.540231943 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.540250063 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.540389061 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.540452003 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.540462971 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.546570063 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.546777964 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.546787024 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.546819925 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.547050953 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.563584089 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.563646078 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.563710928 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.563801050 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.563862085 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.563874006 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.567955017 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.568036079 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.568095922 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.568109035 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.568166018 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.569356918 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.569427013 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.569456100 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.571525097 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.571578979 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.571590900 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.574073076 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.574141979 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.574153900 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.574203968 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.574362040 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.574373007 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.579878092 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.579942942 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.579955101 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.580034971 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.580086946 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.580096960 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.585110903 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.585160971 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.585172892 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.603720903 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.603804111 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.603817940 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.603988886 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.604059935 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.604070902 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.604166031 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.604213953 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.604223967 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.607971907 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.608042955 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.608055115 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.608180046 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.608268023 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.608278990 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.611334085 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.611423016 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.611434937 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.618751049 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.618815899 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.618828058 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.618918896 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.618978977 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.618994951 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.619219065 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.619267941 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.619277954 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.623764992 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.623866081 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.623878002 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.623940945 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.624002934 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.624013901 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.631762028 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.631827116 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.631838083 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.637440920 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.637501001 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.637511969 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.639717102 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.639780045 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.639794111 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.640383959 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.640455008 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.640465975 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.640876055 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:43.640950918 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.641422033 CEST	49722	443	192.168.2.5	157.240.252.174
Sep 29, 2024 06:17:43.641453981 CEST	443	49722	157.240.252.174	192.168.2.5
