Edit tour

Windows Analysis Report
http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com

Overview

General Information

Sample URL:	http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com
Analysis ID:	1541078
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Suspicious iFrame src set

Call-Chain indicates evasion measures

AV process strings found (often used to terminate AV products)

Downloads executable code via HTTP

Drops PE files

Dynamic code execution using eval()

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

PE file does not import any functions

PE file overlay found

Script element or tag injection

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 5632 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --start-maximized "about:blank" MD5: B6CB00FCB81D3B66870817AEBE7163BB)

chrome.exe (PID: 2972 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2056 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: B6CB00FCB81D3B66870817AEBE7163BB)

chrome.exe (PID: 7952 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: B6CB00FCB81D3B66870817AEBE7163BB)

chrome.exe (PID: 8108 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5208 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: B6CB00FCB81D3B66870817AEBE7163BB)

chrome.exe (PID: 6244 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" "http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com" MD5: B6CB00FCB81D3B66870817AEBE7163BB)

rundll32.exe (PID: 2064 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)

cleanup

Source: https\://www.google.com/search?q=virustotal&oq=virustotal&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIHCAEQABiABDIKCAIQABixAxiABDIHCAMQABiABDIHCAQQABiABDIHCAUQABiABDIHCAYQABiABDIECAcQBdIBCDIyNDlqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8

JavaScript Tracing: iFrame src-attribute dynamically set to a suspicious value that is not cleared for this origin: "https\://www.youtube.com/embed/?enablejsapi=1&rel=0&autoplay=0&playsinline=1&expflag=embeds_enable_muted_autoplay%3Atrue&fs=1"

Call-Chain indicates evasion measures

Source: https\://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldjgd0kAAAAAITm7ipWF7o7kPL_81SaSfdINiOc&co=aHR0cHM6Ly93d3cudmlydXN0b3RhbC5jb206NDQz&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=f7hputyw0w1c

JavaScript Tracing: Detected writing of HTML string to DOM by setting the property HTMLDivElement.innerHTML after method call to atob()

Source: https\://www.virustotal.com/gui/	JavaScript Tracing: call to eval("require")
Source: https\://www.virustotal.com/gui/	JavaScript Tracing: call to eval("require")

Source: https\://www.virustotal.com/gui/	JavaScript Tracing: HTMLScriptElement has been added to the DOM dynamically using "insertBefore();"
Source: https\://www.google.com/search?q=virustotal&oq=virustotal&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIHCAEQABiABDIKCAIQABixAxiABDIHCAMQABiABDIHCAQQABiABDIHCAUQABiABDIHCAYQABiABDIECAcQBdIBCDIyNDlqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	JavaScript Tracing: HTMLScriptElement has been added to the DOM dynamically using "appendChild();"
Source: https\://www.virustotal.com/gui/	JavaScript Tracing: HTMLScriptElement has been added to the DOM dynamically using "appendChild();"

Source: https://www.virustotal.com/gui/home/upload	HTTP Parser: No favicon
Source: https://www.virustotal.com/gui/home/upload	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49828 version: TLS 1.2

Source:	Binary string: MpAdlElvtStub.pdb source: Unconfirmed 135111.crdownload.4.dr
Source:	Binary string: MpAdlElvtStub.pdbGCTL source: Unconfirmed 135111.crdownload.4.dr

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Thu, 24 Oct 2024 09:42:35 GMTContent-Type: application/octet-streamContent-Length: 13554464Connection: keep-aliveCache-Control: public,max-age=172800Last-Modified: Thu, 10 Oct 2024 17:25:31 GMTX-CID: 10004X-CCC: c8f5eedd-9fca-40ac-a31c-6acfdf21da03Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Cache-Status: STALEAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 fc 34 be 82 b8 55 d0 d1 b8 55 d0 d1 b8 55 d0 d1 eb 2a d4 d0 a3 55 d0 d1 eb 2a d3 d0 a9 55 d0 d1 eb 2a d5 d0 76 55 d0 d1 eb 2a d1 d0 b1 55 d0 d1 b8 55 d1 d1 98 54 d0 d1 eb 2a d9 d0 f3 55 d0 d1 eb 2a 2f d1 b9 55 d0 d1 eb 2a d2 d0 b9 55 d0 d1 52 69 63 68 b8 55 d0 d1 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 26 c1 06 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0e 24 00 00 03 00 00 d0 c9 00 00 00 00 00 20 73 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 10 00 00 0a 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 cc 00 00 10 00 00 0a a0 cf 00 02 00 60 c1 00 00 08 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 9c f8 03 00 64 00 00 00 00 70 04 00 a4 6d c8 00 00 40 04 00 94 26 00 00 00 e0 cc 00 20 f3 01 00 00 e0 cc 00 74 06 00 00 28 a6 03 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 35 03 00 28 00 00 00 40 34 03 00 40 01 00 00 00 00 00 00 00 00 00 00 a8 35 03 00 c8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 f5 02 00 00 10 00 00 00 00 03 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 f9 00 00 00 10 03 00 00 00 01 00 00 10 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 10 29 00 00 00 10 04 00 00 20 00 00 00 10 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 94 26 00 00 00 40 04 00 00 30 00 00 00 30 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 a4 6d c8 00 00 70 04 00 00 70 c8 00 00 60 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 74 06 00 00 00 e0 cc 00 00 10 00 00 00 d0 cc 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$4UUU*U*U*vU*UUT*U*/U*URichUPEd&g"$

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8
Source: unknown	TCP traffic detected without corresponding DNS query: 74.248.121.8

