Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://multinodeblockfix.pages.dev/

Overview

General Information

Sample URL:https://multinodeblockfix.pages.dev/
Analysis ID:1522039
Tags:openphish
Infos:

Detection

HTMLPhisher
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected BlockedWebSite
Detected non-DNS traffic on DNS port
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3208 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3784 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1932,i,13160606698231495496,6551077715970750275,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6716 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://multinodeblockfix.pages.dev/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_62JoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security
      0.1.pages.csvJoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security

        Sigma Signatures

        No Sigma rule has matched

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: https://multinodeblockfix.pages.dev/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

        Phishing

        barindex
        Yara detected BlockedWebSite
        Source: Yara matchFile source: 0.0.pages.csv, type: HTML
        Source: Yara matchFile source: 0.1.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_62, type: DROPPED
        Source: https://multinodeblockfix.pages.dev/HTTP Parser: No favicon
        Source: https://multinodeblockfix.pages.dev/HTTP Parser: No favicon
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49723 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49726 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49727 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:63892 version: TLS 1.2
        Source: global trafficTCP traffic: 192.168.2.5:63891 -> 1.1.1.1:53
        Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49733 version: TLS 1.0
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
        Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
        Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/styles/cf.errors.css HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://multinodeblockfix.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://multinodeblockfix.pages.dev/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://multinodeblockfix.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: multinodeblockfix.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
        Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XtsU3we1UbP7TBe&MD=HKtFalmb HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
        Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XtsU3we1UbP7TBe&MD=HKtFalmb HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
        Source: global trafficDNS traffic detected: DNS query: multinodeblockfix.pages.dev
        Source: global trafficDNS traffic detected: DNS query: www.google.com
        Source: chromecache_64.2.drString found in binary or memory: https://mergedaoprotocol.com/#0
        Source: chromecache_64.2.drString found in binary or memory: https://unpkg.com/aos
        Source: chromecache_62.2.drString found in binary or memory: https://www.cloudflare.com/5xx-error-landing
        Source: chromecache_62.2.drString found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/
        Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
        Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
        Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 63894 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
        Source: unknownNetwork traffic detected: HTTP traffic on port 63892 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
        Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
        Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
        Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
        Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63892
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63894
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
        Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49723 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49726 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:49727 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.5:63892 version: TLS 1.2
        Source: classification engineClassification label: mal56.phis.win@16/16@6/5
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1932,i,13160606698231495496,6551077715970750275,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://multinodeblockfix.pages.dev/"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1932,i,13160606698231495496,6551077715970750275,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
        Registry Run Keys / Startup Folder        		1
        Process Injection        		1
        Masquerading        		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
        Encrypted Channel        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
        Registry Run Keys / Startup Folder        		1
        Process Injection        		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
        Ingress Tool Transfer        		Traffic DuplicationData Destruction

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        https://multinodeblockfix.pages.dev/100%SlashNextFraudulent Website type: Phishing & Social Engineering

        Dropped Files

        No Antivirus matches

        Unpacked PE Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        www.google.com
        		142.250.186.132
        		truefalse
          		unknown
          multinodeblockfix.pages.dev
          		172.66.47.57
          		truefalse
            		unknown
            fp2e7a.wpc.phicdn.net
            		192.229.221.95
            		truefalse
              		unknown

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://multinodeblockfix.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637true
                		unknown
                https://multinodeblockfix.pages.dev/cdn-cgi/styles/cf.errors.csstrue
                  		unknown
                  https://multinodeblockfix.pages.dev/favicon.icotrue
                    		unknown
                    https://multinodeblockfix.pages.dev/true
                      		unknown

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      https://www.cloudflare.com/learning/access-management/phishing-attack/chromecache_62.2.drfalse
                        		unknown
                        https://mergedaoprotocol.com/#0chromecache_64.2.drfalse
                          		unknown
                          https://unpkg.com/aoschromecache_64.2.drfalse
                            		unknown
                            https://www.cloudflare.com/5xx-error-landingchromecache_62.2.drfalse
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              142.250.186.132
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              172.66.47.57
                              		multinodeblockfix.pages.devUnited States
                              		13335CLOUDFLARENETUSfalse

                              Private

                              IP
                              192.168.2.6
                              192.168.2.5

                              General Information

                              Joe Sandbox version:41.0.0 Charoite
                              Analysis ID:1522039
                              Start date and time:2024-09-29 07:41:30 +02:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 14s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:https://multinodeblockfix.pages.dev/
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:7
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal56.phis.win@16/16@6/5
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0

                              Warnings

                              • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.181.238, 64.233.167.84, 34.104.35.123, 199.232.210.172, 192.229.221.95, 52.165.164.15, 13.95.31.18, 20.242.39.171, 131.107.255.255, 142.250.186.35, 199.232.214.172
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, update.googleapis.com, clients.l.google.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtSetInformationFile calls found.
                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • VT rate limit hit for: https://multinodeblockfix.pages.dev/

                              Simulations

                              Behavior and APIs

                              No simulations

                              LLM Input / Output

                              InputOutput
                              URL: https://multinodeblockfix.pages.dev/ Model: jbxai
                              {
"brand":[],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"Learn More",
"text_input_field_labels":[],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                              URL: https://multinodeblockfix.pages.dev/ Model: jbxai
                              {
"brand":["Cloudflare"],
"contains_trigger_text":true,
"trigger_text":"This website has been reported for potential phishing. Phishing is when a site attempts to steal sensitive information by falsely presenting as a safe source.",
"prominent_button_name":"Learn More",
"text_input_field_labels":["Cloudflare Ray ID: 8ca9a66fd8b47d26  Your IP: Click to reveal  Performance & security by Cloudflare"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 04:42:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.968135430024768
                              Encrypted:false
                              SSDEEP:48:84d3TvnjH2idAKZdA19ehwiZUklqehsJy+3:88rYBJy
                              MD5:617AC079F4430C2D194F5CADBF68B361
                              SHA1:A1AD103A40E2039A590B1058247BDFA6BB8D7CEC
                              SHA-256:3F532A29A91BD13C632491774C1F77E67F802D403C32E959BDC4B6AA56208F90
                              SHA-512:C69122AB18F41FB906328FC2BE386C92501ABD2C08FD3DB9837E01141EC2BD18575F5B904066354A962B85DEB09478C28490F07D9FD1E081334FFD38E5C968F1
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.... ..^2...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=YO-...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 04:42:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2679
                              Entropy (8bit):3.984629763437089
                              Encrypted:false
                              SSDEEP:48:8dd3TvnjH2idAKZdA1weh/iZUkAQkqehxJy+2:8Hry9Q+Jy
                              MD5:2E3CB3749BF1FB0B0C0723995C718497
                              SHA1:6EEB24347EB2C494D35D659217A97361C58ECE6D
                              SHA-256:57AAC3C003CE1E2E3623AC7091EE2E446027694179406BFB6B98899BF99D11F4
                              SHA-512:37C675CD0F9F7622187AC927B11869816080E91FE2D14B80FFBE1A2654D465F2F1B1BEA7BEC7BC8066798C8CCE132AC45AADF2092571800D8BA502339BDEA51F
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,....'..^2...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=YO-...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2693
                              Entropy (8bit):3.998188687762605
                              Encrypted:false
                              SSDEEP:48:8xAd3TvnsH2idAKZdA14tseh7sFiZUkmgqeh7srJy+BX:8x0rfndJy
                              MD5:D423AA55A12AA321067250AFEA87EE3A
                              SHA1:6F98E1692FF5AD9DCDBEDE3AF457F50DB4DD0D98
                              SHA-256:34CB37C6A38D51FFDD758359C0C39070169B0955D6B539A7CCE56568098E05A0
                              SHA-512:C0E6DBFE6B7224F0FAA962C77D5141D16CC40A6B2E6CBDFF2FB98657517C7D86F6A708B7717ABDCEC81294478A92B734787C78BA9725AD90E4023DA08EDD21C6
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 04:42:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2681
                              Entropy (8bit):3.982281496890904
                              Encrypted:false
                              SSDEEP:48:82d3TvnjH2idAKZdA1vehDiZUkwqeh1Jy+R:8irZjJy
                              MD5:14FD65DB44A3991AE87967B02CC58579
                              SHA1:14D2C1D66680126CC7F1AD4B44B6DADF4227EB87
                              SHA-256:20DF4F65D061AC9518B1A4FEBB8E4240098A84FAEBD76E65B181C1A52F61E06A
                              SHA-512:AABF8CB3F23220AF851DB01AC6A858F79543BC99BD351E11E19EF2C3313A4F14B769D2E6E2CFB231915A377AC44BC5539A0EF114955531C4F2A16532EBB0CC57
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.....c.^2...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=YO-...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 04:42:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2681
                              Entropy (8bit):3.971092917804382
                              Encrypted:false
                              SSDEEP:48:8yrd3TvnjH2idAKZdA1hehBiZUk1W1qehnJy+C:8ytrp9HJy
                              MD5:8B0E43945FFC5AAFC3B57E5FC9203D0E
                              SHA1:EB00986AE1AFA2CCF9DDCAADDABDD3569D98F278
                              SHA-256:81862732E534397598851FAE38EDAB78CC08942B11B450A3939A2528B64B5707
                              SHA-512:B03448C0A65502233BD8C987273A86F78B5FD22B563FF1848081BABBE66EB98925C3762416F02C0A2C1591CB1C1D36B63A91B936C697B465F96B736D83B311D7
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.......^2...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=YO-...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Sep 29 04:42:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2683
                              Entropy (8bit):3.983939854625518
                              Encrypted:false
                              SSDEEP:48:8Pd3TvnjH2idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbdJy+yT+:8Jr1T/TbxWOvTbdJy7T
                              MD5:3EDC10BF92822C16178564CEAE1A31E8
                              SHA1:E72F0EB96B40F60C8AD14BA72749677C81D32D55
                              SHA-256:4D825C2F25396B4F38FF518EBA6B2228842F163B93C2D637FC491D055C187E4F
                              SHA-512:334A9ED299D6F21308429957A3C2A4CD090F6ADCCC174951A0A3ABCF0110BA0C6E67B512E45CC58896C5CFE6CCA1633205E0170E48F5F0120CD39E581F38B92D
                              Malicious:false
                              Reputation:low
                              Preview:L..................F.@.. ...$+.,.......^2...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I=YM-....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V=YM-....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V=YM-....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V=YM-..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V=YO-...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........O=.r.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                              Chrome Cache Entry: 62