Sep 29, 2024 06:17:50.160235882 CEST	49703	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:50.160386086 CEST	49703	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:50.160779953 CEST	49728	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:50.160826921 CEST	443	49728	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:50.160912991 CEST	49728	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:50.161179066 CEST	49728	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:50.161189079 CEST	443	49728	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:50.165118933 CEST	443	49703	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:50.165148020 CEST	443	49703	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:50.232379913 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:50.232456923 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:50.232748985 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:50.753299952 CEST	443	49728	23.1.237.91	192.168.2.5
Sep 29, 2024 06:17:50.753384113 CEST	49728	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:17:51.107984066 CEST	49720	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:17:51.108009100 CEST	443	49720	142.250.186.164	192.168.2.5
Sep 29, 2024 06:17:59.840661049 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:59.840765953 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:17:59.840903044 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:59.841984987 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:17:59.842022896 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:00.327308893 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:00.327625990 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:18:00.327683926 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:00.328787088 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:00.329155922 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:18:00.329340935 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:00.370089054 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:18:09.900542021 CEST	443	49728	23.1.237.91	192.168.2.5
Sep 29, 2024 06:18:09.900628090 CEST	49728	443	192.168.2.5	23.1.237.91
Sep 29, 2024 06:18:16.705094099 CEST	51303	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:18:16.709839106 CEST	53	51303	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:16.709898949 CEST	51303	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:18:16.709952116 CEST	51303	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:18:16.714704990 CEST	53	51303	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:17.154047966 CEST	53	51303	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:17.174865961 CEST	51303	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:18:17.180094004 CEST	53	51303	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:17.180989027 CEST	51303	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:18:39.683465004 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:39.683571100 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:39.683711052 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:39.683917999 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:39.683955908 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:40.330060959 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:40.330351114 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:40.330415964 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:40.330888033 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:40.331208944 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:40.331305981 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:40.385510921 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:45.338977098 CEST	49731	443	192.168.2.5	185.199.108.153
Sep 29, 2024 06:18:45.339019060 CEST	443	49731	185.199.108.153	192.168.2.5
Sep 29, 2024 06:18:50.255429029 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:50.255511045 CEST	443	51307	142.250.186.164	192.168.2.5
Sep 29, 2024 06:18:50.255805969 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:51.113995075 CEST	51307	443	192.168.2.5	142.250.186.164
Sep 29, 2024 06:18:51.114028931 CEST	443	51307	142.250.186.164	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 29, 2024 06:17:34.866018057 CEST	53	49973	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:34.879544973 CEST	53	53048	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:36.100892067 CEST	53	62640	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:36.305593967 CEST	60440	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:36.305668116 CEST	55747	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:36.366743088 CEST	53	55747	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:36.368556976 CEST	53	60440	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:37.193402052 CEST	53	50346	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:37.372375011 CEST	53	59323	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:38.974883080 CEST	61614	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:38.975428104 CEST	49676	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:39.010277033 CEST	53	61614	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:39.010426044 CEST	53	49676	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:39.622152090 CEST	61964	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:39.622802019 CEST	59289	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:39.652122021 CEST	53	61964	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:39.652134895 CEST	53	59289	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:41.803220987 CEST	59694	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:41.803952932 CEST	56742	53	192.168.2.5	1.1.1.1
Sep 29, 2024 06:17:41.809911013 CEST	53	59694	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:41.810748100 CEST	53	56742	1.1.1.1	192.168.2.5