Source: global traffic	HTTP traffic detected: GET /crx/blobs/AYA8Vyx2J_yUZTKcv47OjJ_lQNlaCYqeh8SOiGiawnXT0TvFvxRmwfkcv63jai6G-68PkdQz0qjWRURdD69KjIEk_1WMoGqX2-nmHyARS_kIQQQ8jggfB8g6y3OxQgNbZ3cAxlKa5c6rbuh5modTsW2qcgj5aN-TT3fn/EFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ_24_10_2_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /webstore/inlineinstall/detail/efaidnbmnnnibpcajpcglclefindmkaj HTTP/1.1Host: chrome.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=sZTN4KFwpgdCGN8&MD=VOzp3FM4 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/v8fRusw26IA/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lUX2FHndjDzIURPsJS5ZExpo-D8g HTTP/1.1Host: i.ytimg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/Sf2UdT53yFw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nHnDZp41kd8qjHwRBAPpl1cxalyQ HTTP/1.1Host: i.ytimg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/4Eu8wrEejUI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nnSobupLFu6PdHSkj0YQIBkMbOeQ HTTP/1.1Host: i.ytimg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/ HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/Sf2UdT53yFw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nHnDZp41kd8qjHwRBAPpl1cxalyQ HTTP/1.1Host: i.ytimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/v8fRusw26IA/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lUX2FHndjDzIURPsJS5ZExpo-D8g HTTP/1.1Host: i.ytimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /vi/4Eu8wrEejUI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nnSobupLFu6PdHSkj0YQIBkMbOeQ HTTP/1.1Host: i.ytimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/main.1e3f41455405da971270.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /iframe_api?version=3 HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gtm.js?id=GTM-KFBGZNL HTTP/1.1Host: www.googletagmanager.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: AEC=AVYB7cpccTh9qwqFyj4nX8TIScimqkA-LIWOz92B_7kSK-horAARNCQ5jw; NID=518=awiY7bKL_vMa6OhaQE7bbd-jbde9_9xRh3ibyX-vE6QW3xQO33L78F5wTCDqWHd5MO55e04TCTNIGO0HYApClE4MyUauVl1nDvFUGnlwrIS_nrWksx4CN8d_XeXfhNHPHVp1hg37BH3njVCsdzrr4Fk6lG1UvcQR-O0G1Co9P_Cgl3Rr7ssmkum7hP0u8-Vlhgs7xfC1E74
Source: global traffic	HTTP traffic detected: GET /iframe_api?version=3 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /X-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/main.1e3f41455405da971270.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/2121f4aabac6fbe523ec.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/1402accbefdec6a25762.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/ee990a93df71bfdfb3b5.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ui/user_notifications HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTAwODA5NTY0NzgtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYyOTg5LjY0Ng==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ui/cookie_disclaimer HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTE4MjYwNjM4OTYtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYyOTg5LjY1NA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /analytics.js HTTP/1.1Host: www.google-analytics.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/5978.4206cee10d7d4c2afd11.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/88220.7a7bbdb48b5a17981431.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-shell-extra-deps.2f0832bf9cf1fc541ba6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ui/user_notifications HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /analytics.js HTTP/1.1Host: www.google-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /v1/pages/ChRDaHJvbWUvMTE0LjAuNTczNS45MBIQCXGeWqiY4LsDEgUNU1pHxQ==?alt=proto HTTP/1.1Host: content-autofill.googleapis.comConnection: keep-aliveX-Goog-Encode-Response-If-Executable: base64X-Goog-Api-Key: dummytokenX-Client-Data: CPTfygE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/25076.f1d5707846ec1ba9ed7f.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/88116.be3428c199d3d7ca9393.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/static/qrcode.min.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /css?family=Google+Sans HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /icon?family=Material+Icons HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CPTfygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/5978.4206cee10d7d4c2afd11.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/88220.7a7bbdb48b5a17981431.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-shell-extra-deps.2f0832bf9cf1fc541ba6.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /ui/cookie_disclaimer HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/25076.f1d5707846ec1ba9ed7f.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=G-BLNDV9X2JR&cx=c&_slc=1 HTTP/1.1Host: www.googletagmanager.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/88116.be3428c199d3d7ca9393.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/static/qrcode.min.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/images/favicon.svg HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/static/opensearch.xml HTTP/1.1Host: www.virustotal.comConnection: keep-aliveSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/service-worker.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://www.virustotal.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/manifest.json HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /gui/images/favicon.svg HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/images/manifest/icon-192x192.png HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/images/manifest/icon-192x192.png HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=sZTN4KFwpgdCGN8&MD=VOzp3FM4 HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /gui/sha256.worker.5553997fe32b1412e31e.worker.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/sha256.worker.5553997fe32b1412e31e.worker.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTEwOTQ5NTQxMDEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDM3LjM4MQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/submission/challenge HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonCache-Control: no-cacheAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTQ4OTkxMDg3NTMtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDM5LjI5sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36796.52ea6edb5c8ac00adeb8.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/22232.91445a0c09a3242fac1c.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/34894.ada184a092746870eefc.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/59084.04d6b3360a5bc50128d1.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/30592.64f38a11064ff2dd4b23.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36796.52ea6edb5c8ac00adeb8.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71254.89ea96287cbc8b900860.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/22232.91445a0c09a3242fac1c.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/58686.e43f75fcd3216c74cafe.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/34894.ada184a092746870eefc.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/70520.2084d2d63c64ac00d8ff.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75884.d7767dd34ca82b896517.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/59084.04d6b3360a5bc50128d1.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71254.89ea96287cbc8b900860.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/58686.e43f75fcd3216c74cafe.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/30592.64f38a11064ff2dd4b23.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88687.cca6b938f5ec6b221b34.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/submission/challenge HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/70520.2084d2d63c64ac00d8ff.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/8405.86474e95af8bef65079f.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71288.1829e1a8db7a3e06e295.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75884.d7767dd34ca82b896517.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/45428.d50e11e1e27c0917ea14.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88687.cca6b938f5ec6b221b34.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26044.e227fd5c65cff1753dd6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/76194.9a49eca4de4d4a1bd1bf.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/33274.186e9fb49d3ce6fbe3b3.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/21928.84211e4ee5e5aa330648.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/8405.86474e95af8bef65079f.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71288.1829e1a8db7a3e06e295.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/11358.f3f57088de337b2eacd2.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/74278.4e291418bc556b622962.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/45428.d50e11e1e27c0917ea14.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26044.e227fd5c65cff1753dd6.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/76194.9a49eca4de4d4a1bd1bf.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/16339.0119306c79f13a4051bd.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/submissions/add HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38304.fb4a0d25cd02c2064144.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/5796.a9e8212a1628cbdb8bce.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/33274.186e9fb49d3ce6fbe3b3.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/21928.84211e4ee5e5aa330648.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/84569.030dc629fa8cc22ed550.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/74278.4e291418bc556b622962.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/13420.2099364bebdd02277cf9.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/30192.1c2ba98f9e3aa24d1929.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/11358.f3f57088de337b2eacd2.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/51452.bfed120085deab858144.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/16339.0119306c79f13a4051bd.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67916.54c2c0cc036592986ddb.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/5796.a9e8212a1628cbdb8bce.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88292.a814e2f9bbd53eb184a3.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38304.fb4a0d25cd02c2064144.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/52564.fcbb1496712f373a7906.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/84569.030dc629fa8cc22ed550.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/97174.987fc1d4b24686f2c0c7.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/13420.2099364bebdd02277cf9.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/30192.1c2ba98f9e3aa24d1929.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/51452.bfed120085deab858144.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67916.54c2c0cc036592986ddb.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/97174.987fc1d4b24686f2c0c7.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/52564.fcbb1496712f373a7906.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88292.a814e2f9bbd53eb184a3.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTgxNzQyODM3NjctWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjM1MQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTI4OTQ4MzI0MDAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_urls HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTkxOTAxNDQ5NDEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_domains HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTg1ODc1NDgxMTEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_ips HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTIwMTIzNTQxNTAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/execution_parents HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk0ODk2MzQxNjItWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_parents HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk1MTk5ODI1NzUtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_urls HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTkxNDMxNDI2MDQtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwNA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_children HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk4OTY1NDA1MTYtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwNA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_domains HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_ips HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mitre_trees HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk1NDI1MjQ2ODAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQxMw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mbc_trees HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTg1NDMxNjI2NDgtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQxNA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/execution_parents HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/mitre_format?link=true HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTYyNTkwMzkxMTAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQxNA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_parents HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviours?limit=40 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTcwNjQzMzk4ODMtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQxNQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_children HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/votes?relationships=item%2Cvoter HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTA3MjE5NjMwMTItWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ3LjE2Nw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/comments?relationships=item%2Cauthor HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTc3MjUwNjI0MTQtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ3LjE2Nw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mitre_trees HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/graphs?relationships=owner%2Cviewers%2Ceditors HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTMxOTM3ODU1NzgtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ3LjE2Nw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files?limit=10&cursor=eyJsaW1pdCI6IDEwLCAib2Zmc2V0IjogMTB9 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTQ5NTMzMjcwODAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ3LjY5Ng==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files?limit=10&cursor=MTB8fHYzfHwxNzI5NzYzMDQ4fHwzY2M1YzM1YzM0ZmIzZDFjNDlkZTVjZTc4NzQzZWNhMmI2YjhmYTRkYzQ1ZTQyYTljMmYyZGIwYThiY2NiYmNk HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTA0NDU0OTYwMTMtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ5LjEyMQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/votes?relationships=item%2Cvoter HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mbc_trees HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/icon.types-peexe.d2868179402000c6d4c8.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/comments?relationships=item%2Cauthor HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/graphs?relationships=owner%2Cviewers%2Ceditors HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mitre_trees HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"x-app-version: v1x308x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk2NDUxMDAyNTEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDUwLjY5NA==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviours?limit=40 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/icon.types-peexe.d2868179402000c6d4c8.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/users/zbetcheckin/avatar HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files?limit=10&cursor=eyJsaW1pdCI6IDEwLCAib2Zmc2V0IjogMTB9 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files?limit=10&cursor=MTB8fHYzfHwxNzI5NzYzMDQ4fHwzY2M1YzM1YzM0ZmIzZDFjNDlkZTVjZTc4NzQzZWNhMmI2YjhmYTRkYzQ1ZTQyYTljMmYyZGIwYThiY2NiYmNk HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/users/zbetcheckin/avatar HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mitre_trees HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
Source: global traffic	HTTP traffic detected: GET /d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com HTTP/1.1Host: 74.248.121.8Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: global traffic	DNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: sb-ssl.google.com
Source: global traffic	DNS traffic detected: DNS query: tunnel.googlezip.net

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 09:43:06 GMTContent-Length: 0Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 09:43:07 GMTContent-Length: 0Connection: close

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49828 version: TLS 1.2

Source: Unconfirmed 135111.crdownload.4.dr

Static PE information: Resource name: CABINET type: Microsoft Cabinet archive data, many, 13133082 bytes, 230 files, at 0x2c +A "Catalogs\igd.cat" +A "Powershell\MSFT_MpBehavioralNetworkBlockingRules.cdxml", number 1, 1450 datablocks, 0x1503 compression

Source: 96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp.4.dr

Static PE information: No import functions for PE file found

Source: 96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp.4.dr

Static PE information: Data appended to the last section found

Source: classification engine

Classification label: mal52.phis.evad.win@41/3@18/27

Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

File created: C:\Users\user\Downloads\96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp

Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown

Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Source: unknown	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2056 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" "http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com"
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5208 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2056 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5208 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: MpAdlElvtStub.pdb source: Unconfirmed 135111.crdownload.4.dr
Source:	Binary string: MpAdlElvtStub.pdbGCTL source: Unconfirmed 135111.crdownload.4.dr

Source: 96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp.4.dr

Static PE information: real checksum: 0xcfa00a should be: 0x933f

Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	File created: C:\Users\user\Downloads\96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	File created: C:\Users\user\Downloads\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 135111.crdownload	Jump to dropped file

Source: C:\Windows\System32\rundll32.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

Source: Unconfirmed 135111.crdownload.4.dr

Binary or memory string: MsMpEng.exe

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	22 JavaScript	Path Interception	1 Process Injection	1 Masquerading	OS Credential Dumping	1 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Rundll32	LSASS Memory	1 System Information Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Process Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	15 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	13 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
C:\Users\user\Downloads\Unconfirmed 135111.crdownload	0%	ReversingLabs
C:\Users\user\Downloads\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe (copy)	0%	ReversingLabs