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (394)
                              Category:downloaded
                              Size (bytes):4394
                              Entropy (8bit):5.081749512953532
                              Encrypted:false
                              SSDEEP:96:1j9jwIjYjUDK/D5DMF+BOis48A2ZLimOrR49PaQxJbGD:1j9jhjYjIK/Vo+ts4wZOmOrO9ieJGD
                              MD5:24DA6ACE95D721F5B50A9D5926AC1D94
                              SHA1:B8AFF387BC11694BAB7B53DADA4C65BE19ADC3E4
                              SHA-256:AE4258C71051D5DC8777CF102D5078C5FDEA325D7E387E17273E4FB41E7B0696
                              SHA-512:4CC155AEE09DBEB431458E6BA7898342EBFDC311B4C81BA6777D42EDE5C04B7435BC4784B15935CCE23B432646507703835BC83E690DEFBE65B494246D354B31
                              Malicious:false
                              Reputation:low
                              URL:https://multinodeblockfix.pages.dev/
                              Preview:<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Suspected phishing site | Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded

                              Chrome Cache Entry: 63

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (389)
                              Category:dropped
                              Size (bytes):48301
                              Entropy (8bit):5.046701612322924
                              Encrypted:false
                              SSDEEP:384:2qKzPPPiaQzuI8Zwoao6aFSKIHi7v8YCplK2FwOrWTD+w5zFL+psu3MwscFGkasx:7WPPKaQzLJsSQkPWGAx+mG66Oto
                              MD5:F1752D6A4FC52FF7566AF9E1E9BD41A9
                              SHA1:F810C7E1C46B3F8AF6E04DD6B5ADCB53E72D96E6
                              SHA-256:326272EBF01A3E950D6BEC1BCF330E4A8D26CE4DA346DB526E9BA82D26177551
                              SHA-512:A7E7A5BE947CA72E3C7024E394B7CB494BF6538EC7C271E7F628CE8B805A3D6FD9D595F8347587488A14FD9C14F3B95ED313FC536DB49E12DD1945EDA2E51FAA
                              Malicious:false
                              Reputation:low
                              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <title>coinwallet-system</title>. <meta name="viewport" content="width=device-width,initial-scale=1" />. <link href="https://unpkg.com/aos@2.3.1/dist/aos.css" rel="stylesheet" />. <link rel="stylesheet" href="assets/swiper-bundle.min.css" />. <link href="assets/style.css" rel="stylesheet" />. <link href="assets/style.css" rel="stylesheet" />. <link rel="stylesheet" href="assets/flowbite.min.css" />. <style>. html {. scroll-behavior: smooth;. }.. .section {. padding: 70px;. }. </style>. <script type="text/javascript" src="./app.js"></script> -->. <script type="text/javascript" src="./4e308_cc6ec5f301eadfcce98.js"></script> -->.</head>..<body.class="csn8e c4aab cgum6 cvhsn c9tl9".data-aos-easing="ease-out-cubic".data-aos-duration="500".data-aos-delay="0".>. Page wrapper -->.<div class="cha4x c4sc1 ch6o9 cyp0p">. Site header

                              Chrome Cache Entry: 64

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (389)
                              Category:downloaded
                              Size (bytes):48301
                              Entropy (8bit):5.046701612322924
                              Encrypted:false
                              SSDEEP:384:2qKzPPPiaQzuI8Zwoao6aFSKIHi7v8YCplK2FwOrWTD+w5zFL+psu3MwscFGkasx:7WPPKaQzLJsSQkPWGAx+mG66Oto
                              MD5:F1752D6A4FC52FF7566AF9E1E9BD41A9
                              SHA1:F810C7E1C46B3F8AF6E04DD6B5ADCB53E72D96E6
                              SHA-256:326272EBF01A3E950D6BEC1BCF330E4A8D26CE4DA346DB526E9BA82D26177551
                              SHA-512:A7E7A5BE947CA72E3C7024E394B7CB494BF6538EC7C271E7F628CE8B805A3D6FD9D595F8347587488A14FD9C14F3B95ED313FC536DB49E12DD1945EDA2E51FAA
                              Malicious:false
                              Reputation:low
                              URL:https://multinodeblockfix.pages.dev/favicon.ico
                              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <title>coinwallet-system</title>. <meta name="viewport" content="width=device-width,initial-scale=1" />. <link href="https://unpkg.com/aos@2.3.1/dist/aos.css" rel="stylesheet" />. <link rel="stylesheet" href="assets/swiper-bundle.min.css" />. <link href="assets/style.css" rel="stylesheet" />. <link href="assets/style.css" rel="stylesheet" />. <link rel="stylesheet" href="assets/flowbite.min.css" />. <style>. html {. scroll-behavior: smooth;. }.. .section {. padding: 70px;. }. </style>. <script type="text/javascript" src="./app.js"></script> -->. <script type="text/javascript" src="./4e308_cc6ec5f301eadfcce98.js"></script> -->.</head>..<body.class="csn8e c4aab cgum6 cvhsn c9tl9".data-aos-easing="ease-out-cubic".data-aos-duration="500".data-aos-delay="0".>. Page wrapper -->.<div class="cha4x c4sc1 ch6o9 cyp0p">. Site header