Sep 29, 2024 06:17:53.628657103 CEST	53	52828	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:12.659463882 CEST	53	55056	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:16.704696894 CEST	53	57757	1.1.1.1	192.168.2.5
Sep 29, 2024 06:18:34.622065067 CEST	53	56990	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 29, 2024 06:17:36.305593967 CEST	192.168.2.5	1.1.1.1	0xf19d	Standard query (0)	lindex171.github.io	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:36.305668116 CEST	192.168.2.5	1.1.1.1	0x263f	Standard query (0)	lindex171.github.io	65	IN (0x0001)	false
Sep 29, 2024 06:17:38.974883080 CEST	192.168.2.5	1.1.1.1	0x6eae	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:38.975428104 CEST	192.168.2.5	1.1.1.1	0x5f0f	Standard query (0)	www.instagram.com	65	IN (0x0001)	false
Sep 29, 2024 06:17:39.622152090 CEST	192.168.2.5	1.1.1.1	0xdeba	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:39.622802019 CEST	192.168.2.5	1.1.1.1	0xc8d7	Standard query (0)	www.google.com	65	IN (0x0001)	false
Sep 29, 2024 06:17:41.803220987 CEST	192.168.2.5	1.1.1.1	0xae53	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:41.803952932 CEST	192.168.2.5	1.1.1.1	0x63dc	Standard query (0)	www.instagram.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 29, 2024 06:17:36.368556976 CEST	1.1.1.1	192.168.2.5	0xf19d	No error (0)	lindex171.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:36.368556976 CEST	1.1.1.1	192.168.2.5	0xf19d	No error (0)	lindex171.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:36.368556976 CEST	1.1.1.1	192.168.2.5	0xf19d	No error (0)	lindex171.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:36.368556976 CEST	1.1.1.1	192.168.2.5	0xf19d	No error (0)	lindex171.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:39.010277033 CEST	1.1.1.1	192.168.2.5	0x6eae	No error (0)	www.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:17:39.010277033 CEST	1.1.1.1	192.168.2.5	0x6eae	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.0.174	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:39.010426044 CEST	1.1.1.1	192.168.2.5	0x5f0f	No error (0)	www.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:17:39.652122021 CEST	1.1.1.1	192.168.2.5	0xdeba	No error (0)	www.google.com		142.250.186.164	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:39.652134895 CEST	1.1.1.1	192.168.2.5	0xc8d7	No error (0)	www.google.com			65	IN (0x0001)	false
Sep 29, 2024 06:17:41.809911013 CEST	1.1.1.1	192.168.2.5	0xae53	No error (0)	www.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:17:41.809911013 CEST	1.1.1.1	192.168.2.5	0xae53	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.252.174	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:17:41.810748100 CEST	1.1.1.1	192.168.2.5	0x63dc	No error (0)	www.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:17:49.506968021 CEST	1.1.1.1	192.168.2.5	0x2073	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:17:49.506968021 CEST	1.1.1.1	192.168.2.5	0x2073	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:18:03.562943935 CEST	1.1.1.1	192.168.2.5	0x982f	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:18:03.562943935 CEST	1.1.1.1	192.168.2.5	0x982f	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:18:51.059777021 CEST	1.1.1.1	192.168.2.5	0x2da9	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:18:51.059777021 CEST	1.1.1.1	192.168.2.5	0x2da9	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Sep 29, 2024 06:19:00.190742970 CEST	1.1.1.1	192.168.2.5	0xd0cf	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Sep 29, 2024 06:19:00.190742970 CEST	1.1.1.1	192.168.2.5	0xd0cf	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

lindex171.github.io

https:

www.instagram.com

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49710	185.199.108.153	443	4292	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:36 UTC	683	OUT	GET /instalogin/index.html HTTP/1.1 Host: lindex171.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:17:37 UTC	732	IN	HTTP/1.1 200 OK Connection: close Content-Length: 1628 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sat, 07 Sep 2024 14:08:11 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "66dc5e4b-65c" expires: Sun, 29 Sep 2024 04:27:36 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 10BC:1731:1613A70:19223F0:66F8D4E0 Accept-Ranges: bytes Age: 0 Date: Sun, 29 Sep 2024 04:17:36 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740029-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727583457.968085,VS0,VE23 Vary: Accept-Encoding X-Fastly-Request-ID: 9e9e5b51c95f06971679d02b79d71cb0ad0777d6
2024-09-29 04:17:37 UTC	1378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 49 6e 73 74 61 67 72 61 6d 20 4c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 74 79 6c 65 2e 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Instagram Login</title> <link rel="stylesheet" href="style.css"></head><body> <div class="
2024-09-29 04:17:37 UTC	250	IN	Data Raw: 6f 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 23 22 3e 46 6f 72 67 6f 74 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 44 6f 6e 27 74 20 68 61 76 65 20 61 6e 20 61 63 63 6f 75 6e 74 3f 20 3c 61 20 63 6c 61 73 73 3d 22 73 69 67 6e 75 70 22 20 68 72 65 66 3d 22 23 22 3e 53 69 67 6e 20 55 70 3c 2f 61 3e 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e Data Ascii: ot-password" href="#">Forgot password?</a> </div> </form> </div> <div class="box"> <p>Don't have an account? <a class="signup" href="#">Sign Up</a></p> </div> </div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49709	185.199.108.153	443	4292	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:37 UTC	578	OUT	GET /instalogin/style.css HTTP/1.1 Host: lindex171.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://lindex171.github.io/instalogin/index.html Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:17:37 UTC	733	IN	HTTP/1.1 200 OK Connection: close Content-Length: 2622 Server: GitHub.com Content-Type: text/css; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Sat, 07 Sep 2024 14:08:11 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "66dc5e4b-a3e" expires: Sun, 29 Sep 2024 04:27:37 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 8993:34E664:2D0F30E:324470A:66F8D4E0 Accept-Ranges: bytes Age: 0 Date: Sun, 29 Sep 2024 04:17:37 GMT Via: 1.1 varnish X-Served-By: cache-ewr-kewr1740041-EWR X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727583457.229347,VS0,VE17 Vary: Accept-Encoding X-Fastly-Request-ID: 08bb09d2e46d9abb3b4c43f6dec20596368f2b0e