Source	Detection	Scanner	Label	Link
https://chrome.cloudflare-dns.com/dns-query	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
chrome.cloudflare-dns.com	162.159.61.3	true	false	unknown
sb-ssl.l.google.com	172.217.16.206	true	false	unknown
tunnel.googlezip.net	216.239.34.157	true	false	unknown
www.google.com	142.250.185.196	true	false	unknown
googlehosted.l.googleusercontent.com	142.250.185.65	true	false	unknown
clients2.googleusercontent.com	unknown	unknown	false	unknown
sb-ssl.google.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.virustotal.com/gui/images/favicon.svg	false		unknown
https://www.virustotal.com/gui/87347.c002f57d03220f54c084.js	false		unknown
https://www.virustotal.com/gui/70520.2084d2d63c64ac00d8ff.js	false		unknown
https://www.virustotal.com/gui/27197.598dbd3bfe6cc1efe979.js	false		unknown
https://www.virustotal.com/gui/manifest.json	false		unknown
https://www.virustotal.com/gui/52564.fcbb1496712f373a7906.js	false		unknown
https://www.virustotal.com/gui/88116.be3428c199d3d7ca9393.js	false		unknown
https://clients2.googleusercontent.com/crx/blobs/AYA8Vyx2J_yUZTKcv47OjJ_lQNlaCYqeh8SOiGiawnXT0TvFvxRmwfkcv63jai6G-68PkdQz0qjWRURdD69KjIEk_1WMoGqX2-nmHyARS_kIQQQ8jggfB8g6y3OxQgNbZ3cAxlKa5c6rbuh5modTsW2qcgj5aN-TT3fn/EFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ_24_10_2_0.crx	false		unknown
https://www.virustotal.com/gui/22232.91445a0c09a3242fac1c.js	false		unknown
https://www.virustotal.com/gui/88292.a814e2f9bbd53eb184a3.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_ips	false		unknown
https://www.virustotal.com/gui/	false		unknown
https://www.youtube.com/iframe_api?version=3	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/mitre_format?link=true	false		unknown
https://www.virustotal.com/gui/75884.d7767dd34ca82b896517.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_domains	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviours?limit=40	false		unknown
https://www.virustotal.com/gui/58686.e43f75fcd3216c74cafe.js	false		unknown
https://sb-ssl.google.com/safebrowsing/clientreport/download?key=dummytoken	false		unknown
https://www.virustotal.com/gui/1402accbefdec6a25762.woff2	false		unknown
https://www.virustotal.com/gui/5796.a9e8212a1628cbdb8bce.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_children	false		unknown
https://www.virustotal.com/gui/2121f4aabac6fbe523ec.woff2	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files	false		unknown
https://www.virustotal.com/gui/vt-ui-sw-installer.3166763520a2b299ee12.js	false		unknown
https://www.virustotal.com/gui/images/manifest/icon-192x192.png	false		unknown
https://chrome.google.com/webstore/inlineinstall/detail/efaidnbmnnnibpcajpcglclefindmkaj	false		unknown
https://www.virustotal.com/gui/sha256.worker.5553997fe32b1412e31e.worker.js	false		unknown
https://www.virustotal.com/gui/49272.372a1ed11135b11cd4f7.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/bundled_files?limit=10&cursor=MTB8fHYzfHwxNzI5NzYzMDQ4fHwzY2M1YzM1YzM0ZmIzZDFjNDlkZTVjZTc4NzQzZWNhMmI2YjhmYTRkYzQ1ZTQyYTljMmYyZGIwYThiY2NiYmNk	false		unknown
https://www.virustotal.com/gui/36253.6f4dc6a9d8dab2123ae5.js	false		unknown
https://www.virustotal.com/gui/74278.4e291418bc556b622962.js	false		unknown
https://www.virustotal.com/gui/88687.cca6b938f5ec6b221b34.js	false		unknown
https://www.virustotal.com/gui/84569.030dc629fa8cc22ed550.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/pe_resource_parents	false		unknown
https://www.virustotal.com/gui/home/upload	false		unknown
https://www.virustotal.com/gui/38304.fb4a0d25cd02c2064144.js	false		unknown
https://www.virustotal.com/gui/13420.2099364bebdd02277cf9.js	false		unknown
https://www.virustotal.com/ui/files/submission/challenge	false		unknown
https://www.virustotal.com/gui/ee990a93df71bfdfb3b5.woff2	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/submissions/add	false		unknown
https://www.virustotal.com/gui/30192.1c2ba98f9e3aa24d1929.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/execution_parents	false		unknown
https://www.virustotal.com/gui/main.1e3f41455405da971270.js	false		unknown
https://www.virustotal.com/gui/71254.89ea96287cbc8b900860.js	false		unknown
https://www.virustotal.com/gui/static/qrcode.min.js	false		unknown
https://www.virustotal.com/gui/59084.04d6b3360a5bc50128d1.js	false		unknown
https://www.virustotal.com/gui/30592.64f38a11064ff2dd4b23.js	false		unknown
https://www.virustotal.com/gui/26044.e227fd5c65cff1753dd6.js	false		unknown
https://www.virustotal.com/gui/97174.987fc1d4b24686f2c0c7.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files?limit=10&cursor=eyJsaW1pdCI6IDEwLCAib2Zmc2V0IjogMTB9	false		unknown
https://www.virustotal.com/gui/25924.b3a6356de76617e73c99.js	false		unknown
https://www.virustotal.com/gui/67920.83f748ec82f4e379de06.js	false		unknown
https://www.virustotal.com/gui/45428.d50e11e1e27c0917ea14.js	false		unknown
https://www.virustotal.com/gui/static/opensearch.xml	false		unknown
https://www.virustotal.com/gui/71288.1829e1a8db7a3e06e295.js	false		unknown
https://www.virustotal.com/gui/67916.54c2c0cc036592986ddb.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mitre_trees	false		unknown
https://www.virustotal.com/gui/11358.f3f57088de337b2eacd2.js	false		unknown
https://www.virustotal.com/gui/service-worker.js	false		unknown
https://www.virustotal.com/ui/user_notifications	false		unknown
https://www.virustotal.com/	false		unknown
https://www.virustotal.com/gui/34894.ada184a092746870eefc.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/behaviour_mbc_trees	false		unknown
https://www.virustotal.com/gui/76194.9a49eca4de4d4a1bd1bf.js	false		unknown
https://www.virustotal.com/gui/file/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3	false		unknown
https://i.ytimg.com/vi/4Eu8wrEejUI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nnSobupLFu6PdHSkj0YQIBkMbOeQ	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/comments?relationships=item%2Cauthor	false		unknown
https://i.ytimg.com/vi/Sf2UdT53yFw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nHnDZp41kd8qjHwRBAPpl1cxalyQ	false		unknown
https://www.virustotal.com/gui/vt-ui-shell-extra-deps.2f0832bf9cf1fc541ba6.js	false		unknown
https://www.virustotal.com/gui/5978.4206cee10d7d4c2afd11.js	false		unknown
https://www.virustotal.com/ui/users/zbetcheckin/avatar	false		unknown
https://www.virustotal.com/gui/40946.52e58c8b2a8b55ad5067.js	false		unknown
https://www.virustotal.com/gui/33274.186e9fb49d3ce6fbe3b3.js	false		unknown
https://www.virustotal.com/gui/25076.f1d5707846ec1ba9ed7f.js	false		unknown
https://www.virustotal.com/ui/intelligence/rules_matching_iocs	false		unknown
https://www.virustotal.com/gui/8405.86474e95af8bef65079f.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/graphs?relationships=owner%2Cviewers%2Ceditors	false		unknown
https://www.virustotal.com/ui/cookie_disclaimer	false		unknown
https://www.virustotal.com/gui/16339.0119306c79f13a4051bd.js	false		unknown
https://play.google.com/log?format=json&hasfast=true	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_urls	false		unknown
https://www.virustotal.com/gui/21928.84211e4ee5e5aa330648.js	false		unknown
https://chrome.cloudflare-dns.com/dns-query	false	URL Reputation: safe	unknown
https://www.virustotal.com/gui/stackdriver-errors.3069a6025a2308368f46.js	false		unknown
https://www.virustotal.com/ui/signin?relationships=groups	false		unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0	false		unknown
https://www.virustotal.com/gui/36796.52ea6edb5c8ac00adeb8.js	false		unknown
https://www.virustotal.com/gui/51452.bfed120085deab858144.js	false		unknown
https://www.virustotal.com/gui/88220.7a7bbdb48b5a17981431.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3	false		unknown
https://www.virustotal.com/gui/icon.types-peexe.d2868179402000c6d4c8.js	false		unknown
https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/votes?relationships=item%2Cvoter	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.251.116.101	unknown	United States	15169	GOOGLEUS	false
142.251.116.100	unknown	United States	15169	GOOGLEUS	false
142.251.116.105	unknown	United States	15169	GOOGLEUS	false
142.250.114.119	unknown	United States	15169	GOOGLEUS	false
142.250.114.138	unknown	United States	15169	GOOGLEUS	false
142.251.116.103	unknown	United States	15169	GOOGLEUS	false
142.250.114.94	unknown	United States	15169	GOOGLEUS	false
142.251.116.97	unknown	United States	15169	GOOGLEUS	false
142.251.116.95	unknown	United States	15169	GOOGLEUS	false
142.250.113.139	unknown	United States	15169	GOOGLEUS	false
162.159.61.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false
74.125.34.46	unknown	United States	15169	GOOGLEUS	false
142.250.113.138	unknown	United States	15169	GOOGLEUS	false
172.64.41.3	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.185.65	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
74.248.121.8	unknown	United States	19108	SUDDENLINK-COMMUNICATIONSUS	false
142.251.116.156	unknown	United States	15169	GOOGLEUS	false
172.217.16.206	sb-ssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.113.95	unknown	United States	15169	GOOGLEUS	false
142.250.115.94	unknown	United States	15169	GOOGLEUS	false
142.250.138.190	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
216.239.34.157	tunnel.googlezip.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16
192.168.2.15
192.168.2.14

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1541078
Start date and time:	2024-10-24 11:41:50 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 40s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	18
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.evad.win@41/3@18/27
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 184.28.90.27, 142.250.185.174, 142.250.186.110, 108.177.15.84, 142.250.113.94
Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, accounts.google.com, slscr.update.microsoft.com, e16604.g.akamaiedge.net, clients.l.google.com, www.gstatic.com, prod.fs.microsoft.com.akadns.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com

Input	Output
URL: https://www.virustotal.com/gui/ Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.virustotal.com/gui/home/upload Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "By submitting data above, you are agreeing to our Terms of Service and Privacy Notice, and to the sharing of your Sample submission with the security community. Please do not submit any personal information; we are not responsible for the contents of your submission.", "prominent_button_name": "Choose file", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.virustotal.com/gui/ Model: claude-3-haiku-20240307	```json { "brands": [ "YARA", "API v3 \| v2" ] }
	```json { "brands": [ "YARA", "API v3 \| v2" ] }
URL: https://www.virustotal.com/gui/home/upload Model: claude-3-haiku-20240307	```json { "brands": [ "Virustotal" ] }
	```json { "brands": [ "Virustotal" ] }
URL: https://www.virustotal.com/gui/file/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "By submitting data above, you are agreeing to our Terms of Service and Privacy Notice, and to the sharing of your Sample submission with the security community. Please do not submit any personal information; we are not responsible for the contents of your submission.", "prominent_button_name": "Choose file", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.virustotal.com/gui/file/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 Model: claude-3-haiku-20240307	```json { "brands": [ "VirusTotal" ] }
	```json { "brands": [ "VirusTotal" ] }
URL: https://www.virustotal.com/gui/file/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "By submitting data above, you are agreeing to our Terms of Service and Privacy Notice, and to the sharing of your Sample submission with the security community. Please do not submit any personal information; we are not responsible for the contents of your submission.", "prominent_button_name": "Choose file", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.virustotal.com/gui/file/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 Model: claude-3-haiku-20240307	```json { "brands": [ "VirusTotal" ] }
	```json { "brands": [ "VirusTotal" ] }