                              Chrome Cache Entry: 65

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (24050)
                              Category:downloaded
                              Size (bytes):24051
                              Entropy (8bit):4.941039417164537
                              Encrypted:false
                              SSDEEP:192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk
                              MD5:5E8C69A459A691B5D1B9BE442332C87D
                              SHA1:F24DD1AD7C9080575D92A9A9A2C42620725EF836
                              SHA-256:84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091
                              SHA-512:6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42
                              Malicious:false
                              Reputation:low
                              URL:https://multinodeblockfix.pages.dev/cdn-cgi/styles/cf.errors.css
                              Preview:#cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapper del,#cf-wrapper details,#cf-wrapper dfn,#cf-wrapper div,#cf-wrapper dl,#cf-wrapper dt,#cf-wrapper em,#cf-wrapper embed,#cf-wrapper fieldset,#cf-wrapper figcaption,#cf-wrapper figure,#cf-wrapper footer,#cf-wrapper form,#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3,#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper header,#cf-wrapper hgroup,#cf-wrapper html,#cf-wrapper i,#cf-wrapper iframe,#cf-wrapper img,#cf-wrapper label,#cf-wrapper legend,#cf-wrapper li,#cf-wrapper mark,#cf-wrapper menu,#cf-wrapper nav,#cf-wrapper object,#cf-wrapper ol,#cf-wrapper output,#cf-wrapper p,#cf-wrapper pre,#cf-wrapper s,#cf-wrapper samp,#cf-wrapper section,#cf-wrapper small,#cf-wrapper span,#cf-wrapper strike,#cf-wrapper strong,#cf-wrapper sub,#cf-w

                              Chrome Cache Entry: 66

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):452
                              Entropy (8bit):7.0936408308765495
                              Encrypted:false
                              SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
                              MD5:C33DE66281E933259772399D10A6AFE8
                              SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
                              SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
                              SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

                              Chrome Cache Entry: 67

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
                              Category:downloaded
                              Size (bytes):452
                              Entropy (8bit):7.0936408308765495
                              Encrypted:false
                              SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
                              MD5:C33DE66281E933259772399D10A6AFE8
                              SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
                              SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
                              SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
                              Malicious:false
                              Reputation:low
                              URL:https://multinodeblockfix.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
                              Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Sep 29, 2024 07:42:18.003669977 CEST49674443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:18.019220114 CEST49675443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:18.128648996 CEST49673443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:27.632281065 CEST49674443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:27.741646051 CEST49675443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:27.741666079 CEST49673443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:28.072448015 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.072494030 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.072626114 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.072761059 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.072772980 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.072839022 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.073231936 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.073249102 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.073437929 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.073448896 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.539127111 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.540785074 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.540821075 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.541847944 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.541934967 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543051958 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543051958 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543122053 CEST44349710172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.543150902 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543219090 CEST49710443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543481112 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543540955 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.543608904 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543817043 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.543829918 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.557226896 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.557508945 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.557533979 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.558974028 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.559163094 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559351921 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559366941 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559449911 CEST44349709172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.559506893 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559506893 CEST49709443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559740067 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.559781075 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:28.559833050 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.560003996 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:28.560019970 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.004987955 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.010710001 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.010742903 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.011843920 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.011915922 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.013113022 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.013199091 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.013432026 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.013441086 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.022526026 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.025054932 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.025089025 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.026659966 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.026731014 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.059043884 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.113090038 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.113394022 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140436888 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140477896 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140501976 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140520096 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140547991 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.140583038 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140599966 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.140603065 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.140650988 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.170233011 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.170247078 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.220103025 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.323138952 CEST49711443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.323184967 CEST44349711172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.341485977 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.384620905 CEST4434970323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:29.384723902 CEST49703443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:29.387413025 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441327095 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441365957 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441386938 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441407919 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441416025 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.441432953 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441448927 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.441467047 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.441540956 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.441549063 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.442049026 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.442104101 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.442111015 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.446186066 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.446224928 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.446254015 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.446263075 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.446309090 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.528090000 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.528142929 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.528167009 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.528202057 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.528208017 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.528228998 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.528261900 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.528955936 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.529005051 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.529014111 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.529043913 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.529088020 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.625442982 CEST49712443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.625478983 CEST44349712172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.647948980 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.648004055 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:29.648087025 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.648822069 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:29.648844004 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.101670980 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.111015081 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.111036062 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.112153053 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.112209082 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.232372999 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.232393026 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.232495070 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.232590914 CEST44349715172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.232649088 CEST49715443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.233283043 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.233329058 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.233386993 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.237528086 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.237540960 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.691451073 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.693183899 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.693207026 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.693541050 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.697851896 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.697927952 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.698520899 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.739408016 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.830148935 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.830220938 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:30.830277920 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.831481934 CEST49717443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:30.831496954 CEST44349717172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.162821054 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.162862062 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.162977934 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.163403034 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.163414955 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.177489996 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.177534103 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.177584887 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.178718090 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.178739071 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.617942095 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.617996931 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.620412111 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.624363899 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.624389887 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.661617041 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.709820032 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.756335020 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.756359100 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.757621050 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.757889986 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.763973951 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.763973951 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.764122009 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.764363050 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.764594078 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.764614105 CEST44349719172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.764643908 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.764645100 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.765042067 CEST49719443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.768346071 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.768407106 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.772588015 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.773021936 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:31.773036003 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:31.830590010 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.831382036 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.831406116 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.832401037 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.832565069 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.836472034 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.836525917 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.882200956 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:31.882211924 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:31.929188013 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:32.084989071 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.094255924 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.094278097 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.097935915 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.098073006 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.100497961 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.100677967 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.100677967 CEST44349720172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.100830078 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.100991011 CEST49720443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.102312088 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.102363110 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.104377985 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.104377985 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.104438066 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.226566076 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.227495909 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.227535963 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.228688002 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.228962898 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.229613066 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.229687929 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.232492924 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.232512951 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.272869110 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.365760088 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:32.365801096 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:32.365861893 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:32.369003057 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:32.369015932 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:32.399692059 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400057077 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400084972 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400108099 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.400130987 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400178909 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400182009 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.400191069 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.400234938 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.400239944 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.405131102 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.405167103 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.405179977 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.405184984 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.405194998 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.405242920 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.486349106 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486422062 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486443996 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486476898 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.486515999 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486550093 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486574888 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486578941 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.486587048 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486613989 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.486614943 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.486665010 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.486670017 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487262964 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487343073 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.487350941 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487606049 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487634897 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487651110 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.487663031 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487690926 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487701893 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.487709045 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.487746000 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.488275051 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488321066 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488343000 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488363981 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.488370895 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488413095 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.488419056 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488456011 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.488492966 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.488498926 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489247084 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489272118 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489289999 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.489295959 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489340067 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.489345074 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489373922 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.489425898 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.489528894 CEST49721443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.489547014 CEST44349721172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.580969095 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.581480026 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.581511974 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.585053921 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.585159063 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.585716009 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.585823059 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.586136103 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.586143970 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.707958937 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.708044052 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.709079981 CEST49722443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.709104061 CEST44349722172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.828365088 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.828402042 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:32.828497887 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.829143047 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:32.829159975 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.008630991 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.008727074 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.040368080 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.040400028 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.040688992 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.084568977 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.284334898 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.332290888 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.387355089 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.391092062 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.391107082 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.392373085 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.392472029 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.393147945 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.393147945 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.393201113 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.393225908 CEST44349724172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.393296957 CEST49724443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.393982887 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.394021034 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.394354105 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.394812107 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.394824982 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.431406021 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.574703932 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.574771881 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.574840069 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.576731920 CEST49723443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.576750994 CEST44349723184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.654453993 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.654488087 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.654630899 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.655702114 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:33.655714989 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:33.880445957 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.880764008 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.880785942 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.881158113 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.882025957 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.882106066 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:33.882463932 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:33.927397966 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057063103 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057111979 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057140112 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057158947 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.057161093 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057182074 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057226896 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.057801962 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057825089 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057847977 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057868004 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057881117 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.057889938 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.057918072 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.057945013 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.061641932 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.116686106 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.116720915 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149535894 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149563074 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149583101 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149599075 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.149627924 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149638891 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149663925 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.149665117 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149686098 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.149687052 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149698019 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149733067 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.149744987 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.149790049 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.150516033 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.150542974 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.150566101 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.150593996 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.150610924 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.150631905 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.150654078 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.151458979 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151479959 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151504993 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.151513100 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151554108 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.151561022 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151585102 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151606083 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151643991 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.151649952 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.151701927 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.152367115 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152400970 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152420998 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152446032 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.152452946 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152487040 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.152491093 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152529001 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.152571917 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.152683020 CEST49725443192.168.2.5172.66.47.57
                              Sep 29, 2024 07:42:34.152697086 CEST44349725172.66.47.57192.168.2.5
                              Sep 29, 2024 07:42:34.316571951 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.316657066 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.323633909 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.323649883 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.323966026 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.327001095 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.371406078 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.601202011 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.601391077 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.601454020 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.602961063 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.602993965 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:34.603008986 CEST49726443192.168.2.5184.28.90.27
                              Sep 29, 2024 07:42:34.603018045 CEST44349726184.28.90.27192.168.2.5
                              Sep 29, 2024 07:42:38.226891041 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:38.226939917 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:38.227001905 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:38.228142023 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:38.228156090 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:38.915216923 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:38.915468931 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:38.925102949 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:38.925124884 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:38.925381899 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:38.975284100 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.598166943 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.639405966 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824791908 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824817896 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824825048 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824866056 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824908018 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824908972 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.824939013 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824959993 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.824970007 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.824995041 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:39.825032949 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.825063944 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:39.902966022 CEST49703443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:39.903069019 CEST49703443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:39.903479099 CEST49733443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:39.903528929 CEST4434973323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:39.903609991 CEST49733443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:39.904267073 CEST49733443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:39.904285908 CEST4434973323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:39.907829046 CEST4434970323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:39.907840014 CEST4434970323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:40.353655100 CEST49727443192.168.2.552.165.165.26
                              Sep 29, 2024 07:42:40.353692055 CEST4434972752.165.165.26192.168.2.5
                              Sep 29, 2024 07:42:40.515640020 CEST4434973323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:40.515729904 CEST49733443192.168.2.523.1.237.91
                              Sep 29, 2024 07:42:41.714560032 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:41.714634895 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:41.714826107 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:43.281929016 CEST49718443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:42:43.281975031 CEST44349718142.250.186.132192.168.2.5
                              Sep 29, 2024 07:42:44.811888933 CEST6389153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:44.816777945 CEST53638911.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:44.816843987 CEST6389153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:44.816874981 CEST6389153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:44.821671009 CEST53638911.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:45.260591984 CEST53638911.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:45.261528969 CEST6389153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:45.270034075 CEST53638911.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:45.270091057 CEST6389153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:59.675435066 CEST4434973323.1.237.91192.168.2.5
                              Sep 29, 2024 07:42:59.675524950 CEST49733443192.168.2.523.1.237.91
                              Sep 29, 2024 07:43:21.699482918 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:21.699537992 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:21.699646950 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:21.700864077 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:21.700877905 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.392363071 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.392448902 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.396819115 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.396830082 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.397068024 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.409979105 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.455409050 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.655062914 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.655093908 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.655107975 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.655173063 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.655201912 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.655251980 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.655986071 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.656013012 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.656040907 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.656048059 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.656074047 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.656717062 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.656760931 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.659912109 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.659925938 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:22.659940004 CEST63892443192.168.2.552.165.165.26
                              Sep 29, 2024 07:43:22.659945011 CEST4436389252.165.165.26192.168.2.5
                              Sep 29, 2024 07:43:31.194871902 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:31.194902897 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.195061922 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:31.196104050 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:31.196119070 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.848078012 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.848535061 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:31.848565102 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.849052906 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.849904060 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:31.849999905 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:31.898155928 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:41.747591019 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:41.747680902 CEST44363894142.250.186.132192.168.2.5
                              Sep 29, 2024 07:43:41.749525070 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:43.244508982 CEST63894443192.168.2.5142.250.186.132
                              Sep 29, 2024 07:43:43.244534016 CEST44363894142.250.186.132192.168.2.5