2024-09-29 04:17:37 UTC	1378	IN	Data Raw: 40 69 6d 70 6f 72 74 20 75 72 6c 28 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 50 6f 70 70 69 6e 73 3a 77 67 68 74 40 31 30 30 3b 32 30 30 3b 33 30 30 3b 34 30 30 3b 35 30 30 3b 36 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 29 3b 0a 0a 62 6f 64 79 20 7b 0a 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 50 6f 70 70 69 6e 73 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 0a 7d 0a 0a 61 20 7b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 7d 0a 0a 2e 63 6f 6e 74 61 69 6e 65 72 Data Ascii: @import url("https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700&display=swap");body { box-sizing: border-box; font-family: "Poppins", sans-serif; background-color: black;}a { text-decoration: none;}.container
2024-09-29 04:17:37 UTC	1244	IN	Data Raw: 59 28 31 30 70 78 29 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 36 70 78 3b 0a 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 65 61 73 65 2d 6f 75 74 20 30 2e 31 73 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 39 39 39 3b 0a 20 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 36 70 78 3b 0a 7d 0a 0a 69 6e 70 75 74 3a 3a 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0a 20 20 76 69 73 69 62 69 6c 69 74 79 3a 20 68 69 64 64 65 6e 3b 0a 7d 0a 0a 2e 6c 6f 67 69 6e 2d 66 6f 72 6d 20 3a 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 0a 7d 0a 0a 69 6e 70 75 74 3a 6e 6f 74 28 3a 70 6c 61 63 65 68 6f 6c 64 65 72 2d 73 68 6f 77 6e 29 20 2b 20 Data Ascii: Y(10px); line-height: 6px; transition: all ease-out 0.1s; font-size: 14px; color: #999; padding-top: 6px;}input::placeholder { visibility: hidden;}.login-form ::-moz-placeholder { color: transparent;}input:not(:placeholder-shown) +

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.5	49716	185.199.108.153	443	4292	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:39 UTC	615	OUT	GET /favicon.ico HTTP/1.1 Host: lindex171.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lindex171.github.io/instalogin/index.html Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:17:39 UTC	637	IN	HTTP/1.1 404 Not Found Connection: close Content-Length: 9115 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() ETag: "66f42b03-239b" Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' X-GitHub-Request-Id: 98AE:19E0B5:29EAE0E:2EEE352:66F8D4E1 Accept-Ranges: bytes Age: 0 Date: Sun, 29 Sep 2024 04:17:39 GMT Via: 1.1 varnish X-Served-By: cache-nyc-kteb1890084-NYC X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1727583460.637250,VS0,VE12 Vary: Accept-Encoding X-Fastly-Request-ID: b69c9a4bed3e44273920135772085756140eb1cd
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 20 69 6d 67 2d 73 72 63 20 64 61 74 61 3a 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'"> <title>S
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 20 32 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 31 39 32 64 70 69 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 32 64 70 70 78 29 20 7b 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 31 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 32 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 20 7d 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 23 73 75 Data Ascii: ice-pixel-ratio: 2), only screen and ( min-resolution: 192dpi), only screen and ( min-resolution: 2dppx) { .logo-img-1x { display: none; } .logo-img-2x { display: inline-block; } } #su
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 78 34 4f 6e 68 74 63 47 31 6c 64 47 45 67 65 47 31 73 62 6e 4d 36 65 44 30 69 59 57 52 76 59 6d 55 36 62 6e 4d 36 62 57 56 30 59 53 38 69 49 48 67 36 65 47 31 77 64 47 73 39 49 6b 46 6b 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 Data Ascii: x4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvb
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 45 39 46 4e 72 67 77 42 43 4c 69 72 4d 46 56 39 4f 6b 68 35 65 66 6c 46 68 38 50 52 35 6e 4b 35 6e 44 61 62 72 52 32 42 4e 4a 6c 4b 4f 30 54 33 35 2b 4c 69 34 6e 34 2b 2f 4a 2b 2f 4a 51 43 78 68 6d 75 35 68 33 75 4a 6f 58 4e 48 50 62 6d 57 5a 41 48 4d 73 68 57 42 38 6c 35 2f 69 70 71 61 6d 6d 61 41 66 30 7a 50 44 44 78 31 4f 4e 56 33 76 75 72 64 69 64 71 77 41 51 4c 2b 70 45 63 38 73 4c 63 41 65 31 43 43 76 51 33 59 48 78 49 57 38 50 6c 38 35 78 53 57 4e 43 31 68 41 44 44 49 76 30 72 49 45 2f 6f 34 4a 30 6b 33 6b 77 77 34 78 53 6c 77 49 68 63 71 33 45 46 46 4f 6d 37 4b 4e 2f 68 55 47 4f 51 6b 74 30 43 46 61 35 57 70 4e 4a 6c 4d 76 78 42 45 7a 2f 49 56 51 41 78 67 2f 5a 52 5a 6c 39 77 69 48 41 36 33 79 44 59 69 65 4d 37 44 6e 4c 50 35 43 69 41 47 73 43 37 Data Ascii: E9FNrgwBCLirMFV9Okh5eflFh8PR5nK5nDabrR2BNJlKO0T35+Li4n4+/J+/JQCxhmu5h3uJoXNHPbmWZAHMshWB8l5/ipqammaAf0zPDDx1ONV3vurdidqwAQL+pEc8sLcAe1CCvQ3YHxIW8Pl85xSWNC1hADDIv0rIE/o4J0k3kww4xSlwIhcq3EFFOm7KN/hUGOQkt0CFa5WpNJlMvxBEz/IVQAxg/ZRZl9wiHA63yDYieM7DnLP5CiAGsC7
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 69 42 79 5a 47 59 36 59 57 4a 76 64 58 51 39 49 69 49 67 65 47 31 73 62 6e 4d 36 65 47 31 77 50 53 4a 6f 64 48 52 77 4f 69 38 76 62 6e 4d 75 59 57 52 76 59 6d 55 75 59 32 39 74 4c 33 68 Data Ascii: b2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3h