Process:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	13983
Entropy (8bit):	5.15026237904272
Encrypted:	false
SSDEEP:	192:nj5iSDGqkCa635D+2TQdz5u6Z2+6/j5lvjsnADy19E/wHoazFq2nosvbWS/VMQuL:1iSDG6950hj6/7vjcAuLIazVWSd4z3n
MD5:	4166647ABE2296245BD9539D02A82CAB
SHA1:	A7B9D5B6880C35BCC02ACAB9200DC6D73A71D347
SHA-256:	4105C97390CE9E465D58A3CE1FD61D8EC8DA72946FBB66808B23FADF9A24D10B
SHA-512:	06AA36AD01A36CFA11297EEB48A77C61940304C028E53375D8E658CB2C7A783509ADAD06ABA5E6BD829C7A3301ABEB91DF3E218D6101820CA9C2D606C460F31B
Malicious:	false
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........4...U..U..U.....U.....U.....vU.....U..U..T......U.../.U...*..U..Rich.U..................PE..d...&..g.........."....$............ s.........@..........................................`.......... ..........................................d....p...m...@...&...... .......t...(...p....................5..(...@4..@............5...............................text............................... ..`.rdata..............................@..@.data....)....... ..................@....pdata...&...@...0...0..............@..@.rsrc....m...p...p...`..............@..@.reloc..t...........................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\Downloads\Unconfirmed 135111.crdownload

Download File

Process:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	13554464
Entropy (8bit):	7.994507809997566
Encrypted:	true
SSDEEP:	393216:5YvH4gUgrMtaMv8ilp4LQKTuWpecGuHbDbdK3/zK:yvH4g1XMvzDKnTuWf1rW2
MD5:	314D01D5B8C07042C0294833983F6B6B
SHA1:	D3F6F8300855E56B8ED00DA6DAC55A3C4CBF8C20
SHA-256:	C89726D27A208D8FA8E35A05C7F23DB37719571B9BD4FF7979EAE3EDC4B071F3
SHA-512:	B5A7F9F66020F3DEECE62587FAFAEC203131DE683CF540E428EAADBB33D38504E2BC020F1E119A9AE1C31F5B75D18DAC445FB3433DDE06AD1D396A8F7867CCB7
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........4...U..U..U.....U.....U.....vU.....U..U..T......U.../.U...*..U..Rich.U..................PE..d...&..g.........."....$............ s.........@..........................................`.......... ..........................................d....p...m...@...&...... .......t...(...p....................5..(...@4..@............5...............................text............................... ..`.rdata..............................@..@.data....)....... ..................@....pdata...&...@...0...0..............@..@.rsrc....m...p...p...`..............@..@.reloc..t...........................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\Downloads\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe (copy)

Download File

Process:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	13554464
Entropy (8bit):	7.994507809997566
Encrypted:	true
SSDEEP:	393216:5YvH4gUgrMtaMv8ilp4LQKTuWpecGuHbDbdK3/zK:yvH4g1XMvzDKnTuWf1rW2
MD5:	314D01D5B8C07042C0294833983F6B6B
SHA1:	D3F6F8300855E56B8ED00DA6DAC55A3C4CBF8C20
SHA-256:	C89726D27A208D8FA8E35A05C7F23DB37719571B9BD4FF7979EAE3EDC4B071F3
SHA-512:	B5A7F9F66020F3DEECE62587FAFAEC203131DE683CF540E428EAADBB33D38504E2BC020F1E119A9AE1C31F5B75D18DAC445FB3433DDE06AD1D396A8F7867CCB7
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........4...U..U..U.....U.....U.....vU.....U..U..T......U.../.U...*..U..Rich.U..................PE..d...&..g.........."....$............ s.........@..........................................`.......... ..........................................d....p...m...@...&...... .......t...(...p....................5..(...@4..@............5...............................text............................... ..`.rdata..............................@..@.data....)....... ..................@....pdata...&...@...0...0..............@..@.rsrc....m...p...p...`..............@..@.reloc..t...........................@..B........................................................................................................................................................................................................................................................................