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Sep 29, 2024 07:42:27.048456907 CEST53591291.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:27.050333977 CEST53646581.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:28.043482065 CEST5347553192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:28.043632984 CEST5041453192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:28.055370092 CEST53504141.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:28.071845055 CEST53534751.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:28.106061935 CEST53537941.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:31.148313046 CEST5628253192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:31.148526907 CEST6381753192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:31.155216932 CEST53638171.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:31.155249119 CEST53562821.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:31.550441980 CEST5795453192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:31.551093102 CEST5634153192.168.2.51.1.1.1
                              Sep 29, 2024 07:42:31.561115980 CEST53579541.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:31.562659979 CEST53563411.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:44.811454058 CEST53545051.1.1.1192.168.2.5
                              Sep 29, 2024 07:42:45.233593941 CEST53538771.1.1.1192.168.2.5
                              Sep 29, 2024 07:43:04.277221918 CEST53553871.1.1.1192.168.2.5
                              Sep 29, 2024 07:43:26.363871098 CEST53608191.1.1.1192.168.2.5
                              Sep 29, 2024 07:43:26.968372107 CEST53626701.1.1.1192.168.2.5

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Sep 29, 2024 07:42:28.043482065 CEST192.168.2.51.1.1.10xd18aStandard query (0)multinodeblockfix.pages.devA (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:28.043632984 CEST192.168.2.51.1.1.10xff8aStandard query (0)multinodeblockfix.pages.dev65IN (0x0001)false
                              Sep 29, 2024 07:42:31.148313046 CEST192.168.2.51.1.1.10x9262Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.148526907 CEST192.168.2.51.1.1.10x6dcStandard query (0)www.google.com65IN (0x0001)false
                              Sep 29, 2024 07:42:31.550441980 CEST192.168.2.51.1.1.10x602Standard query (0)multinodeblockfix.pages.devA (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.551093102 CEST192.168.2.51.1.1.10x9eb9Standard query (0)multinodeblockfix.pages.dev65IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Sep 29, 2024 07:42:28.055370092 CEST1.1.1.1192.168.2.50xff8aNo error (0)multinodeblockfix.pages.dev65IN (0x0001)false
                              Sep 29, 2024 07:42:28.071845055 CEST1.1.1.1192.168.2.50xd18aNo error (0)multinodeblockfix.pages.dev172.66.47.57A (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:28.071845055 CEST1.1.1.1192.168.2.50xd18aNo error (0)multinodeblockfix.pages.dev172.66.44.199A (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.155216932 CEST1.1.1.1192.168.2.50x6dcNo error (0)www.google.com65IN (0x0001)false
                              Sep 29, 2024 07:42:31.155249119 CEST1.1.1.1192.168.2.50x9262No error (0)www.google.com142.250.186.132A (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.561115980 CEST1.1.1.1192.168.2.50x602No error (0)multinodeblockfix.pages.dev172.66.47.57A (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.561115980 CEST1.1.1.1192.168.2.50x602No error (0)multinodeblockfix.pages.dev172.66.44.199A (IP address)IN (0x0001)false
                              Sep 29, 2024 07:42:31.562659979 CEST1.1.1.1192.168.2.50x9eb9No error (0)multinodeblockfix.pages.dev65IN (0x0001)false
                              Sep 29, 2024 07:42:39.261137962 CEST1.1.1.1192.168.2.50x8acaNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              Sep 29, 2024 07:42:39.261137962 CEST1.1.1.1192.168.2.50x8acaNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • multinodeblockfix.pages.dev
                              • https:
                              • fs.microsoft.com
                              • slscr.update.microsoft.com