2024-09-29 04:17:39 UTC	1378	IN	Data Raw: 74 34 32 66 2b 4d 70 30 79 55 54 56 51 62 64 57 73 41 48 56 73 69 6b 64 69 48 6b 48 61 50 78 63 51 58 51 75 66 58 67 55 42 67 4d 52 78 6d 65 39 55 30 41 41 78 66 48 34 76 46 76 6a 4d 37 65 46 36 55 6b 62 4a 53 35 71 6f 51 77 45 51 47 41 35 37 41 63 35 4a 6c 6c 46 79 55 56 5a 5a 35 63 6b 55 45 67 4d 56 78 73 4b 32 6a 6c 53 59 7a 49 2b 51 58 4a 73 69 79 6a 7a 4e 45 41 4a 79 4a 41 7a 62 2f 4b 51 61 34 31 6a 4a 4b 4c 38 70 4f 44 4d 51 69 54 45 41 79 6d 58 77 35 6e 38 2f 50 30 49 6a 44 33 62 68 37 52 67 6f 67 35 39 61 61 6e 78 69 49 52 54 56 76 56 2f 6f 6a 30 74 6e 48 63 61 2f 57 4d 72 56 77 4f 44 77 42 33 72 61 54 47 78 7a 6b 42 67 2f 67 6e 5a 56 61 70 46 56 36 32 57 79 32 6e 35 41 4f 37 30 48 4d 2f 35 77 62 4a 30 51 6e 58 79 51 53 61 56 50 44 49 75 4e 5a 7a Data Ascii: t42f+Mp0yUTVQbdWsAHVsikdiHkHaPxcQXQufXgUBgMRxme9U0AAxfH4vFvjM7eF6UkbJS5qoQwEQGA57Ac5JllFyUVZZ5ckUEgMVxsK2jlSYzI+QXJsiyjzNEAJyJAzb/KQa41jJKL8pODMQiTEAymXw5n8/P0IjD3bh7Rgog59aanxiIRTVvV/oj0tnHca/WMrVwODwB3raTGxzkBg/gnZVapFV62Wy2n5AO70HM/5wbJ0QnXyQSaVPDIuNZz
2024-09-29 04:17:39 UTC	847	IN	Data Raw: 36 73 64 34 32 39 54 55 4e 45 63 6d 55 64 63 2b 50 52 61 4c 48 63 76 6e 38 37 64 58 57 34 75 67 7a 64 73 61 47 78 75 66 4c 39 34 4e 46 76 39 7a 69 31 4a 37 47 56 62 68 6c 76 62 32 64 6e 61 4a 33 53 56 72 78 66 63 2b 6e 32 2b 4e 54 73 5a 37 2f 48 37 2f 4d 72 33 67 35 58 64 53 49 48 79 4a 53 48 31 50 5a 2b 37 66 54 6f 79 6c 32 2b 45 72 71 69 6c 67 5a 34 4e 61 4c 59 42 39 67 6f 56 47 61 48 6a 52 39 33 48 76 31 5a 72 55 34 58 44 73 46 54 32 30 6b 48 33 50 4f 62 7a 62 57 6b 30 43 67 47 31 6a 61 63 56 49 55 6e 41 51 62 39 46 2b 56 65 78 79 4c 4d 7a 6b 70 63 4c 76 30 49 4a 56 37 41 48 51 49 4f 43 41 55 59 48 78 37 76 35 71 67 53 63 6d 59 48 74 54 71 53 41 79 5a 4c 45 4a 54 4b 32 32 42 69 65 34 69 71 33 78 73 71 70 6d 34 53 41 66 39 48 71 39 61 32 44 6e 4a 34 75 Data Ascii: 6sd429TUNEcmUdc+PRaLHcvn87dXW4ugzdsaGxufL94NFv9zi1J7GVbhlvb2dnaJ3SVrxfc+n2+NTsZ7/H7/Mr3g5XdSIHyJSH1PZ+7fToyl2+ErqilgZ4NaLYB9goVGaHjR93Hv1ZrU4XDsFT20kH3PObzbWk0CgG1jacVIUnAQb9F+VexyLMzkpcLv0IJV7AHQIOCAUYHx7v5qgScmYHtTqSAyZLEJTK22Bie4iq3xsqpm4SAf9Hq9a2DnJ4u

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.5	49717	157.240.0.174	443	4292	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:39 UTC	644	OUT	GET /static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png HTTP/1.1 Host: www.instagram.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lindex171.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:17:40 UTC	360	IN	HTTP/1.1 200 OK Content-Type: image/png Vary: Accept-Encoding Access-Control-Allow-Origin: * cross-origin-resource-policy: cross-origin ETag: "b20f2a3cd7e4" Cache-Control: public,max-age=31536000,immutable Edge-Control: max-age=1209600, no-transform Date: Sun, 29 Sep 2024 04:17:40 GMT x-fb-load: 407 Transfer-Encoding: chunked Connection: close
2024-09-29 04:17:40 UTC	1140	IN	Data Raw: 65 36 36 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 93 00 00 01 89 08 06 00 00 00 4f 51 de 9c 00 01 24 c2 49 44 41 54 78 da ec 5d 09 5c 54 d5 f7 1f 77 5b cc ca fa f5 fb f5 6f 51 b3 d4 94 4d 73 df b0 cc a5 34 35 73 b7 dc cd 16 53 33 b7 34 a5 32 2d d7 d4 34 37 16 77 45 73 df 50 94 54 dc 72 47 50 11 91 55 14 04 44 10 61 18 e0 fc cf 19 ce a3 cb f3 cd ca cc 30 c0 dc 3e a7 91 37 f7 dd 77 ef 9d f7 ce f7 9d 5d a5 b2 d3 56 bb 76 ed 2a 48 ef 20 f5 47 fa 09 69 33 d2 09 a4 20 a4 08 a4 44 24 35 53 22 1f 0b e2 3e 9b f9 9c fe 3c 46 15 55 31 6f 4e 4e 4e cf d5 ab 57 af 71 9d 3a 75 9a d7 af 5f ff d5 e2 36 7f 67 67 e7 a7 70 fe 8d 90 5c 5c 5d 5d 9f 55 39 9a a3 99 d6 ca 58 88 8a 3d 1f a8 55 ab d6 db 48 bd de 7a eb ad 59 48 fe 48 61 cc 03 73 99 12 e9 18 7f Data Ascii: e66PNGIHDROQ$IDATx]\Tw[oQMs45sS342-47wEsPTrGPUDa0>7w]Vv*H Gi3 D$5S"><FU1oNNNWq:u_6ggp\\]]U9X=UHzYHHas
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 00 c3 2f 10 2c 5f 27 57 61 94 be ca 3b f8 6b a9 04 92 7c 69 24 31 31 b1 2b 32 f8 ab 60 e3 46 d7 a4 6b cb a4 14 ab 03 4a cd 9a 35 f1 31 78 2b 90 0d e2 a4 ca fe 6f 51 ff 30 34 07 9a 0b cf 29 90 e6 58 94 8c a4 2b 52 92 c0 34 32 91 b1 fc 48 aa 9a e2 72 a7 d3 5c 69 ce ac b7 94 18 1f b9 d9 75 b5 b2 54 32 5f 26 95 7c 28 7d 47 4c 57 01 4c b6 d9 db de e1 cd f8 76 21 5c b8 33 c9 96 85 b4 cb c1 6f 4b 3c 90 e4 4b 23 d5 ab 57 af fc e8 d1 a3 d9 50 c4 8d e6 40 73 d1 21 a5 58 b4 bd f1 c6 1b f5 c9 46 8b f7 7a 16 d2 44 0f 0f 8f b2 f6 f2 03 d1 5c 68 4e 34 37 9a 23 cd d5 d6 6f f5 15 e4 cc 10 27 73 00 99 4b ad e2 7a d7 d3 dc 69 0d 32 3d ff 7c 5a ab 15 ae 45 ce 01 29 c2 de a5 8a 6f eb 78 dd ea 0a 6f f6 db ed 6d cf 70 5e 5f 16 36 2e 08 d7 95 ec e0 b9 a5 03 48 56 af 5e 5d 4d a3 Data Ascii: /,_'Wa;k\|i$11+2`FkJ51x+oQ04)X+R42Hr\iuT2_&\|(}GLWLv!\3oK<K#WP@s!XFzD\hN47#o'sKzi2=\|ZE)oxomp^_6.HV^]M
2024-09-29 04:17:40 UTC	1053	IN	Data Raw: e3 91 aa c1 50 d0 a2 52 60 a3 a4 f3 67 bb 85 68 77 08 a1 80 42 85 31 1b 19 63 23 10 e6 69 f0 a6 22 a3 9d c2 79 59 06 ee 35 1f 85 73 be 91 f5 59 a4 63 4e b5 e5 e3 91 64 c0 0f 5d 81 ec d1 a4 ba 93 ad 73 8b c2 98 97 14 a4 b4 7b 26 82 c9 08 85 35 6e 50 c8 66 dd 49 36 1f 3f a5 f1 94 24 48 3c be 47 07 98 78 e9 99 5b 1d 7e eb 74 d1 d3 27 a6 b0 ea ad f6 ed db 3f 95 93 93 73 cd 30 94 e4 6a ff 9f 91 a9 81 73 17 13 61 d6 a2 30 18 f0 f5 65 e8 fa d9 79 e8 d2 ef 02 74 ed 77 0e ba f7 3b 0f bd fa 9e 87 fe bd cf c2 c0 5e a7 61 d8 27 a7 60 e4 c7 27 e1 eb 6e 27 60 4c 97 40 18 f7 e1 31 98 d8 e9 18 4c e9 70 0c a6 be ff 37 4c 6f 1b 00 3f b6 3a 02 bf b4 3e 02 8b 3e 3c 0e db 27 5f 82 30 04 27 75 86 da 68 30 a1 b9 d3 1a 4c 55 77 21 d3 6d cd bf eb 06 95 85 e3 55 c8 71 85 73 0c c6 Data Ascii: PR`ghwB1c#i"yY5sYcNd]s{&5nPfI6?$H<Gx[~t'?s0jsa0eytw;^a'`'n'`L@1Lp7Lo?:>><'_0'uh0LUw!mUqs