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 24, 2024 11:42:29.833650112 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 24, 2024 11:42:30.148294926 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 24, 2024 11:42:30.754307032 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 24, 2024 11:42:31.005341053 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 24, 2024 11:42:31.958446980 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 24, 2024 11:42:32.991256952 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:32.991568089 CEST	49711	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:32.996767998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:32.996849060 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:32.997072935 CEST	80	49711	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:32.997148991 CEST	49711	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:32.999859095 CEST	49712	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:32.999917030 CEST	443	49712	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:33.000003099 CEST	49712	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:33.000180006 CEST	49712	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:33.000195026 CEST	443	49712	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:33.396759987 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:33.396816969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:33.396878004 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:33.397093058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:33.397109985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.258773088 CEST	443	49712	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:34.258867979 CEST	49712	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:34.259109974 CEST	49712	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:34.259131908 CEST	443	49712	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:34.259589911 CEST	49715	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:34.259685040 CEST	443	49715	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:34.259772062 CEST	49715	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:34.260063887 CEST	49715	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:34.260085106 CEST	443	49715	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:34.282108068 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.282386065 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.282449007 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.282973051 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.282990932 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.283080101 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.283099890 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.283210039 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.283991098 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.285301924 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.285404921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.285573959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.285592079 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.304505110 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 24, 2024 11:42:34.336324930 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.368323088 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 24, 2024 11:42:34.534516096 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.534574986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.534652948 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.534681082 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.538621902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.538677931 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.538686037 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.547483921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.547568083 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.547579050 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.556252003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.556310892 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.556320906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.564969063 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.565028906 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.565037966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.573657036 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.573715925 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.573725939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.582540035 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.582623005 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.582647085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.607307911 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 24, 2024 11:42:34.623384953 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.652967930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.654545069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.654588938 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.654638052 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.654701948 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.654772043 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.658955097 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.667692900 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.667741060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.667814970 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.667835951 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.667915106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.676496029 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.685203075 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.685273886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.685283899 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.685306072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.685370922 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.693926096 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.702734947 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.702788115 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.702800989 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.702816010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.702877998 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.711467028 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.720335960 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.720391035 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.720407963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.720424891 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.720520973 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.731143951 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.737324953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.737462997 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.737524033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.737552881 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.737607956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.744746923 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.752111912 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.752185106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.752217054 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.758831024 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.758882999 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.758903980 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.758928061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.759097099 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.771712065 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.774765015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.774821997 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.774832010 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.774851084 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.774863958 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.774897099 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.780314922 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.780375004 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.780395031 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.785084009 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.785177946 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.785187960 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.789117098 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.789202929 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.789210081 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.795058966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.795125961 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.795145035 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.804717064 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.804769993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.804785967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.804816961 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.804923058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.813761950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.821988106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.822060108 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.822091103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.830239058 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.830295086 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.830312967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.830323935 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.830370903 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.839270115 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.847121000 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.847172976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.847217083 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.847239971 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.847309113 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.854887009 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.862348080 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.862406015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.862418890 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.862437963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.862485886 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.865606070 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.870033026 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.870095968 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.870117903 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.879432917 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.879502058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.879523039 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.890607119 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.890645027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.890682936 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.890706062 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.890799999 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.893687963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.897833109 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.897892952 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.897953033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.897962093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.898098946 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.903213024 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.907900095 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.907951117 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.907964945 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.907979012 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.908083916 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.913868904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923158884 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923209906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923238039 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.923254967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923266888 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923329115 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.923347950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.923433065 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.931621075 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.940473080 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.940521955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.940588951 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.940608978 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.940664053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.949315071 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.960486889 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.960540056 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.960575104 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.960582972 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.960597038 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.960645914 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.966135025 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.966202021 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.966223001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.973788023 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.973862886 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.973877907 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.981481075 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.981550932 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.981566906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.988861084 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.988939047 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.988961935 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.996378899 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:34.996464014 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:34.996471882 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.009510994 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.009596109 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.009634972 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.012495995 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.012542963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.012557030 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.012576103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.012631893 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.014770031 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.016628027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.016688108 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.016702890 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.021898985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.021969080 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.021981955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.026643038 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.026710033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.026721001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.032563925 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.032601118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.032632113 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.032644987 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.032687902 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.041626930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.043116093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.043191910 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.043225050 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.050347090 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.050419092 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.050436974 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.059359074 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.059416056 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.059433937 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.059451103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.059642076 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.067734003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.069315910 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.069385052 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.069400072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.079385042 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.079463959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.079483032 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.086046934 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.086132050 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.086148977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.092545986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.092613935 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.092634916 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.100119114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.100181103 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.100191116 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.107604980 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.107665062 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.107675076 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.115087032 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.115135908 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.115190029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.115199089 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.115272045 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.128217936 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.131350994 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.131413937 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.131441116 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.131469011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.131531954 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.135723114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.135829926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.135900021 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.135931015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.140733004 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.140796900 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.140799999 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.140839100 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.141021013 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.146377087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.151623011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.151674986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.151693106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.151714087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.151820898 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.160542965 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169034004 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169101000 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169105053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.169126034 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169171095 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169174910 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.169183969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.169239998 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.177841902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.177918911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.177997112 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.178004980 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.186580896 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.186696053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.186708927 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.188083887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.188170910 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.188179016 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.198317051 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.198395967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.198407888 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.205311060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.205423117 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.205446005 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.211143017 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.211222887 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.211231947 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.214427948 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 24, 2024 11:42:35.218993902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.219062090 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.219069958 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.226309061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.226363897 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.226383924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.233971119 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.234045029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.234056950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.246884108 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.246979952 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.247008085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.250124931 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.250170946 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.250230074 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.250247955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.250539064 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.254393101 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.254460096 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.254497051 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.254542112 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.254550934 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.254592896 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.259515047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.259598970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.259673119 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.259680986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.265292883 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.265352964 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.265360117 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.270292044 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.270354033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.270359993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.279488087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.279561043 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.279575109 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.288013935 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.288049936 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.288081884 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.288091898 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.288121939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.288155079 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.296792984 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.296950102 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.296972036 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.305423021 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.305494070 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.305506945 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.306880951 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.306948900 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.306962013 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.317135096 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.317235947 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.317250013 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.323813915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.323862076 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.323893070 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.323898077 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.323909998 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.323954105 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.323987007 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.324098110 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.329962015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.337625027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.337666035 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.337723970 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.337739944 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.337810040 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.345182896 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.352823973 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.352874041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.352916002 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.352929115 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.352988958 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.365803003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.368855953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.368901968 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.368918896 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.368951082 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.369100094 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.373312950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.373380899 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.373411894 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.373457909 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.373470068 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.373701096 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.373708010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.378321886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.378391027 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.378397942 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.384198904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.384285927 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.384299040 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.389230967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.389271021 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.389353037 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.389369965 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.389573097 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.398221970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.407176018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.407227993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.407265902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.407300949 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.407344103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.407380104 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.421561956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.421611071 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.421670914 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.421709061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.421768904 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.424150944 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.425636053 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.425681114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.425714016 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.425728083 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.425811052 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.435858965 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.442711115 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.442756891 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.442791939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.442791939 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.442805052 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.442871094 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.442879915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.443013906 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.443150043 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.448705912 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.448754072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.448805094 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.448822975 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.448878050 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.456739902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.456818104 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.456895113 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.456907988 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.464313030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.464387894 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.464406013 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.472136974 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.472198963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.472208023 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.485085964 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.485163927 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.485181093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.487708092 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.487829924 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.487843037 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.492451906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.492485046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.492552042 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.492568970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.492631912 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.492686033 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.497423887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.497466087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.497529984 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.497545004 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.497613907 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.502943993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.507960081 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.507999897 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.508028984 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.508049011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.508363008 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.517056942 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.519803047 CEST	443	49715	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.519906044 CEST	49715	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.520106077 CEST	49715	443	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.520145893 CEST	443	49715	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.525111914 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.525955915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.526012897 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.526053905 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.526083946 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.526101112 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.526132107 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.526154041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.526202917 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.526216030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.530581951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.542248011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.542325020 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.542356968 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.543490887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.543636084 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.543653965 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.546084881 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.546200991 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.546217918 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.554945946 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.555032969 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.555044889 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.562613010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.562675953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.562711954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.562742949 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.562755108 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.562818050 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.563282013 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.563332081 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.563339949 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.563477993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.563545942 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.563553095 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.568802118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.568909883 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.568919897 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.576730967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.576833963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.576843023 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.583504915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.583575010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.583580971 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.583630085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.583813906 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.590812922 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.604607105 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.604656935 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.604717970 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.604753017 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.604803085 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.606689930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.611737967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.611795902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.611835003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.611840963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.611850023 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.611907005 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.611915112 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.612027884 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.616183043 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.616250992 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.616348028 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.616364956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.621671915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.621738911 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.621752977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.626950026 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.627032995 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.627048016 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.636060953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.636152983 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.636181116 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.644845963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.644928932 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.644985914 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.645009995 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.645088911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.645160913 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.645181894 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.645235062 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.659235954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.661684990 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.661767960 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.661780119 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.661809921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.661878109 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.663383007 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.673532963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.673614979 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.673641920 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.673733950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.673790932 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.673799038 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680488110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680581093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680655956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680655003 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.680692911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680726051 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.680891991 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.680979967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.681062937 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.681073904 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.681090117 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.681147099 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.681159973 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.681212902 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.686444044 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.694345951 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.694423914 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.694427967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.694458008 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.694637060 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.694647074 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.702784061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.702864885 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.702888012 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.709573030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.709642887 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.709664106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.722896099 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.723048925 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.723078012 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.725389957 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.725461960 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.725481033 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.730552912 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.730612040 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.730612040 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.730633974 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.730670929 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.730679035 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.734859943 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.734935999 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.734942913 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.734971046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.735215902 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.740561962 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.745578051 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.745651960 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.745661020 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.745686054 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.745743036 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.754683018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.763585091 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.763721943 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.763803959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.763816118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.763845921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.763873100 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.763994932 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.764040947 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.764055014 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.777872086 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.777956009 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.777978897 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.778053999 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.778107882 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.778115034 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.780787945 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.780853033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.780868053 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.782133102 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.782202959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.782217026 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.788690090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788712978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788742065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788757086 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788775921 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788800955 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788815022 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.788829088 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788845062 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788868904 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788885117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.788885117 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.788909912 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.788948059 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.792247057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.792434931 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.792517900 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.792522907 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.792555094 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.792637110 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.796149969 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.796173096 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.796189070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.796205044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.796295881 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.799355030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.799438000 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.799452066 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.799468994 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.799540997 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.799555063 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.799658060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.799736977 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.799751043 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.800260067 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.800843000 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.800857067 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.805269003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.805306911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.805377007 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.805388927 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.805638075 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.813113928 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.821538925 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.821572065 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.821645975 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.821661949 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.824553967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.828353882 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.841814995 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.841892958 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.841903925 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.844620943 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.844693899 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.844702959 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.844777107 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.844831944 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.844840050 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.849250078 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.849315882 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.849323988 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.849396944 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.849483967 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.849490881 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.856053114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.856558084 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.856568098 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.859379053 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.859466076 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.859472990 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.864537954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.864620924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.864692926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.864697933 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.864721060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.864748955 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.873542070 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.876607895 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.876633883 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.882283926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.882333040 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.882374048 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.882437944 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.882457018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.882481098 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.896606922 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.896641970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.896725893 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.896744967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.897135973 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.897142887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.899466991 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.899523973 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.899532080 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.900825977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.904556036 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.904562950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.911155939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.911201954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.911227942 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.911235094 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.911281109 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.911288977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918081045 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918116093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918148994 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918183088 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.918190956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918232918 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.918337107 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918375015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.918441057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918819904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918854952 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.918896914 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.918904066 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.919282913 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.919641018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.923989058 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.924017906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.924072981 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.924082041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.924134016 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.928829908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.928894997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.928931952 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.928965092 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.928982973 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.929001093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929101944 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.929202080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929276943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929277897 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.929442883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929497957 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929550886 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929558039 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.929586887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929606915 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.929621935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.929682970 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.930470943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.930524111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.930560112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.930592060 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.930628061 