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.549711172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:29 UTC670OUTGET / HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:29 UTC606INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:29 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              X-Frame-Options: SAMEORIGIN
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ixaPeSSwFvW12KSPV6tjEVlDD8%2F2R6V61e124PDfS3AbwiC6KQWO0yxnNXWXk2NbtO8HqAs91Ld2uVCr5O0LX7Srgrx0vpPQo5I1J4dgAfpFYB%2FXymyYtnnYuijqFlwTmJSG0AKx2ebZ4bS%2BC4%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Speculation-Rules: "/cdn-cgi/speculation"
                              Server: cloudflare
                              CF-RAY: 8ca9a66fd8b47d26-EWR
                              2024-09-29 05:42:29 UTC763INData Raw: 31 31 32 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20
                              Data Ascii: 112a<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
                              2024-09-29 05:42:29 UTC1369INData Raw: 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 27 63 66 5f 73 74 79 6c 65 73 2d 69 65 2d 63 73 73 27 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20
                              Data Ascii: tylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function
                              2024-09-29 05:42:29 UTC1369INData Raw: 69 2f 70 68 69 73 68 2d 62 79 70 61 73 73 22 20 6d 65 74 68 6f 64 3d 22 47 45 54 22 20 65 6e 63 74 79 70 65 3d 22 74 65 78 74 2f 70 6c 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 2e 6a 71 43 46 4d 4d 74 74 6e 37 30 52 6d 67 71 59 73 68 36 51 4c 38 56 33 46 6a 59 34 45 5f 42 73 46 6d 73 6e 57 76 50 6e 6f 67 2d 31 37 32 37 35 38 38 35 34 39 2d 30 2e 30 2e 31 2e 31 2d 2f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61
                              Data Ascii: i/phish-bypass" method="GET" enctype="text/plain"> <input type="hidden" name="atok" value=".jqCFMMttn70RmgqYsh6QL8V3FjY4E_BsFmsnWvPnog-1727588549-0.0.1.1-/"> <a href="https://www.cloudflare.com/learning/a
                              2024-09-29 05:42:29 UTC901INData Raw: 33 2e 33 33 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61
                              Data Ascii: 3.33</span> <span class="cf-footer-separator sm:hidden">&bull;</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-la
                              2024-09-29 05:42:29 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.549712172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:29 UTC581OUTGET /cdn-cgi/styles/cf.errors.css HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://multinodeblockfix.pages.dev/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:29 UTC411INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:29 GMT
                              Content-Type: text/css
                              Content-Length: 24051
                              Connection: close
                              Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT
                              ETag: "66f525a7-5df3"
                              Server: cloudflare
                              CF-RAY: 8ca9a671b9f99e04-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Sun, 29 Sep 2024 07:42:29 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2024-09-29 05:42:29 UTC958INData Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70
                              Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
                              2024-09-29 05:42:29 UTC1369INData Raw: 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 61 62 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 66 6f 6f 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 65 61 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f
                              Data Ascii: e,#cf-wrapper strong,#cf-wrapper sub,#cf-wrapper summary,#cf-wrapper sup,#cf-wrapper table,#cf-wrapper tbody,#cf-wrapper td,#cf-wrapper tfoot,#cf-wrapper th,#cf-wrapper thead,#cf-wrapper tr,#cf-wrapper tt,#cf-wrapper u,#cf-wrapper ul{margin:0;padding:0;bo
                              2024-09-29 05:42:29 UTC1369INData Raw: 31 2e 35 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 6e 6f 72 6d 61 6c 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 36 2c 31 33 39 2c 33 31 2c 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 65 6d
                              Data Ascii: 1.5!important;text-decoration:none!important;letter-spacing:normal;-webkit-tap-highlight-color:rgba(246,139,31,.3);-webkit-font-smoothing:antialiased}#cf-wrapper .cf-section,#cf-wrapper section{background:0 0;display:block;margin-bottom:2em;margin-top:2em
                              2024-09-29 05:42:29 UTC1369INData Raw: 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 77 6f 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 32 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69
                              Data Ascii: ld(2n),#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.four>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.two>.cf-column:nth-child(2n){padding-left:22.5px;padding-right:0}#cf-wrapper .cf-columns.cols-2>.cf-column:nth-chi
                              2024-09-29 05:42:29 UTC1369INData Raw: 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 31 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73
                              Data Ascii: ),#cf-wrapper .cf-columns.four>.cf-column:nth-child(odd){clear:none}#cf-wrapper .cf-columns.cols-4>.cf-column:first-child,#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+1),#cf-wrapper .cf-columns.four>.cf-column:first-child,#cf-wrapper .cf-columns
                              2024-09-29 05:42:29 UTC1369INData Raw: 30 3b 70 61 64 64 69 6e 67 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 7d 23 63 66 2d 77 72 61 70 70 65
                              Data Ascii: 0;padding:0}#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3{font-weight:400}#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper strong{font-weight:600}#cf-wrapper h1{font-size:36px;line-height:1.2}#cf-wrapper h2{font-size:30px;line-height:1.3}#cf-wrappe
                              2024-09-29 05:42:29 UTC1369INData Raw: 68 32 2b 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 6f 6c 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 63 6f 6c
                              Data Ascii: h2+h4,#cf-wrapper h2+h5,#cf-wrapper h2+h6,#cf-wrapper h3+h5,#cf-wrapper h3+h6,#cf-wrapper h3+p,#cf-wrapper h4+p,#cf-wrapper h5+ol,#cf-wrapper h5+p,#cf-wrapper h5+ul{margin-top:.5em}#cf-wrapper .cf-btn{background-color:transparent;border:1px solid #999;col
                              2024-09-29 05:42:29 UTC1369INData Raw: 3a 23 36 32 61 31 64 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 31 36 33 39 35 39 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 68 6f 76 65 72 2c 23
                              Data Ascii: :#62a1d8;border:1px solid #163959;color:#fff}#cf-wrapper .cf-btn-danger,#cf-wrapper .cf-btn-error,#cf-wrapper .cf-btn-important{background-color:#bd2426;border-color:transparent;color:#fff}#cf-wrapper .cf-btn-danger:hover,#cf-wrapper .cf-btn-error:hover,#
                              2024-09-29 05:42:29 UTC1369INData Raw: 61 63 65 3a 6e 6f 77 72 61 70 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 34 30 34 30 34 30 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 36 36 36 37 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 34 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 21 69 6d 70 6f 72 74 61 6e
                              Data Ascii: ace:nowrap}#cf-wrapper input,#cf-wrapper select,#cf-wrapper textarea{background:#fff!important;border:1px solid #999!important;color:#404040!important;font-size:.86667em!important;line-height:1.24!important;margin:0 0 1em!important;max-width:100%!importan
                              2024-09-29 05:42:29 UTC1369INData Raw: 3a 23 34 30 34 30 34 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 3a 37 2e 35 70 78 20 31 35 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 3a 65 6d 70 74 79 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 20 2e 63 66 2d 63 6c 6f 73 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 2e 37 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 70 61 64 64 69 6e
                              Data Ascii: :#404040;font-size:13px;padding:7.5px 15px;position:relative;vertical-align:middle;border-radius:2px}#cf-wrapper .cf-alert:empty{display:none}#cf-wrapper .cf-alert .cf-close{border:1px solid transparent;color:inherit;font-size:18.75px;line-height:1;paddin