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 31 31 38 62 0d 0a 5e 15 d2 c0 6f 3d 52 76 fe 21 d9 f9 37 14 ce 0f 90 f5 49 d2 55 4f 47 2e e9 50 5f 63 80 95 5d c4 25 cf b4 0c da 43 8a 4d 92 ed 43 4b d9 4b c8 36 05 cf af d3 85 90 4a 2a a7 a5 a5 4d 37 ca 73 2a 33 1b fc b7 47 c1 b7 9f 04 c2 b0 d6 01 30 b1 e7 71 d8 e6 19 0a 77 6f 3f 84 dc 9c 5c 4b c4 8e 40 4a 4c 2a 9c 5d 1a 04 5b 3b 1d 80 35 6e bb 60 4b 87 83 70 6d d3 4d d0 a8 35 46 8d 41 6b a1 35 19 23 9d 70 f1 a9 9c 5a b5 6a b9 19 f9 c6 ff 01 47 9c c7 b2 5d b0 25 bd 60 28 11 65 fa 15 ed 5d 7a c6 7c 9d fa ea 1a 87 79 ea 37 7c cd 87 34 07 63 e6 4a 6b 62 3e f5 87 29 cc ad ab f8 86 62 eb 38 12 0a 0e 63 15 4d bc 09 3a 6a d2 17 8e b7 75 3e 30 da 1b 59 60 a3 59 b9 bc 28 18 90 1f 7a 6f 41 dd e1 a2 c0 90 b7 c8 54 27 6f 28 81 83 e8 e5 83 37 56 17 e1 b7 fd 4d 61 cc Data Ascii: 118b^o=Rv!7IUOG.P_c]%CMCKK6JM7s3G0qwo?\K@JL*][;5n`KpmM5FAk5#pZjG]%`(e]z\|y7\|4cJkb>)b8cM:ju>0Y`Y(zoAT'o(7VMa
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: d8 4b 2a 85 85 85 b5 31 56 15 95 10 f9 00 b6 4c 0d 84 9f 1a ad 07 af 41 7b 20 fc 64 8c 4e 69 24 f3 de 43 88 d8 74 1e 8e f7 5a 0d 07 dd 16 c0 a1 7a 73 e0 70 fd 79 10 50 7f 2e 1c 41 fa db 6d 1e fc d3 d3 07 62 37 9e 03 35 f6 cd b8 93 06 11 3e e7 e1 d2 b7 fb 20 72 53 10 64 26 e7 81 c6 bd e3 d1 70 ba cf 2e 38 54 7f 35 04 8d 3f 0a e9 b7 8c 2f 31 7f e3 c6 8d d6 ac ea 7a cc 6e 82 cc 9c dc b9 49 b5 3c df d8 e7 5b 02 13 73 d4 f2 1c 01 7f 80 dd 75 d3 f9 df 6d cd e0 31 1f 9b 02 26 3c 6f 7a 19 51 d3 9a 0d aa 0e a8 48 94 8d 6d 24 46 e5 58 32 b6 71 2c 42 88 b0 9e 8f 6d b8 9e 1f 75 a9 98 cc b8 61 de 51 60 40 6b 65 aa b0 7a 7a c0 a4 93 c2 98 fb 0c 81 09 e5 6f 92 f4 e9 4a f6 1f ce 75 25 37 26 ab 25 fb 09 fe fd 9e 0e d5 cb 15 1d eb fc c8 14 c9 84 00 d5 50 40 9f b0 06 11 4c Data Ascii: K*1VLA{ dNi$CtZzspyP.Amb75> rSd&p.8T5?/1znI<[sum1&<ozQHm$FX2q,BmuaQ`@kezzoJu%7&%P@L
2024-09-29 04:17:40 UTC	1499	IN	Data Raw: 72 6f 16 82 40 2f ea 90 4c 88 c1 3e 6d 6c b0 a2 d6 66 72 21 12 f6 8d 58 0f 9b 9c e6 c0 b1 e1 1b e0 de 85 e8 82 91 e7 21 51 70 fd 4b 4f 38 57 77 02 5c ef ff 07 a4 9c bc 61 d8 43 ec c4 0d b8 d9 6f 19 04 d7 99 02 b7 46 ae 81 f4 e0 82 92 c7 03 04 93 eb 83 b6 c0 d9 3a 0b e1 f2 90 ad 90 74 c1 78 30 a1 b5 d1 1a 95 c0 84 ee 63 64 b0 a7 50 3a 78 c6 ca 60 d2 4b 57 7d 11 a9 7e 8a a2 2d c3 82 60 42 6b a4 b5 3e 96 1e 89 e2 16 a4 dc 3f 14 7c 65 43 66 3b 57 0a 48 d4 17 47 62 01 30 a9 26 31 0b b9 c7 91 35 1b 67 99 4d 57 8a 0d 31 b6 51 c1 1b 05 a6 f9 9d ec 65 40 29 7f d7 3d 63 1c 04 c4 fe c2 5c e3 24 a3 bb 18 c8 46 6f e7 12 53 65 83 f5 6e 5d 7a 78 49 02 e4 94 1d b9 f2 b8 14 3a 9f 24 14 8a 3b e1 63 53 68 6c 05 e9 64 b7 ec 9e 19 2b 8c b3 53 57 00 20 d7 78 79 64 08 74 38 58 Data Ascii: ro@/L>mlfr!X!QpKO8Ww\aCoF:tx0cdP:x`KW}~-`Bk>?\|eCf;WHGb0&15gMW1Qe@)=c\$FoSen]zxI:$;cShld+SW xydt8X
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 31 37 37 30 0d 0a 43 fa d5 90 02 df 67 a7 a5 42 9a af 0f dc 1b fc 11 dc 1b d0 11 1e 2c 9f 07 9a 3b 31 84 1a 8a 40 92 15 15 07 89 3f fa 40 94 db 28 88 7c e7 3b 48 5c bc 17 b2 1f a4 3f 06 26 b7 06 7b 43 70 1d 0f 08 1d be 06 52 2e 19 0f 26 b4 36 5d 06 78 6b bb 06 53 ba 14 7e 09 19 47 cf 11 dd cb 3a e8 7b ea 43 7d 8d 49 b1 62 11 d7 60 1c a4 b3 31 09 f0 1c 60 52 e8 75 76 12 d6 da d9 c4 73 0f 8a 06 5d b9 3d c2 d1 0a 2f 39 2a 79 b7 29 95 ed 75 34 9d ad 80 6b 70 7a 7a fa 6a 63 99 73 6a 68 28 dc 9a f1 23 dc ec fb 21 c4 cd 98 00 8f ae 5f 79 9c 81 87 5e 82 d4 b9 63 21 65 70 4b b8 ff 45 47 78 b8 72 26 64 5d bf 00 39 29 49 00 8f d2 21 37 23 1d 72 92 93 41 7d f9 0a dc 9f b5 14 ee be 37 0c 62 1b 0c 82 bb 9f cf 87 47 e7 6f 3e 7e cd b3 e1 10 31 c8 13 42 de 9e 0e a1 23 56 Data Ascii: 1770CgB,;1@?@(\|;H\?&{CpR.&6]xkS~G:{C}Ib`1`Ruvs]=/9*y)u4kpzzjcsjh(#!_y^c!epKEGxr&d]9)I!7#rA}7bGo>~1B#V
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 78 d8 b0 61 2f e5 e4 e4 c4 19 8e 2a d7 40 56 dc 39 50 1f 1a 07 9a cd ef 82 66 e7 87 a0 39 39 1e b2 6f 6e 82 9c f8 33 00 29 a1 90 fb 30 12 72 d3 63 91 e2 90 ee e2 df 4c 69 48 a9 77 20 e7 41 1c e4 a4 dc 86 9c e4 58 c8 be 17 03 9a bb 51 a0 89 be 09 ea eb c1 90 71 ea 24 3c 58 b3 05 e2 47 ce 80 e8 26 a3 20 dc 79 2c 44 8f 58 0e a9 67 6e 42 4e 76 8e 31 51 ef 71 b4 16 d5 e3 2e c1 ba c0 a4 31 87 02 ac 65 d0 d1 d9 38 83 43 20 e5 4c c3 7b b2 4d 11 3c 17 6d 38 5f 5b a0 11 a5 47 ca 92 9d 84 d7 d6 58 64 6c 41 fa 0a 28 59 52 22 11 81 84 52 80 53 54 33 a9 9d 8a 92 68 0e 3c 97 7c 40 b1 b6 84 22 d4 fa 08 72 f0 1e 9b bf 7d 79 8b 46 77 a5 4c 04 52 51 30 01 4c 5e 77 ec 9c d9 d2 09 79 3c 55 89 8b 8b fb c6 18 55 57 4e 56 3a 64 c5 1c 03 cd 89 c9 90 7d f0 13 c8 f6 ff 18 72 8e 0f Data Ascii: xa/*@V9Pf99on3)0rcLiHw AXQq$<XG& y,DXgnBNv1Qq.1e8C L{M<m8_[GXdlA(YR"RST3h<\|@"r}yFwLRQ0L^wy<UUWNV:d}r
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 51 02 14 c9 86 42 06 ee 67 af 5f bf de cb 70 60 a3 55 d4 5a d7 e9 da 34 07 9e 8b 68 23 b1 38 90 08 2a af b7 38 85 0a f1 9c d5 d5 ab 57 ff 6f 51 f3 40 ae e9 be 9a e7 14 48 73 34 45 e5 d2 5f 48 1b 51 df 01 26 d6 05 13 da 63 a5 14 f4 f8 ef 97 91 ae 20 53 f9 d2 a1 15 29 5d 8d 62 5f e8 b7 a7 7b a0 84 83 89 3e 40 21 d7 db 67 70 2f 5e 88 89 89 19 6d 4c 2e af c2 36 ba 06 5d 8b ae a9 ca 8b 23 79 ca 56 40 22 fc f6 2f e0 8b c5 9f cc bc af 9b 52 ea d7 0a ea 77 2a c1 7b 9d dd 7f ff e4 7d 31 69 00 9b 14 c7 72 80 49 fe 35 14 8b 63 b1 bb f0 06 07 6b 2d b5 80 b2 41 74 cf 2f c1 60 22 02 8a 64 94 2f 2f a8 bd 48 32 a8 da a7 4f 9f 97 13 12 12 66 18 93 be de 0c 4f ad 24 1a 9b ae 41 d7 e2 6b 4a 6a ad f2 2a 0b 19 db 4d d9 0f e4 05 54 ff 24 96 55 a0 eb 91 4f 34 b4 21 df 6b 48 d7 Data Ascii: QBg_p`UZ4h#88WoQ@Hs4E_HQ&c S)]b_{>@!gp/^mL.6]#yV@"/Rw{}1irI5ck-At/`"d//H2OfO$AkJj*MT$UO4!kH