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.930628061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.930668116 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.931334019 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.931387901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.931422949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.931425095 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.931457043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.931477070 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.931493044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.931551933 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.931869030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.932198048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.932233095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.932296038 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.934535980 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.934751034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:35.934820890 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:35.940557957 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.940637112 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.940646887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.940675020 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.940737963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.947091103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.960675955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.960731983 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.960736036 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.960751057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.960861921 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.963457108 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968094110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968141079 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968178988 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968185902 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.968195915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968240976 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.968249083 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968291998 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.968657970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968791962 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.968909025 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.968916893 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.974782944 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.974899054 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.974906921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.978430986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.978522062 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.978529930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.983480930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.983604908 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.983618975 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.992321014 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:35.992386103 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:35.992413998 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.001559019 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.001612902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.001638889 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.001650095 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.001698017 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.001735926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.015502930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.015587091 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.015651941 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.015717030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.015856028 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.015872002 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019190073 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019226074 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019253016 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019260883 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.019274950 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019362926 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.019716978 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.019810915 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.019824028 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030179024 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030231953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030272961 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030313969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030324936 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.030339003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.030399084 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.037134886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.037322044 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.037388086 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.037391901 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.037410975 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.037467003 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.037873983 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.038009882 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.038073063 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.038134098 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.038149118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.038239002 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.038666010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.043104887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.043206930 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.043224096 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.050904036 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.050964117 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.051035881 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.051054955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.051110029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.051120996 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.059329987 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.059504986 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.059514999 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.066195011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.066312075 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.066323042 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.068783045 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068844080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068859100 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068876028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068892002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068933010 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.068960905 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068978071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068996906 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.068995953 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069022894 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069061041 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069171906 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069237947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069252968 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069268942 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069293022 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069334984 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069495916 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069524050 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069547892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069581032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069678068 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069694042 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069710016 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069727898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.069747925 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.069783926 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070053101 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070077896 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070096970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070115089 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070116043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070135117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070141077 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070202112 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070377111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070405960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070421934 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070468903 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070513010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070529938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070548058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070555925 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070575953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070590019 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070593119 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070607901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070625067 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.070661068 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.070691109 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.071188927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071219921 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071238995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071259975 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071279049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071285963 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.071295977 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071341038 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.071363926 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.071655989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071707010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071722984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071739912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.071768999 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.071801901 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.079566956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.079658985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.079669952 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.079680920 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.079741955 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.082283020 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.086962938 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.087064981 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.087074041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.087162018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.087215900 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.087222099 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.087359905 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.087410927 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.087418079 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.093863964 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.093941927 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.093955994 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.097270966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.097368956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.097383022 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.102385044 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.102484941 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.102492094 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.102515936 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.102579117 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.111068010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120373011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120424986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120439053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.120454073 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120506048 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120577097 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.120603085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.120691061 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.134275913 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.134462118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.134546995 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.134620905 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.134635925 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.134687901 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.134715080 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.137310028 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.137394905 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.137413979 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.137574911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.137648106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.137660980 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.138576031 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.138674974 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.138688087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.148726940 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.148766041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.148811102 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.148828983 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.148884058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.148919106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.155873060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.155910015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.155946016 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.155961990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.155977964 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156040907 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.156135082 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156196117 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.156352043 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156411886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156443119 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156466007 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.156481028 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.156542063 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.157164097 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.161761999 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.161850929 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.161854029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.161878109 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.161917925 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.169914007 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.170079947 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.170152903 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.170152903 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.170175076 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.170398951 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.178045988 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.184747934 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.184823990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.184839964 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.184936047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.185018063 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.185074091 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.185086966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.185400963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.185945988 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.185981989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186033964 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.186039925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186053991 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186132908 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.186144114 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186158895 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186177969 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186219931 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.186230898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186275005 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.186373949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186391115 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186410904 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.186433077 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.198203087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.201061010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.201113939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.201181889 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.201204062 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.201378107 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.205615044 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205739975 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205777884 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205801964 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.205807924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205821991 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205868006 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.205882072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.205926895 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.208863020 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.208885908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.208904028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.208942890 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.208981037 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209264994 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209300995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209317923 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209333897 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209351063 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209366083 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209384918 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209408998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209439039 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209455013 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209456921 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209552050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209553003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209569931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209585905 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209628105 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209698915 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209716082 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209732056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209763050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209774971 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.209835052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209878922 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209893942 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.209928989 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210021019 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210037947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210057020 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210058928 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210102081 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210118055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210139990 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210161924 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210330963 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210346937 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210364103 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210387945 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210434914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210449934 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210465908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210469007 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210503101 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210747004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210762978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210781097 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210805893 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210813999 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210822105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210839987 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.210845947 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.210875988 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.212290049 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.215859890 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.215913057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.215934038 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.215955019 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.216228962 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.216243029 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.220957041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.221031904 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.221066952 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.229974985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.230067015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.230079889 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.239202976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.239250898 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.239281893 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.239331007 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.239360094 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.239393950 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.253118038 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.253191948 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.253211021 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.253241062 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.253257036 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.253307104 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.256087065 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.256162882 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.256211996 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.256311893 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.256392956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.256419897 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.257303953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.257386923 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.257401943 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267739058 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267787933 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267812014 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.267841101 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267885923 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.267889977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267906904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.267956018 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.268174887 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.274764061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.274840117 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.274858952 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.274883986 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.274992943 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.275016069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275109053 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275177956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.275191069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275736094 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275821924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275911093 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.275928974 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.275990963 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.276207924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.288779974 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.288861990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.288894892 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.288981915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.289037943 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.289047956 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.289149046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.289220095 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.289231062 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.296889067 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.296972036 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.296978951 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.297003031 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.297076941 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.303333998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303404093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303419113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303436995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303464890 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303471088 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.303481102 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303503990 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.303529024 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.303551912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303574085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303592920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.303627014 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.303651094 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.303828001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.303886890 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.303900003 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.304016113 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.304070950 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.304079056 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.319014072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.319093943 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.319118023 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.321240902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.321311951 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.321329117 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325428009 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325501919 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.325517893 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325619936 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325710058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.325712919 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325743914 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.325813055 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.326097012 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.327387094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327409029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327424049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327466011 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.327503920 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.327533960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327708006 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327729940 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327745914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327760935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327771902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.327776909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327800989 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.327816010 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.327867985 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327882051 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327898026 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.327936888 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328068018 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328083992 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328099966 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328114033 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328114986 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328130960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328138113 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328146935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328162909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328169107 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328196049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328201056 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328221083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328237057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328253031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328267097 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328280926 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328282118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328299046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328305006 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328314066 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328330994 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328334093 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328349113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328358889 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328366041 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328381062 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328392982 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328397036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328412056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328418016 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328427076 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328443050 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328455925 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328459978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328474045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328474998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328490019 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328506947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328524113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.328526020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.328551054 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.331206083 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.331301928 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.331334114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.334681034 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.334753990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.334778070 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.339962006 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.340024948 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.340042114 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.348582029 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.348700047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.348787069 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.348820925 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.348890066 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.357975006 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.358138084 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.358218908 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.358228922 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.358256102 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.358315945 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.358364105 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.372298002 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.372407913 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.372421980 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.372432947 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.372534037 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.372541904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.374305964 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.374924898 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.375020027 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.375027895 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.375114918 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.375165939 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.375174046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.376087904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.376180887 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.376188993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389219999 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389288902 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.389302969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389758110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389837027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389904022 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.389919996 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.389976025 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.389988899 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.393768072 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.393838882 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.393856049 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.393946886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.394074917 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.394154072 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.394165993 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.394196033 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.394232035 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.394345045 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.394402027 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.394418001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.395442009 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.395502090 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.395515919 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.395602942 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.395684958 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.395698071 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.407555103 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.407641888 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.407645941 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.407675028 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.407733917 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.407922983 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.408266068 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.408349991 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.408365011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.422323942 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 24, 2024 11:42:36.422717094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.422760963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.422853947 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.422871113 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.422882080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.422909021 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.422935009 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.422944069 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.422993898 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.423059940 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.423085928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.423101902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.423118114 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.423131943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.423132896 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.423161983 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.424375057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.424446106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.424459934 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.424551964 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.424751043 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.424765110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.436976910 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.437021971 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.437047958 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.437058926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.437072992 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.437118053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.439763069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.439829111 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.439829111 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.439863920 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.440005064 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.443044901 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443202019 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443286896 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443290949 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.443303108 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443327904 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443332911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443351030 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.443383932 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.443408966 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443520069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443561077 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443593025 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443598032 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.443608046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443612099 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.443634033 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443646908 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.443650961 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443664074 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.443672895 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.443706036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443722010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443737984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.443751097 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.443769932 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444029093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444086075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444102049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444149971 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444156885 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444174051 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444189072 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444206953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444207907 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444225073 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444233894 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444250107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444264889 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444288015 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444288015 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444304943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444312096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444339991 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444678068 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444694996 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444710970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444734097 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444785118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444812059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444828033 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444852114 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444876909 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.444880962 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444896936 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.444932938 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445142031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445166111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445183039 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445210934 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445214033 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445226908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445242882 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445261002 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445269108 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445278883 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445286036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445301056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445317030 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445333004 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445358992 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.445724010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445751905 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.445826054 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.449886084 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.453589916 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.453670979 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.453696966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.458676100 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.458750010 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.458760977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.468466043 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.468544006 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.468553066 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.477591038 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.477715015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.477767944 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.477787971 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.477842093 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.477855921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.478121996 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.478226900 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.478238106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.478266954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.478347063 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.491898060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.492396116 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.492489100 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.492508888 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.492602110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.492738962 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.492753029 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.495163918 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.495248079 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.495260954 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.495944977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.496026039 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.496035099 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.496059895 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.496120930 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.506026030 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.506616116 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.506702900 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.506709099 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.506741047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.506802082 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.506817102 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513422012 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513494015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.513526917 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513619900 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513670921 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.513681889 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513777971 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513834000 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.513843060 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.513958931 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.514033079 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.514060974 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.514070034 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.514137983 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.514523983 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.514678955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.514728069 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.514735937 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.526624918 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.526715040 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.526806116 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.526895046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.526921034 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.526921034 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.526954889 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.527015924 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.527030945 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.527138948 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.527198076 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.527211905 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.537826061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537842035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537868023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537884951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537899971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537913084 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.537930012 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537944078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.537996054 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.537996054 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.538014889 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.538031101 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.538048983 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.538059950 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.538065910 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.538110018 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.540642977 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.540702105 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.540723085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542011976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542063951 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.542073011 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542165041 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542277098 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.542284966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542629004 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.542745113 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.542752981 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.560614109 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560632944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560647964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560664892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560694933 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.560694933 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.560766935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560780048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560796976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560817003 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.560838938 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.560846090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560877085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560944080 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.560945988 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.560961008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561007977 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561115980 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561131954 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561146975 