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.549717172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:30 UTC673OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://multinodeblockfix.pages.dev/cdn-cgi/styles/cf.errors.css
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:30 UTC409INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:30 GMT
                              Content-Type: image/png
                              Content-Length: 452
                              Connection: close
                              Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT
                              ETag: "66f525a7-1c4"
                              Server: cloudflare
                              CF-RAY: 8ca9a67a6bca7d0b-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Sun, 29 Sep 2024 07:42:30 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2024-09-29 05:42:30 UTC452INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65
                              Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.549721172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:32 UTC610OUTGET /favicon.ico HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://multinodeblockfix.pages.dev/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:32 UTC743INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:32 GMT
                              Content-Type: text/html; charset=utf-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Access-Control-Allow-Origin: *
                              Cache-Control: public, max-age=0, must-revalidate
                              referrer-policy: strict-origin-when-cross-origin
                              x-content-type-options: nosniff
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dggWqqZYwyPNch7Je4mpylHDD1nyVIG%2ForfyPFgOPXJDhOazR27KbDW813gEj0DPtqwXkYBTTCaoRhxBYABJhPywItvdG4dr8Mpn9%2BGy2eeTTkxF%2F4qbHB99BIFOcwJ7liiSLA204UZeTE5Sa8%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Speculation-Rules: "/cdn-cgi/speculation"
                              Server: cloudflare
                              CF-RAY: 8ca9a683fda84243-EWR
                              2024-09-29 05:42:32 UTC1369INData Raw: 37 66 65 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 3c 74 69 74 6c 65 3e 63 6f 69 6e 77 61 6c 6c 65 74 2d 73 79 73 74 65 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 6e 70 6b 67 2e 63 6f
                              Data Ascii: 7fe1<!DOCTYPE html><html lang="en"><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>coinwallet-system</title> <meta name="viewport" content="width=device-width,initial-scale=1" /> <link href="https://unpkg.co
                              2024-09-29 05:42:32 UTC1369INData Raw: 20 20 20 20 20 20 20 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 33 32 20 33 32 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 65 66 73 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 65 61 72 67 72 61 64 69 65 6e 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 31 3d 22 30 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 31 3d 22 33 32 2e 34 34 33 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 32 3d 22 31 30 34 2e 31 38 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 32 3d 22 35 30 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 64 3d 22
                              Data Ascii: viewBox="0 0 32 32" xmlns="http://www.w3.org/2000/svg" > <defs> <lineargradient x1="0%" y1="32.443%" x2="104.18%" y2="50%" id="
                              2024-09-29 05:42:32 UTC1369INData Raw: 20 20 20 20 20 3c 2f 67 3e 0a 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 3c 2f 61 3e 0a 20 20 3c 2f 64 69 76 3e 0a 0a 20 20 3c 21 2d 2d 20 44 65 73 6b 74 6f 70 20 6e 61 76 69 67 61 74 69 6f 6e 20 2d 2d 3e 0a 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 63 68 61 34 78 20 63 66 31 6a 62 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 44 65 73 6b 74 6f 70 20 73 69 67 6e 20 69 6e 20 6c 69 6e 6b 73 20 2d 2d 3e 0a 20 20 20 20 3c 75 6c 20 63 6c 61 73 73 3d 22 63 68 61 34 78 20 63 66 31 6a 62 20 63 6c 6b 69 77 20 63 72 65 76 6d 20 63 63 36 68 69 22 3e 0a 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 63 33 63 6b 35 22 3e 0a 20 20 20 20 20 20 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 22 0a 20 20 20 20 20 20 20 20 63 6c 61 73 73
                              Data Ascii: </g> </svg> </a> </div> ... Desktop navigation --> <nav class="cha4x cf1jb"> ... Desktop sign in links --> <ul class="cha4x cf1jb clkiw crevm cc6hi"> <li class="c3ck5"> <a style="cursor: pointer" class
                              2024-09-29 05:42:32 UTC1369INData Raw: 2f 70 3e 0a 20 20 20 20 3c 64 69 76 0a 20 20 20 20 63 6c 61 73 73 3d 22 63 72 73 32 7a 20 63 38 68 6c 61 20 63 75 6e 30 6c 20 63 6c 6a 62 38 20 63 65 36 31 6a 20 63 6d 71 70 76 20 63 38 35 75 71 20 63 71 65 76 63 20 61 6f 73 2d 69 6e 69 74 20 61 6f 73 2d 61 6e 69 6d 61 74 65 22 0a 20 20 20 20 64 61 74 61 2d 61 6f 73 3d 22 66 61 64 65 2d 75 70 22 0a 20 20 20 20 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 32 30 30 22 0a 20 20 20 20 3e 0a 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 22 20 0a 20 20 20 20 20 20 63 6c 61 73 73 3d 22 63 6f 6e 6e 65 63 74 42 75 74 74 6f 6e 20 20 63 34 72 66 7a 20 63 69 72 6c 37 20 63 79 79 37 70 20 63 79 39 6a 36 20 63 62 6a 68 70 20 63 76 6e 76 36
                              Data Ascii: /p> <div class="crs2z c8hla cun0l cljb8 ce61j cmqpv c85uq cqevc aos-init aos-animate" data-aos="fade-up" data-aos-delay="200" > <div> <a style="cursor: pointer" class="connectButton c4rfz cirl7 cyy7p cy9j6 cbjhp cvnv6
                              2024-09-29 05:42:32 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 31 20 73 74 61 72 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 3d 22 4d 31 30 20 35 2e 39 33 34 4c 38 20 30 20 36 20 35 2e 39 33 34 48 30 6c 34 2e 38 39 20 33 2e 39 35 34 4c 32 2e 39 36 38 20 31 36 20 38 20 31 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20 31 36 20 35 2e 39 33 34 7a 22 0a 20 20 20 20 20 20 20 20
                              Data Ascii: <span class="cr5dx">1 star</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16"> <path d="M10 5.934L8 0 6 5.934H0l4.89 3.954L2.968 16 8 12.223 13.032 16 11.11 9.888 16 5.934z"
                              2024-09-29 05:42:32 UTC1369INData Raw: 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 35 20 73 74 61 72 73 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 3d 22 4d 31 30 20 35 2e 39 33 34 4c 38 20 30 20 36 20 35 2e 39 33 34 48 30 6c 34 2e 38 39 20 33 2e 39 35 34 4c 32 2e 39 36 38 20 31 36 20 38 20 31 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20
                              Data Ascii: <button> <span class="cr5dx">5 stars</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16"> <path d="M10 5.934L8 0 6 5.934H0l4.89 3.954L2.968 16 8 12.223 13.032 16 11.11 9.888
                              2024-09-29 05:42:32 UTC1369INData Raw: 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20 31 36 20 35 2e 39 33 34 7a 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 32 20 73 74 61 72 73 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii: 2.223 13.032 16 11.11 9.888 16 5.934z" ></path> </svg> </button> <button> <span class="cr5dx">2 stars</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16">
                              2024-09-29 05:42:32 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 20 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 2f 68 65 61 64 65 72 3e 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 34 6c 68 74 20 63 66 31 6a 62 22 3e 0a 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 63 68 61 32 30 20 63 30 6d 75 79 22 3e 22 46 61 73 74 20 61 6e 64 20 65 61 73 79 20 77 65 62 33 22 3c 2f 70 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 66 6f 6f 74 65 72 20 63 6c 61 73 73 3d 22 63 38 33 72 74 20 63 7a 6f 75 77 20 63 30 6d 75 79 22 3e 0a 20 20 20
                              Data Ascii: ></path> </svg> </button> </div> </div> </header> <div class="c4lht cf1jb"> <p class="cha20 c0muy">"Fast and easy web3"</p> </div> <footer class="c83rt czouw c0muy">
                              2024-09-29 05:42:32 UTC1369INData Raw: 62 2d 31 30 20 6d 6c 2d 34 22 3e 0a 20 20 20 20 20 20 3c 64 69 76 0a 20 20 20 20 20 20 63 6c 61 73 73 3d 22 61 62 73 6f 6c 75 74 65 20 77 2d 33 20 68 2d 33 20 62 67 2d 67 72 61 79 2d 32 30 30 20 72 6f 75 6e 64 65 64 2d 66 75 6c 6c 20 6d 74 2d 31 2e 35 20 2d 6c 65 66 74 2d 31 2e 35 20 62 6f 72 64 65 72 20 62 6f 72 64 65 72 2d 77 68 69 74 65 20 64 61 72 6b 3a 62 6f 72 64 65 72 2d 67 72 61 79 2d 39 30 30 20 64 61 72 6b 3a 62 67 2d 67 72 61 79 2d 37 30 30 22 0a 20 20 20 20 20 20 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 68 33 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 6c 67 20 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 20 74 65 78 74 2d 77 68 69 74 65 20 64 61 72 6b 3a 74 65 78 74 2d 77 68 69 74 65 22 3e 0a 20 20 20 20 20 20 20 20 53 77 61 70 2f 45 78 63 68 61 6e
                              Data Ascii: b-10 ml-4"> <div class="absolute w-3 h-3 bg-gray-200 rounded-full mt-1.5 -left-1.5 border border-white dark:border-gray-900 dark:bg-gray-700" ></div> <h3 class="text-lg font-semibold text-white dark:text-white"> Swap/Exchan
                              2024-09-29 05:42:32 UTC1369INData Raw: 2d 67 72 61 79 2d 39 30 30 20 64 61 72 6b 3a 62 67 2d 67 72 61 79 2d 37 30 30 22 0a 20 20 20 20 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 68 33 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 6c 67 20 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 20 74 65 78 74 2d 77 68 69 74 65 20 64 61 72 6b 3a 74 65 78 74 2d 77 68 69 74 65 22 3e 0a 20 20 20 20 20 20 56 61 6c 69 64 61 74 69 6f 6e 0a 20 20 20 20 3c 2f 68 33 3e 0a 20 20 20 20 3c 70 0a 20 20 20 20 63 6c 61 73 73 3d 22 6d 62 2d 34 20 74 65 78 74 2d 62 61 73 65 20 66 6f 6e 74 2d 6e 6f 72 6d 61 6c 20 74 65 78 74 2d 67 72 61 79 2d 35 30 30 20 64 61 72 6b 3a 74 65 78 74 2d 67 72 61 79 2d 34 30 30 22 0a 20 20 20 20 3e 0a 20 20 20 20 46 6f 72 20 61 6e 79 20 76 61 6c 69 64 61 74 69 6f 6e 20 63 6c 69 63 6b 20 68 65 72 65 0a 20 20 3c
                              Data Ascii: -gray-900 dark:bg-gray-700" ></div> <h3 class="text-lg font-semibold text-white dark:text-white"> Validation </h3> <p class="mb-4 text-base font-normal text-gray-500 dark:text-gray-400" > For any validation click here <