2024-09-29 04:17:40 UTC	1500	IN	Data Raw: 73 7e c4 cf a9 5c 2d ee 6f fc 7b 8f a8 4a 2b d5 60 52 d0 d8 ae 04 24 3e 02 90 78 69 34 9a 45 cd 5b 34 af a3 55 0f d9 37 98 38 5a 71 6a 52 9e 2e 2a 16 2f d7 e9 3b c0 c4 fc 46 7b 49 7b aa 2b 1f 97 19 92 c9 6d a9 76 33 32 d5 d1 ec f5 41 3a d3 2c fc 9b ec 19 6f 5b e1 65 c0 07 c7 f6 62 2f 91 d7 09 10 f0 ef f7 f1 5a bf 28 c5 27 51 3f fc fe 86 0e 30 09 c2 73 6a f3 b8 ad 48 02 91 83 09 9e f7 2a 1e 0f 41 fa 00 af 51 09 7f 9b 0e f4 37 79 a8 e0 e7 af 52 31 37 52 b7 91 ca 0b 87 1b 52 ea c1 c4 34 20 f1 cc ca ca 5a f2 d9 c0 cf 5a aa c8 50 5d 46 6b 84 b7 17 9b 89 a3 c9 1a ee 79 39 a4 46 48 df 22 ad 40 3a 86 14 81 94 28 b9 45 f3 bf 23 f8 bb 15 dc 97 ce 29 67 f3 09 e3 83 fa 81 a0 8a 99 e4 00 13 8b ad 7d 92 21 6f 39 33 c1 44 a2 b1 35 6b d6 a4 4c 06 71 c4 58 f1 33 19 bf 9f Data Ascii: s~\-o{J+`R$>xi4E[4U78ZqjR./;F{I{+mv32A:,o[eb/Z('Q?0sjHAQ7yR17RR4 ZZP]Fky9FH"@:(E#)g}!o93D5kLqX3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.5	49719	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:40 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 04:17:40 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=131242 Date: Sun, 29 Sep 2024 04:17:40 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.5	49721	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:41 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-29 04:17:42 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=131271 Date: Sun, 29 Sep 2024 04:17:41 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-29 04:17:42 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.5	49722	157.240.252.174	443	4292	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-29 04:17:42 UTC	405	OUT	GET /static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png HTTP/1.1 Host: www.instagram.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-29 04:17:43 UTC	360	IN	HTTP/1.1 200 OK Content-Type: image/png Vary: Accept-Encoding Access-Control-Allow-Origin: * cross-origin-resource-policy: cross-origin ETag: "b20f2a3cd7e4" Cache-Control: public,max-age=31536000,immutable Edge-Control: max-age=1209600, no-transform Date: Sun, 29 Sep 2024 04:17:43 GMT x-fb-load: 417 Transfer-Encoding: chunked Connection: close
2024-09-29 04:17:43 UTC	1140	IN	Data Raw: 35 34 39 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 93 00 00 01 89 08 06 00 00 00 4f 51 de 9c 00 01 24 c2 49 44 41 54 78 da ec 5d 09 5c 54 d5 f7 1f 77 5b cc ca fa f5 fb f5 6f 51 b3 d4 94 4d 73 df b0 cc a5 34 35 73 b7 dc cd 16 53 33 b7 34 a5 32 2d d7 d4 34 37 16 77 45 73 df 50 94 54 dc 72 47 50 11 91 55 14 04 44 10 61 18 e0 fc cf 19 ce a3 cb f3 cd ca cc 30 c0 dc 3e a7 91 37 f7 dd 77 ef 9d f7 ce f7 9d 5d a5 b2 d3 56 bb 76 ed 2a 48 ef 20 f5 47 fa 09 69 33 d2 09 a4 20 a4 08 a4 44 24 35 53 22 1f 0b e2 3e 9b f9 9c fe 3c 46 15 55 31 6f 4e 4e 4e cf d5 ab 57 af 71 9d 3a 75 9a d7 af 5f ff d5 e2 36 7f 67 67 e7 a7 70 fe 8d 90 5c 5c 5d 5d 9f 55 39 9a a3 99 d6 ca 58 88 8a 3d 1f a8 55 ab d6 db 48 bd de 7a eb ad 59 48 fe 48 61 cc 03 73 99 12 e9 18 7f Data Ascii: 549PNGIHDROQ$IDATx]\Tw[oQMs45sS342-47wEsPTrGPUDa0>7w]Vv*H Gi3 D$5S"><FU1oNNNWq:u_6ggp\\]]U9X=UHzYHHas
2024-09-29 04:17:43 UTC	220	IN	Data Raw: 00 c3 2f 10 2c 5f 27 57 61 94 be ca 3b f8 6b a9 04 92 7c 69 24 31 31 b1 2b 32 f8 ab 60 e3 46 d7 a4 6b cb a4 14 ab 03 4a cd 9a 35 f1 31 78 2b 90 0d e2 a4 ca fe 6f 51 ff 30 34 07 9a 0b cf 29 90 e6 58 94 8c a4 2b 52 92 c0 34 32 91 b1 fc 48 aa 9a e2 72 a7 d3 5c 69 ce ac b7 94 18 1f b9 d9 75 b5 b2 54 32 5f 26 95 7c 28 7d 47 4c 57 01 4c b6 d9 db de e1 cd f8 76 21 5c b8 33 c9 96 85 b4 cb c1 6f 4b 3c 90 e4 4b 23 d5 ab 57 af fc e8 d1 a3 d9 50 c4 8d e6 40 73 d1 21 a5 58 b4 bd f1 c6 1b f5 c9 46 8b f7 7a 16 d2 44 0f 0f 8f b2 f6 f2 03 d1 5c 68 4e 34 37 9a 23 cd d5 d6 6f f5 15 e4 cc 10 27 73 00 99 4b ad e2 7a d7 d3 dc 69 0d 32 3d ff 7c 5a ab 15 ae 45 ce 01 29 0d 0a Data Ascii: /,_'Wa;k\|i$11+2`FkJ51x+oQ04)X+R42Hr\iuT2_&\|(}GLWLv!\3oK<K#WP@s!XFzD\hN47#o'sKzi2=\|ZE)
2024-09-29 04:17:43 UTC	1500	IN	Data Raw: 39 31 64 0d 0a c2 de a5 8a 6f eb 78 dd ea 0a 6f f6 db ed 6d cf 70 5e 5f 16 36 2e 08 d7 95 ec e0 b9 a5 03 48 56 af 5e 5d 4d a3 d1 ec 06 3b 69 34 17 9a 93 35 01 85 98 33 de e3 14 ea f0 f0 cd 37 df ec 6b af 3f 16 cd 8d e6 48 73 b5 19 a0 30 a3 3b 23 30 84 07 25 c9 b8 4a 6b 21 e6 2e ac ef 0c ad d9 c2 d7 f8 58 c6 54 f7 ca 24 be 1a c5 01 4c 50 82 fa cc 02 60 e2 e9 e0 bb 25 1e 48 2a 5e be 7c b9 76 4e 4e 4e 30 d8 59 a3 39 d1 dc 58 ed 65 51 40 a9 59 b3 e6 9b 78 8f 5f c3 7b fc 3e 7e b6 b3 f7 1f 8d e6 c8 73 bd 46 73 b7 f6 c5 1a c9 f4 fc 17 8a b3 34 a2 4f 4a a1 b5 09 0c 8f d6 dc c8 82 60 b2 42 26 01 8d 13 bf a7 68 77 05 a6 bb a3 08 d5 99 ce 08 1c 4d c9 ce 24 ff 8e bc e0 38 7d ca f3 a4 83 a5 48 77 1d a0 31 e4 ed b7 df 6e 85 df 37 c3 cf 26 94 fa 06 ff ed a4 e4 0a c9 de Data Ascii: 91doxomp^_6.HV^]M;i4537k?Hs0;#0%Jk!.XT$LP`%H*^\|vNNN0Y9XeQ@Yx_{>~sFs4OJ`B&hwM$8}Hw1n7&
2024-09-29 04:17:43 UTC	840	IN	Data Raw: 3e 02 8b 3e 3c 0e db 27 5f 82 30 04 27 75 86 da 68 30 a1 b9 d3 1a 4c 55 77 21 d3 6d cd bf eb 06 95 85 e3 55 c8 71 85 73 0c c6 8b 92 08 fd 9b 8f 51 ce c3 66 16 66 79 65 f8 be 25 27 82 d6 e6 4e bc ba f0 00 e5 94 46 d5 96 3e 95 97 60 43 b9 67 8e 08 c8 22 a4 18 24 f9 a7 4c 27 5a cf 10 98 28 05 36 52 1a 16 be c1 c6 8b 6a 1c f2 0e a3 08 74 05 15 51 3d 1d 60 e2 a5 c0 b4 ef 19 93 19 80 54 32 c6 d8 18 44 f0 11 ec 71 f9 59 93 75 48 3c 0f 0c a9 f6 f8 fe ed a1 30 87 95 0a 2f 07 0d 14 fa fd a3 30 9e bb e8 10 80 7f cf e3 4c d7 df 2b 48 08 34 46 47 85 97 03 79 99 84 d5 0a 7b f7 b6 52 66 6d 1d bf d1 7e 59 df 83 64 93 c1 cf fb c2 73 9b 29 93 4c ea f3 b9 bf 8a d9 2a 64 d7 bb 5e 08 a9 44 ab de 4a 4e 4e fe d2 28 a9 84 12 67 25 66 c0 86 f5 91 30 70 f0 39 e8 d6 fd 0c 7c 8c d4 Data Ascii: >><'_0'uh0LUw!mUqsQffye%'NF>`Cg"$L'Z(6RjtQ=`T2DqYuH<0/0L+H4FGy{Rfm~Yds)L*d^DJNN(g%f0p9\|
2024-09-29 04:17:43 UTC	1498	IN	Data Raw: 35 64 33 0d 0a 5e 15 d2 c0 6f 3d 52 76 fe 21 d9 f9 37 14 ce 0f 90 f5 49 d2 55 4f 47 2e e9 50 5f 63 80 95 5d c4 25 cf b4 0c da 43 8a 4d 92 ed 43 4b d9 4b c8 36 05 cf af d3 85 90 4a 2a a7 a5 a5 4d 37 ca 73 2a 33 1b fc b7 47 c1 b7 9f 04 c2 b0 d6 01 30 b1 e7 71 d8 e6 19 0a 77 6f 3f 84 dc 9c 5c 4b c4 8e 40 4a 4c 2a 9c 5d 1a 04 5b 3b 1d 80 35 6e bb 60 4b 87 83 70 6d d3 4d d0 a8 35 46 8d 41 6b a1 35 19 23 9d 70 f1 a9 9c 5a b5 6a b9 19 f9 c6 ff 01 47 9c c7 b2 5d b0 25 bd 60 28 11 65 fa 15 ed 5d 7a c6 7c 9d fa ea 1a 87 79 ea 37 7c cd 87 34 07 63 e6 4a 6b 62 3e f5 87 29 cc ad ab f8 86 62 eb 38 12 0a 0e 63 15 4d bc 09 3a 6a d2 17 8e b7 75 3e 30 da 1b 59 60 a3 59 b9 bc 28 18 90 1f 7a 6f 41 dd e1 a2 c0 90 b7 c8 54 27 6f 28 81 83 e8 e5 83 37 56 17 e1 b7 fd 4d 61 cc 2a Data Ascii: 5d3^o=Rv!7IUOG.P_c]%CMCKK6JM7s3G0qwo?\K@JL][;5n`KpmM5FAk5#pZjG]%`(e]z\|y7\|4cJkb>)b8cM:ju>0Y`Y(zoAT'o(7VMa