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561163902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561192036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561193943 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561207056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561213017 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561250925 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561367989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561383963 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561399937 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561414957 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561434984 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561465979 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561615944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561639071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561655998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561670065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561701059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561701059 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561716080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561721087 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561757088 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.561954021 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.561979055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562004089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562081099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562097073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562105894 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562113047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562129974 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562139034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562150955 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562156916 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562201977 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562407970 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.562417984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562433004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562448025 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562479973 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562488079 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.562495947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562506914 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.562513113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562520981 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562526941 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562541962 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562542915 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562558889 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.562582016 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562582016 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.562586069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.562639952 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.562841892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562858105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562872887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.562906027 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.595551014 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.595573902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.595633030 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.595664024 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.595693111 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.612303019 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.613838911 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.613910913 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.614051104 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.614052057 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.614123106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.633040905 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.633059978 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.633260965 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.633261919 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.633333921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.639008999 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:36.639050007 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:36.639223099 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:36.639269114 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:36.639280081 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:36.639381886 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:36.639519930 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:36.639535904 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:36.639684916 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:36.639717102 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:36.646116018 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.646163940 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.646208048 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.646225929 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.646255970 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.656039000 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656056881 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656071901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656218052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656241894 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656255960 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.656259060 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656274080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656291008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656307936 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.656308889 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.656347036 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.656543016 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656557083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.656608105 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.660903931 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.660944939 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.661005020 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.661036015 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.661062002 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.678052902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.678232908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.678248882 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.678312063 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.679986954 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.680052996 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.680305004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.680320978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.680372000 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.680901051 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681041002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681102991 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681523085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681539059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681554079 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681569099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681593895 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681610107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681627989 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681627989 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681644917 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681649923 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681668997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681684971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681699038 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681715012 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681730032 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681731939 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681745052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681760073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681761026 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681776047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681791067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681806087 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681812048 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681833029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681848049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681854010 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681863070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681876898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681891918 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681907892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681914091 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681925058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681937933 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681940079 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681956053 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681966066 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681979895 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.681982040 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.681997061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682009935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682025909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682030916 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682041883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682054996 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682058096 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682074070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682089090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682101965 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682104111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682118893 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682120085 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682143927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682151079 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682158947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682174921 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.682195902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682213068 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.682451010 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.682502985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.682641029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.682641029 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.682710886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.705354929 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.705395937 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.705559015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.705559015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.705627918 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.732505083 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.732556105 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.732609987 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.732676029 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.732712984 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.744781971 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.744873047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.744879961 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.744906902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.744925976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.744935989 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.744961023 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.765460968 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.765511990 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.765539885 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.765566111 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.765594959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.773741007 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.773766994 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.773863077 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.773883104 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.773886919 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.773962021 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.774032116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.774048090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.774063110 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.774075985 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.774091005 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.774111986 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.774139881 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.779751062 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.779792070 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.779829025 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.779863119 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.779881954 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.796034098 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796135902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796188116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796204090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796250105 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796364069 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.796370029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796411991 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.796432972 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.796454906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.796479940 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.796479940 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.796499014 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796514988 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796531916 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796545982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796547890 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796562910 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796567917 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796577930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796614885 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796675920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796693087 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796708107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796722889 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796756983 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796829939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796844006 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.796890020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.796976089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797301054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797317028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797332048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797347069 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797363043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797367096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797379017 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797394037 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797422886 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797456980 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797472000 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797487974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797502995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797518969 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797518969 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797534943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797540903 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797560930 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797795057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797811985 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797827959 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797843933 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797853947 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797882080 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.797925949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.797976971 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798101902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798116922 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798237085 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798279047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798295021 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798310995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798326015 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798342943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798353910 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798358917 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798373938 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798374891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798413038 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798774958 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798790932 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798805952 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798830032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798858881 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.798940897 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798957109 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798971891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.798986912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.799002886 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.799005032 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.799017906 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.799041033 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.799068928 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.809165001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.809206963 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.809250116 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.809281111 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.809309959 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.834429026 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.834484100 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.834525108 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.834577084 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.834608078 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.852267981 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.852309942 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.852360010 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.852395058 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.852418900 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.871176004 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.871200085 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.871258974 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.871278048 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.871350050 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.884915113 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.884957075 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.884999990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.885030985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.885059118 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.889961958 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.889998913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890017033 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890033007 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890049934 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890065908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890075922 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.890075922 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.890110970 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.890156031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890172005 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890189886 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.890222073 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.898566008 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.898612976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.898658991 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.898689985 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.898711920 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.912791967 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912811995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912837982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912854910 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912883043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912889957 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.912899971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912925005 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912925005 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.912925005 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.912941933 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.912971020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913145065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913172960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913218975 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913233042 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913249016 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913265944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913290024 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913304090 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913393974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913423061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913439989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913467884 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913490057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913506985 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913525105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.913552046 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.913568974 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914376974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914530993 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914546967 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914563894 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914586067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914617062 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914640903 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914658070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914676905 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914704084 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914731979 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914747953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914751053 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.914764881 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914773941 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914783001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914792061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.914799929 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914814949 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.914817095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914833069 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914834976 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.914836884 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914849997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914865971 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914865971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914870024 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.914884090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914896011 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914899111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914916039 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914916992 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914942026 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.914959908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914977074 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.914993048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915005922 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.915035963 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915045023 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.915051937 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915070057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915086031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915096045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.915126085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915129900 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.915141106 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915157080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.915179968 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.928658962 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.928744078 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.928777933 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.928812027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.928880930 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.928894997 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.956474066 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.956497908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.956554890 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.956581116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.956595898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:36.956630945 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:36.968415022 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.968435049 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.968503952 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.968553066 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.968585014 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.970401049 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.970485926 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.970524073 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.970542908 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.970586061 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.970613956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.970613956 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.989696980 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.989715099 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.989758015 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:36.989779949 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:36.989809990 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.002190113 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.002213001 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.002281904 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.002305984 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.002336025 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.007224083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007250071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007278919 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007296085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007307053 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.007347107 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.007347107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007428885 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007448912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007466078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007474899 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.007484913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.007535934 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.017222881 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.017241955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.017329931 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.017358065 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.030009031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030060053 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030098915 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030214071 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030215025 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030239105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030298948 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030328989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030345917 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030363083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030391932 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030396938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030426979 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030440092 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030456066 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030478001 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030492067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030531883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030550003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030600071 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030616999 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030736923 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030750990 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030766964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030777931 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030783892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030801058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030805111 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.030818939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.030853987 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031013966 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031032085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031049013 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031061888 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031089067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031157017 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031172991 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031192064 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031207085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031229019 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031253099 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031352043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031398058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031414986 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031451941 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031461954 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031467915 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031483889 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031501055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031510115 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031519890 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031522036 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031533957 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031563044 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031871080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031917095 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.031924009 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031949997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031966925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031982899 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.031991005 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032021999 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032159090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032203913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032221079 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032270908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032283068 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032289028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032309055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032454014 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032505035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032532930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032532930 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032551050 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032567024 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.032589912 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.032620907 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.035459995 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.035484076 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.035541058 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.035571098 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.035595894 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.044778109 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.044821024 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.044858932 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.044888020 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.044914007 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.070771933 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.070796967 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.070849895 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.070883989 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.070909023 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.074006081 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.074038982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.074057102 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.074073076 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.074090004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.074131966 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.074131966 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.088994980 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.089039087 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.089080095 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.089107990 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.089139938 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.101201057 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.101249933 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.101279020 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.101300955 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.101331949 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.120896101 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.120940924 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.120980978 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.121005058 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.121032953 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.124394894 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124419928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124439001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124479055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.124486923 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124505043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124531031 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.124814987 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124833107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124850988 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124870062 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.124871016 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.124897957 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.135338068 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.135376930 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.135422945 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.135449886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.135476112 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.147531986 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147567034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147587061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147613049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147625923 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.147629976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147645950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147654057 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.147661924 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147674084 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.147679090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147700071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147711039 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.147717953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147738934 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.147872925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147964001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.147978067 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148005009 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148020029 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148020983 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148066998 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148114920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148194075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148210049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148250103 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148375034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148391962 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148406982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148422003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148423910 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148438931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148458004 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148478985 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148556948 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148655891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148672104 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148699045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148789883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148806095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148823977 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148839951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148844957 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148857117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148865938 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148874044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148890972 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148900032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.148909092 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.148947954 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149224997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149243116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149260044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149282932 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149311066 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149352074 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149486065 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.149516106 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.149558067 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.149597883 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.149626970 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.149640083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149658918 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149687052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149687052 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149704933 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149722099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149732113 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149736881 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149753094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149764061 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149779081 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149790049 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149796009 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149840117 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149930000 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149947882 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149964094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149981976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.149991035 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.149997950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.150042057 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.153131008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.153151989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.153168917 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.153202057 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.153225899 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.163378000 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.163430929 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.163472891 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.163485050 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.163513899 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.181540966 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.181583881 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.181655884 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.181726933 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.181766033 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.191420078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.191454887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.191473007 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.191488028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.191505909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.191519976 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.191559076 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.206161022 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.206191063 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.206239939 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.206284046 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.206320047 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.218458891 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.218480110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.218509912 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.218539000 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.218581915 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.218600988 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.227456093 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.227483034 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.227536917 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.227554083 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.227586031 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.239717960 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.239763975 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.239808083 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.239830017 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.239864111 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.241683960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.241719007 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.241734028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.241811991 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.241998911 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.242013931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.242038965 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.242054939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.242059946 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.242072105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.242078066 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.242115021 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.250179052 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:37.250441074 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:37.250463009 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:37.251373053 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:37.251442909 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:37.251836061 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.252129078 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.252171040 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.252641916 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:37.252703905 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:37.253648043 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.253735065 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.254640102 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.254784107 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.254853964 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.254967928 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.255016088 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.255042076 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.255067110 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.255098104 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.264677048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264710903 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264725924 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264751911 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264766932 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264771938 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.264782906 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264797926 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264813900 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264816046 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.264830112 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.264874935 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.264878035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264895916 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264933109 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.264934063 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.264990091 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265005112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265024900 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265029907 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265065908 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265131950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265146971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265162945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265181065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265192032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265196085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265218019 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265254021 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265280008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265290976 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265294075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265362024 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265378952 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265393972 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265408993 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265434980 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265485048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265511990 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265527964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265528917 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265562057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265563965 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265620947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265645027 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265660048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265675068 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265683889 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265719891 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265754938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265794992 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265794992 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265813112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265830994 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265846968 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265851974 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265893936 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.265923023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265965939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.265980959 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266016960 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266083956 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266128063 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266130924 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266268015 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266283035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266299963 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266308069 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266316891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266333103 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266335011 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266352892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266365051 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266367912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266410112 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266704082 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266721010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266736984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266769886 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266786098 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266802073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266817093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266823053 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266832113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266849041 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.266853094 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.266880035 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.268656969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.268702984 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.268853903 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.268853903 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.268889904 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.282057047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.282110929 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.282149076 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.282181025 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.282208920 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.294316053 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:37.294337034 CEST	443	49716	172.64.41.3	192.168.2.16