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.549722172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:32 UTC397OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:32 UTC409INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:32 GMT
                              Content-Type: image/png
                              Content-Length: 452
                              Connection: close
                              Last-Modified: Thu, 26 Sep 2024 09:13:11 GMT
                              ETag: "66f525a7-1c4"
                              Server: cloudflare
                              CF-RAY: 8ca9a6861dfe8c65-EWR
                              X-Frame-Options: DENY
                              X-Content-Type-Options: nosniff
                              Expires: Sun, 29 Sep 2024 07:42:32 GMT
                              Cache-Control: max-age=7200
                              Cache-Control: public
                              Accept-Ranges: bytes
                              2024-09-29 05:42:32 UTC452INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65
                              Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPe


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.549723184.28.90.27443
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:33 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-09-29 05:42:33 UTC467INHTTP/1.1 200 OK
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (lpl/EF67)
                              X-CID: 11
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-neu-z1
                              Cache-Control: public, max-age=126149
                              Date: Sun, 29 Sep 2024 05:42:33 GMT
                              Connection: close
                              X-CID: 2


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.549725172.66.47.574433784C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:33 UTC362OUTGET /favicon.ico HTTP/1.1
                              Host: multinodeblockfix.pages.dev
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-09-29 05:42:34 UTC753INHTTP/1.1 200 OK
                              Date: Sun, 29 Sep 2024 05:42:34 GMT
                              Content-Type: text/html; charset=utf-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Access-Control-Allow-Origin: *
                              Cache-Control: public, max-age=0, must-revalidate
                              referrer-policy: strict-origin-when-cross-origin
                              x-content-type-options: nosniff
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJ6tKp%2FqoTO9LMa%2BHkv3dCVCg%2BckP2VJ3dMDdmY2qykSvvME8Vq78XNGFDzG7w2YhZi4IhHpHO%2BYohXLNs7BZujRoBRH1MiTlaNRsPa5LLSpBgzcCUEznM%2BO%2FODAY%2FcqmTnZRuoQvsG8%2BquuIZk%3D"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Speculation-Rules: "/cdn-cgi/speculation"
                              Server: cloudflare
                              CF-RAY: 8ca9a68e5fad18c8-EWR
                              2024-09-29 05:42:34 UTC1369INData Raw: 37 66 65 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 3c 74 69 74 6c 65 3e 63 6f 69 6e 77 61 6c 6c 65 74 2d 73 79 73 74 65 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 6e 70 6b 67 2e 63 6f
                              Data Ascii: 7fe1<!DOCTYPE html><html lang="en"><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>coinwallet-system</title> <meta name="viewport" content="width=device-width,initial-scale=1" /> <link href="https://unpkg.co
                              2024-09-29 05:42:34 UTC1369INData Raw: 20 20 20 20 20 20 20 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 33 32 20 33 32 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 65 66 73 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 65 61 72 67 72 61 64 69 65 6e 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 31 3d 22 30 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 31 3d 22 33 32 2e 34 34 33 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 78 32 3d 22 31 30 34 2e 31 38 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 79 32 3d 22 35 30 25 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 64 3d 22
                              Data Ascii: viewBox="0 0 32 32" xmlns="http://www.w3.org/2000/svg" > <defs> <lineargradient x1="0%" y1="32.443%" x2="104.18%" y2="50%" id="
                              2024-09-29 05:42:34 UTC1369INData Raw: 20 20 20 20 20 3c 2f 67 3e 0a 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 3c 2f 61 3e 0a 20 20 3c 2f 64 69 76 3e 0a 0a 20 20 3c 21 2d 2d 20 44 65 73 6b 74 6f 70 20 6e 61 76 69 67 61 74 69 6f 6e 20 2d 2d 3e 0a 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 63 68 61 34 78 20 63 66 31 6a 62 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 44 65 73 6b 74 6f 70 20 73 69 67 6e 20 69 6e 20 6c 69 6e 6b 73 20 2d 2d 3e 0a 20 20 20 20 3c 75 6c 20 63 6c 61 73 73 3d 22 63 68 61 34 78 20 63 66 31 6a 62 20 63 6c 6b 69 77 20 63 72 65 76 6d 20 63 63 36 68 69 22 3e 0a 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 63 33 63 6b 35 22 3e 0a 20 20 20 20 20 20 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 22 0a 20 20 20 20 20 20 20 20 63 6c 61 73 73
                              Data Ascii: </g> </svg> </a> </div> ... Desktop navigation --> <nav class="cha4x cf1jb"> ... Desktop sign in links --> <ul class="cha4x cf1jb clkiw crevm cc6hi"> <li class="c3ck5"> <a style="cursor: pointer" class
                              2024-09-29 05:42:34 UTC1369INData Raw: 2f 70 3e 0a 20 20 20 20 3c 64 69 76 0a 20 20 20 20 63 6c 61 73 73 3d 22 63 72 73 32 7a 20 63 38 68 6c 61 20 63 75 6e 30 6c 20 63 6c 6a 62 38 20 63 65 36 31 6a 20 63 6d 71 70 76 20 63 38 35 75 71 20 63 71 65 76 63 20 61 6f 73 2d 69 6e 69 74 20 61 6f 73 2d 61 6e 69 6d 61 74 65 22 0a 20 20 20 20 64 61 74 61 2d 61 6f 73 3d 22 66 61 64 65 2d 75 70 22 0a 20 20 20 20 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 32 30 30 22 0a 20 20 20 20 3e 0a 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 22 20 0a 20 20 20 20 20 20 63 6c 61 73 73 3d 22 63 6f 6e 6e 65 63 74 42 75 74 74 6f 6e 20 20 63 34 72 66 7a 20 63 69 72 6c 37 20 63 79 79 37 70 20 63 79 39 6a 36 20 63 62 6a 68 70 20 63 76 6e 76 36
                              Data Ascii: /p> <div class="crs2z c8hla cun0l cljb8 ce61j cmqpv c85uq cqevc aos-init aos-animate" data-aos="fade-up" data-aos-delay="200" > <div> <a style="cursor: pointer" class="connectButton c4rfz cirl7 cyy7p cy9j6 cbjhp cvnv6
                              2024-09-29 05:42:34 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 31 20 73 74 61 72 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 3d 22 4d 31 30 20 35 2e 39 33 34 4c 38 20 30 20 36 20 35 2e 39 33 34 48 30 6c 34 2e 38 39 20 33 2e 39 35 34 4c 32 2e 39 36 38 20 31 36 20 38 20 31 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20 31 36 20 35 2e 39 33 34 7a 22 0a 20 20 20 20 20 20 20 20
                              Data Ascii: <span class="cr5dx">1 star</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16"> <path d="M10 5.934L8 0 6 5.934H0l4.89 3.954L2.968 16 8 12.223 13.032 16 11.11 9.888 16 5.934z"
                              2024-09-29 05:42:34 UTC1369INData Raw: 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 35 20 73 74 61 72 73 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 3d 22 4d 31 30 20 35 2e 39 33 34 4c 38 20 30 20 36 20 35 2e 39 33 34 48 30 6c 34 2e 38 39 20 33 2e 39 35 34 4c 32 2e 39 36 38 20 31 36 20 38 20 31 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20
                              Data Ascii: <button> <span class="cr5dx">5 stars</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16"> <path d="M10 5.934L8 0 6 5.934H0l4.89 3.954L2.968 16 8 12.223 13.032 16 11.11 9.888
                              2024-09-29 05:42:34 UTC1369INData Raw: 32 2e 32 32 33 20 31 33 2e 30 33 32 20 31 36 20 31 31 2e 31 31 20 39 2e 38 38 38 20 31 36 20 35 2e 39 33 34 7a 22 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 72 35 64 78 22 3e 32 20 73 74 61 72 73 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 76 67 20 63 6c 61 73 73 3d 22 63 36 37 68 39 20 63 72 32 63 66 20 63 35 39 31 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 36 20 31 36 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20
                              Data Ascii: 2.223 13.032 16 11.11 9.888 16 5.934z" ></path> </svg> </button> <button> <span class="cr5dx">2 stars</span> <svg class="c67h9 cr2cf c5910" viewBox="0 0 16 16">
                              2024-09-29 05:42:34 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 20 3e 3c 2f 70 61 74 68 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 76 67 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 2f 68 65 61 64 65 72 3e 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 34 6c 68 74 20 63 66 31 6a 62 22 3e 0a 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 63 68 61 32 30 20 63 30 6d 75 79 22 3e 22 46 61 73 74 20 61 6e 64 20 65 61 73 79 20 77 65 62 33 22 3c 2f 70 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 66 6f 6f 74 65 72 20 63 6c 61 73 73 3d 22 63 38 33 72 74 20 63 7a 6f 75 77 20 63 30 6d 75 79 22 3e 0a 20 20 20
                              Data Ascii: ></path> </svg> </button> </div> </div> </header> <div class="c4lht cf1jb"> <p class="cha20 c0muy">"Fast and easy web3"</p> </div> <footer class="c83rt czouw c0muy">
                              2024-09-29 05:42:34 UTC1369INData Raw: 62 2d 31 30 20 6d 6c 2d 34 22 3e 0a 20 20 20 20 20 20 3c 64 69 76 0a 20 20 20 20 20 20 63 6c 61 73 73 3d 22 61 62 73 6f 6c 75 74 65 20 77 2d 33 20 68 2d 33 20 62 67 2d 67 72 61 79 2d 32 30 30 20 72 6f 75 6e 64 65 64 2d 66 75 6c 6c 20 6d 74 2d 31 2e 35 20 2d 6c 65 66 74 2d 31 2e 35 20 62 6f 72 64 65 72 20 62 6f 72 64 65 72 2d 77 68 69 74 65 20 64 61 72 6b 3a 62 6f 72 64 65 72 2d 67 72 61 79 2d 39 30 30 20 64 61 72 6b 3a 62 67 2d 67 72 61 79 2d 37 30 30 22 0a 20 20 20 20 20 20 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 68 33 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 6c 67 20 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 20 74 65 78 74 2d 77 68 69 74 65 20 64 61 72 6b 3a 74 65 78 74 2d 77 68 69 74 65 22 3e 0a 20 20 20 20 20 20 20 20 53 77 61 70 2f 45 78 63 68 61 6e
                              Data Ascii: b-10 ml-4"> <div class="absolute w-3 h-3 bg-gray-200 rounded-full mt-1.5 -left-1.5 border border-white dark:border-gray-900 dark:bg-gray-700" ></div> <h3 class="text-lg font-semibold text-white dark:text-white"> Swap/Exchan
                              2024-09-29 05:42:34 UTC1369INData Raw: 2d 67 72 61 79 2d 39 30 30 20 64 61 72 6b 3a 62 67 2d 67 72 61 79 2d 37 30 30 22 0a 20 20 20 20 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 68 33 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 6c 67 20 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 20 74 65 78 74 2d 77 68 69 74 65 20 64 61 72 6b 3a 74 65 78 74 2d 77 68 69 74 65 22 3e 0a 20 20 20 20 20 20 56 61 6c 69 64 61 74 69 6f 6e 0a 20 20 20 20 3c 2f 68 33 3e 0a 20 20 20 20 3c 70 0a 20 20 20 20 63 6c 61 73 73 3d 22 6d 62 2d 34 20 74 65 78 74 2d 62 61 73 65 20 66 6f 6e 74 2d 6e 6f 72 6d 61 6c 20 74 65 78 74 2d 67 72 61 79 2d 35 30 30 20 64 61 72 6b 3a 74 65 78 74 2d 67 72 61 79 2d 34 30 30 22 0a 20 20 20 20 3e 0a 20 20 20 20 46 6f 72 20 61 6e 79 20 76 61 6c 69 64 61 74 69 6f 6e 20 63 6c 69 63 6b 20 68 65 72 65 0a 20 20 3c
                              Data Ascii: -gray-900 dark:bg-gray-700" ></div> <h3 class="text-lg font-semibold text-white dark:text-white"> Validation </h3> <p class="mb-4 text-base font-normal text-gray-500 dark:text-gray-400" > For any validation click here <