2024-09-29 04:17:43 UTC	1500	IN	Data Raw: 62 62 38 0d 0a d4 67 66 d8 4b 2a 85 85 85 b5 31 56 15 95 10 f9 00 b6 4c 0d 84 9f 1a ad 07 af 41 7b 20 fc 64 8c 4e 69 24 f3 de 43 88 d8 74 1e 8e f7 5a 0d 07 dd 16 c0 a1 7a 73 e0 70 fd 79 10 50 7f 2e 1c 41 fa db 6d 1e fc d3 d3 07 62 37 9e 03 35 f6 cd b8 93 06 11 3e e7 e1 d2 b7 fb 20 72 53 10 64 26 e7 81 c6 bd e3 d1 70 ba cf 2e 38 54 7f 35 04 8d 3f 0a e9 b7 8c 2f 31 7f e3 c6 8d d6 ac ea 7a cc 6e 82 cc 9c dc b9 49 b5 3c df d8 e7 5b 02 13 73 d4 f2 1c 01 7f 80 dd 75 d3 f9 df 6d cd e0 31 1f 9b 02 26 3c 6f 7a 19 51 d3 9a 0d aa 0e a8 48 94 8d 6d 24 46 e5 58 32 b6 71 2c 42 88 b0 9e 8f 6d b8 9e 1f 75 a9 98 cc b8 61 de 51 60 40 6b 65 aa b0 7a 7a c0 a4 93 c2 98 fb 0c 81 09 e5 6f 92 f4 e9 4a f6 1f ce 75 25 37 26 ab 25 fb 09 fe fd 9e 0e d5 cb 15 1d eb fc c8 14 c9 84 00 Data Ascii: bb8gfK*1VLA{ dNi$CtZzspyP.Amb75> rSd&p.8T5?/1znI<[sum1&<ozQHm$FX2q,BmuaQ`@kezzoJu%7&%
2024-09-29 04:17:43 UTC	1500	IN	Data Raw: 05 2a a9 25 65 7d 2e eb 72 6f 16 82 40 2f ea 90 4c 88 c1 3e 6d 6c b0 a2 d6 66 72 21 12 f6 8d 58 0f 9b 9c e6 c0 b1 e1 1b e0 de 85 e8 82 91 e7 21 51 70 fd 4b 4f 38 57 77 02 5c ef ff 07 a4 9c bc 61 d8 43 ec c4 0d b8 d9 6f 19 04 d7 99 02 b7 46 ae 81 f4 e0 82 92 c7 03 04 93 eb 83 b6 c0 d9 3a 0b e1 f2 90 ad 90 74 c1 78 30 a1 b5 d1 1a 95 c0 84 ee 63 64 b0 a7 50 3a 78 c6 ca 60 d2 4b 57 7d 11 a9 7e 8a a2 2d c3 82 60 42 6b a4 b5 3e 96 1e 89 e2 16 a4 dc 3f 14 7c 65 43 66 3b 57 0a 48 d4 17 47 62 01 30 a9 26 31 0b b9 c7 91 35 1b 67 99 4d 57 8a 0d 31 b6 51 c1 1b 05 a6 f9 9d ec 65 40 29 7f d7 3d 63 1c 04 c4 fe c2 5c e3 24 a3 bb 18 c8 46 6f e7 12 53 65 83 f5 6e 5d 7a 78 49 02 e4 94 1d b9 f2 b8 14 3a 9f 24 14 8a 3b e1 63 53 68 6c 05 e9 64 b7 ec 9e 19 2b 8c b3 53 57 00 20 Data Ascii: *%e}.ro@/L>mlfr!X!QpKO8Ww\aCoF:tx0cdP:x`KW}~-`Bk>?\|eCf;WHGb0&15gMW1Qe@)=c\$FoSen]zxI:$;cShld+SW
2024-09-29 04:17:43 UTC	7	IN	Data Raw: ed 05 d1 d3 a7 0d 0a Data Ascii:
2024-09-29 04:17:43 UTC	1500	IN	Data Raw: 35 64 63 0d 0a 43 fa d5 90 02 df 67 a7 a5 42 9a af 0f dc 1b fc 11 dc 1b d0 11 1e 2c 9f 07 9a 3b 31 84 1a 8a 40 92 15 15 07 89 3f fa 40 94 db 28 88 7c e7 3b 48 5c bc 17 b2 1f a4 3f 06 26 b7 06 7b 43 70 1d 0f 08 1d be 06 52 2e 19 0f 26 b4 36 5d 06 78 6b bb 06 53 ba 14 7e 09 19 47 cf 11 dd cb 3a e8 7b ea 43 7d 8d 49 b1 62 11 d7 60 1c a4 b3 31 09 f0 1c 60 52 e8 75 76 12 d6 da d9 c4 73 0f 8a 06 5d b9 3d c2 d1 0a 2f 39 2a 79 b7 29 95 ed 75 34 9d ad 80 6b 70 7a 7a fa 6a 63 99 73 6a 68 28 dc 9a f1 23 dc ec fb 21 c4 cd 98 00 8f ae 5f 79 9c 81 87 5e 82 d4 b9 63 21 65 70 4b b8 ff 45 47 78 b8 72 26 64 5d bf 00 39 29 49 00 8f d2 21 37 23 1d 72 92 93 41 7d f9 0a dc 9f b5 14 ee be 37 0c 62 1b 0c 82 bb 9f cf 87 47 e7 6f 3e 7e cd b3 e1 10 31 c8 13 42 de 9e 0e a1 23 56 43 Data Ascii: 5dcCgB,;1@?@(\|;H\?&{CpR.&6]xkS~G:{C}Ib`1`Ruvs]=/9*y)u4kpzzjcsjh(#!_y^c!epKEGxr&d]9)I!7#rA}7bGo>~1B#VC
2024-09-29 04:17:43 UTC	7	IN	Data Raw: d8 b0 61 2f e5 0d 0a Data Ascii: a/

Target ID:	0
Start time:	00:17:30
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	2
Start time:	00:17:33
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1708,i,5434988003253293677,12926046323521537475,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	3
Start time:	00:17:35
Start date:	29/09/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://lindex171.github.io/instalogin/index.html"
Imagebase:	0x7ff715980000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Source: https://lindex171.github.io/instalogin/index.html	LLM: Score: 9 Reasons: The URL 'lindex171.github.io' does not match the legitimate domain 'facebook.com'., The URL is hosted on GitHub Pages, which is not a typical hosting platform for Facebook., The URL contains no direct reference to Facebook, which is suspicious., The presence of input fields for sensitive information (phone number, username, email, password) on a non-legitimate domain is a common phishing tactic. DOM: 0.0.pages.csv
Source: https://lindex171.github.io/instalogin/index.html#	LLM: Score: 9 Reasons: The legitimate domain for Instagram is instagram.com., The provided URL (lindex171.github.io) does not match the legitimate domain., The URL is hosted on GitHub Pages, which is commonly used for personal or project websites, not for official brand pages., The URL contains no direct reference to Instagram, which is suspicious., Phishing sites often use trusted platforms like GitHub Pages to appear legitimate., The input fields (Phone number, username, or email, Password) are typical for phishing attempts targeting Instagram users. DOM: 1.1.pages.csv

Source: global traffic	HTTP traffic detected: GET /instalogin/index.html HTTP/1.1Host: lindex171.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instalogin/style.css HTTP/1.1Host: lindex171.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lindex171.github.io/instalogin/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: lindex171.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lindex171.github.io/instalogin/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png HTTP/1.1Host: www.instagram.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lindex171.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /static/bundles/es6/sprite_core_b20f2a3cd7e4.png/b20f2a3cd7e4.png HTTP/1.1Host: www.instagram.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: lindex171.github.io
Source: global traffic	DNS traffic detected: DNS query: www.instagram.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://lindex171.github.io/instalogin/index.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Windows Analysis Report
https://lindex171.github.io/instalogin/index.html