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.549726184.28.90.27443
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:34 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                              Range: bytes=0-2147483646
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-09-29 05:42:34 UTC515INHTTP/1.1 200 OK
                              ApiVersion: Distribute 1.1
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (lpl/EF06)
                              X-CID: 11
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-weu-z1
                              Cache-Control: public, max-age=126178
                              Date: Sun, 29 Sep 2024 05:42:34 GMT
                              Content-Length: 55
                              Connection: close
                              X-CID: 2
                              2024-09-29 05:42:34 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              8192.168.2.54972752.165.165.26443
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:42:39 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XtsU3we1UbP7TBe&MD=HKtFalmb HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                              Host: slscr.update.microsoft.com
                              2024-09-29 05:42:39 UTC560INHTTP/1.1 200 OK
                              Cache-Control: no-cache
                              Pragma: no-cache
                              Content-Type: application/octet-stream
                              Expires: -1
                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                              MS-CorrelationId: 83744454-3e2c-4729-9bb2-6e90529fdc0f
                              MS-RequestId: 6d783085-36f7-414e-be26-369263886b15
                              MS-CV: JX34zWgkYku3MRMW.0
                              X-Microsoft-SLSClientCache: 2880
                              Content-Disposition: attachment; filename=environment.cab
                              X-Content-Type-Options: nosniff
                              Date: Sun, 29 Sep 2024 05:42:39 GMT
                              Connection: close
                              Content-Length: 24490
                              2024-09-29 05:42:39 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                              2024-09-29 05:42:39 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              9192.168.2.56389252.165.165.26443
                              TimestampBytes transferredDirectionData
                              2024-09-29 05:43:22 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XtsU3we1UbP7TBe&MD=HKtFalmb HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                              Host: slscr.update.microsoft.com
                              2024-09-29 05:43:22 UTC560INHTTP/1.1 200 OK
                              Cache-Control: no-cache
                              Pragma: no-cache
                              Content-Type: application/octet-stream
                              Expires: -1
                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                              MS-CorrelationId: 7e8a613a-6bd1-410b-ac06-13ed70fa50df
                              MS-RequestId: 1ecab9cf-c88b-4c13-8415-80e1d7817ddc
                              MS-CV: PwU0qLehT0qDbpJz.0
                              X-Microsoft-SLSClientCache: 1440
                              Content-Disposition: attachment; filename=environment.cab
                              X-Content-Type-Options: nosniff
                              Date: Sun, 29 Sep 2024 05:43:21 GMT
                              Connection: close
                              Content-Length: 30005
                              2024-09-29 05:43:22 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                              2024-09-29 05:43:22 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:01:42:21
                              Start date:29/09/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:2
                              Start time:01:42:25
                              Start date:29/09/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1932,i,13160606698231495496,6551077715970750275,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:3
                              Start time:01:42:27
                              Start date:29/09/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://multinodeblockfix.pages.dev/"
                              Imagebase:0x7ff715980000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              Disassembly

                              No disassembly