Oct 24, 2024 11:42:37.299335957 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.299666882 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.299715042 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.299798012 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.299819946 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.299835920 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.308518887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308541059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308558941 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308588028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308604002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308603048 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.308619022 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308635950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.308638096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.308666945 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.310396910 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.310426950 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.325092077 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.325126886 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.325181961 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.325208902 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.325242043 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.337399960 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.337429047 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.337481976 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.337496042 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.337524891 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.342283010 CEST	49716	443	192.168.2.16	172.64.41.3
Oct 24, 2024 11:42:37.346278906 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.346324921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.346354961 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.346366882 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.346405983 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.358304977 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.358318090 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.358839035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.358863115 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.358879089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.358920097 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.358922005 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.358964920 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.358993053 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.359009027 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.359039068 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.359355927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.359374046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.359392881 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.359407902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.359437943 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.373831987 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.373884916 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.373929024 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.373958111 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.373980045 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.382045031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382082939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382108927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382126093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382136106 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382142067 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382168055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382169962 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382184029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382199049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382201910 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382214069 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382231951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382241964 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382251978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382287979 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382302046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382314920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382339954 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382352114 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382354975 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382371902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382378101 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382390976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382415056 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382432938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382448912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382467985 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382472038 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382483006 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382524967 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382601976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382627010 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382641077 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382668018 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382683039 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382733107 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382764101 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382778883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382793903 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382811069 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382812977 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382823944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.382839918 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.382853985 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383513927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383538961 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383553982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383603096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383641958 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383662939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383678913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383682966 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383693933 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383709908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383725882 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383728027 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383749008 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383778095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383814096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383852005 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383867979 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383905888 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383908033 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.383923054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.383939028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384042025 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384057045 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384072065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384073973 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384083986 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384088993 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384103060 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384113073 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384119987 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384136915 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384147882 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384185076 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384210110 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384227037 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384239912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384253979 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384269953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384277105 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384301901 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384327888 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384342909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384357929 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384365082 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384376049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.384396076 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.384475946 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.384562016 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.384671926 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.384850025 CEST	49717	443	192.168.2.16	162.159.61.3
Oct 24, 2024 11:42:37.384876013 CEST	443	49717	162.159.61.3	192.168.2.16
Oct 24, 2024 11:42:37.387496948 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.387540102 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.387589931 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.387622118 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.387648106 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.394639969 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.394690990 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.394746065 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.394768953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.394798040 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.403991938 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.404035091 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.404068947 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.404084921 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.404110909 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.427644968 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.427717924 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.427736998 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.427797079 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.427927017 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.427984953 CEST	443	49713	142.250.185.65	192.168.2.16
Oct 24, 2024 11:42:37.428037882 CEST	49713	443	192.168.2.16	142.250.185.65
Oct 24, 2024 11:42:37.428075075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.428102970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.428129911 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.428147078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.428165913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.428262949 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.428262949 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.428262949 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.689954996 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.689970970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.689987898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690005064 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690021038 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690026999 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690040112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690072060 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690088034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690097094 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690103054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690119028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690134048 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690139055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690151930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690170050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690185070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690201044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690217972 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690227032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690267086 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690380096 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690396070 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690411091 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690423965 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690440893 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690440893 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690458059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690471888 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690476894 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690494061 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690521002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690536976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690550089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690567017 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690573931 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690597057 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690710068 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690726042 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690741062 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690751076 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690756083 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690772057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690777063 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690787077 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690802097 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690814018 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690817118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690833092 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690838099 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690865993 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690876961 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690893888 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690908909 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690926075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.690927982 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.690968990 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691019058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691035032 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691050053 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691066027 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691082001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691085100 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691106081 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691165924 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691180944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691198111 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691212893 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691219091 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691241026 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691358089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691374063 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691395044 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691405058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691420078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691435099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691438913 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691450119 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691464901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691471100 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691481113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691498041 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691508055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691513062 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691526890 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691534996 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691550970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691567898 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691560030 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691587925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691602945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691602945 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691616058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691631079 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691638947 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691648006 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691663980 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691680908 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691684961 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691700935 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691705942 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.691719055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.691735029 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692265034 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692280054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692308903 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692419052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692435026 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692447901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692456961 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692464113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692480087 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692483902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692492962 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692507029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692519903 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692523003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692538023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692545891 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692553043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692574978 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692579031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692589045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692595959 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692611933 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692626953 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692631006 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692642927 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692658901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692677021 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692698002 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692737103 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692753077 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692768097 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692783117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692787886 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692799091 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692814112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692830086 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692836046 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692843914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692858934 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692859888 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692877054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692892075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692900896 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692907095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692915916 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.692924023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.692950964 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693062067 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693078995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693092108 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693109035 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693116903 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693135977 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693226099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693242073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693257093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693272114 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693283081 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693286896 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693301916 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693308115 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693317890 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693325996 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693351030 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693361044 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693377018 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693391085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693408012 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693413973 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693423986 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693439007 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693553925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693568945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693583012 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693592072 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693597078 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693613052 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693615913 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693628073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693643093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693658113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693659067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693674088 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693680048 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693700075 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693711996 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693717003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693732023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693746090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693749905 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693759918 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693775892 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693790913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693802118 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693806887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693826914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693835020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693846941 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693849087 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693865061 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693878889 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693896055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693898916 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693909883 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693921089 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693926096 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693938971 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693953037 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.693954945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.693977118 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694363117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694379091 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694394112 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694407940 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694417000 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694423914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694432020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694462061 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694505930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694521904 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694536924 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694551945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694557905 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694567919 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694586992 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694598913 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694601059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694617033 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694617033 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694644928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694659948 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694660902 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694674969 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694690943 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694699049 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694706917 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694721937 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694722891 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694736958 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694772959 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694797039 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694814920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694827080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.694829941 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.694861889 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.712506056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712522984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712584019 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.712789059 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712816000 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712831974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712850094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.712860107 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.712893963 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735037088 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735063076 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735091925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735106945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735125065 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735126972 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735141039 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735160112 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735183001 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735265970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735281944 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735299110 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735330105 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735332966 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735378027 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735423088 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735438108 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735455036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735483885 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735605001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735621929 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735641003 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735651970 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735656977 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735673904 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735682964 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735688925 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735713005 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735780001 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735795975 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735811949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735837936 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735863924 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.735938072 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735953093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735970020 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735987902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.735996008 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736032009 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736083984 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736098051 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736113071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736129999 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736135006 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736145973 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736161947 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736169100 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736180067 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736217976 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736254930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736270905 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736288071 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736293077 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736346960 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736453056 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736470938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736512899 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736593008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736609936 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736649036 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736767054 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736783028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736799002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736814022 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736835003 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736849070 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.736937046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736962080 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736979008 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.736994028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737010002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737020969 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737040997 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737116098 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737131119 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737147093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737162113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737163067 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737185001 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737283945 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737298965 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737315893 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737320900 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737354040 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737685919 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737703085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737834930 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737835884 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737854004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737869024 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737884998 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737901926 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.737912893 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737956047 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.737987995 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738006115 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738022089 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738034964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738040924 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738050938 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738060951 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738096952 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738166094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738183022 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738198042 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738214970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738231897 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738239050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738271952 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738326073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738342047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738356113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.738370895 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.738394976 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.780894041 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.780916929 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.780934095 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.780949116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.780966043 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.780991077 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.781032085 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.821017027 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.821033955 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.821048975 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.821156025 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.821156025 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.828493118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.828510046 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.828526020 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.828566074 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.850990057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851026058 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851041079 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851041079 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851068974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851083994 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851099014 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851118088 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851120949 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851162910 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851201057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851217031 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851233959 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851269960 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851281881 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851296902 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851322889 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851334095 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851363897 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851371050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851381063 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851397991 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851418018 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851449013 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851475954 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851483107 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851491928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851562023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851582050 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851588011 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851630926 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851638079 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851648092 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851665974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851682901 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851700068 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851726055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851768017 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851783991 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851800919 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851818085 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851845980 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851861954 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851877928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.851898909 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851926088 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.851982117 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852046967 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852062941 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852099895 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852210999 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852236032 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852253914 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852267981 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852278948 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852286100 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852292061 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852303028 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852319956 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852327108 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852335930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852354050 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852360010 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852368116 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852401018 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852436066 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852514029 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852529049 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852547884 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852550030 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852564096 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852569103 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852597952 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852603912 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852652073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852668047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852689028 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852720976 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852746964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852763891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852781057 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852783918 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852807045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852849960 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852886915 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852911949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852926016 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852951050 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.852962017 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.852968931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853089094 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853099108 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853115082 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853185892 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853188038 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853204012 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853231907 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853245974 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853261948 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853277922 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853290081 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853323936 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853332043 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853341103 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853358030 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853373051 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853379011 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853403091 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853406906 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853497982 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853513002 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853529930 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853538990 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853569984 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853621006 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853635073 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853650093 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853665113 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853681087 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.853683949 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.853705883 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.895333052 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.897082090 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.897113085 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.897130013 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.897145987 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.897165060 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.897171974 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.897211075 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.937772989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.937798023 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.937817097 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.937844992 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.937880039 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.945856094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.945873022 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.945889950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.945905924 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.945941925 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.945955038 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968487978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968525887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968542099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968559027 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968574047 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968615055 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968662977 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968678951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968698978 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968733072 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968749046 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968766928 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968784094 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968799114 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968816996 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968827963 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968868017 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.968907118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968921900 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968936920 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968951941 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.968961000 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969031096 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969043970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969086885 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969106913 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969116926 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969120979 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969166040 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969167948 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969183922 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969201088 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969233036 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969249964 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969266891 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969274044 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969281912 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969300032 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969383955 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969399929 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969414949 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969423056 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969439030 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969445944 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969455004 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969471931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969486952 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969497919 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969504118 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969537020 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969646931 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969660997 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969687939 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969696045 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969702959 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969719887 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969731092 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969736099 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969758987 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969779968 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969794989 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969809055 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969824076 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.969831944 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.969856977 CEST	49710	80	192.168.2.16	74.248.121.8
Oct 24, 2024 11:42:37.970011950 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.970026970 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.970047951 CEST	80	49710	74.248.121.8	192.168.2.16
Oct 24, 2024 11:42:37.970062017 CEST	80	49710	74.248.121.8	192.168.2.16

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 24, 2024 11:42:33.383332968 CEST	192.168.2.16	1.1.1.1	0xa8c8	Standard query (0)	clients2.googleusercontent.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:33.386801004 CEST	192.168.2.16	1.1.1.1	0xb808	Standard query (0)	clients2.googleusercontent.com	65	IN (0x0001)	false
Oct 24, 2024 11:42:36.472971916 CEST	192.168.2.16	1.1.1.1	0xb5a4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.473311901 CEST	192.168.2.16	1.1.1.1	0xd3e7	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 24, 2024 11:42:36.629175901 CEST	192.168.2.16	1.1.1.1	0xae3	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.629467964 CEST	192.168.2.16	1.1.1.1	0xa123	Standard query (0)	chrome.cloudflare-dns.com	65	IN (0x0001)	false
Oct 24, 2024 11:42:36.629770994 CEST	192.168.2.16	1.1.1.1	0xb6b6	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.629894972 CEST	192.168.2.16	1.1.1.1	0x9879	Standard query (0)	chrome.cloudflare-dns.com	65	IN (0x0001)	false
Oct 24, 2024 11:42:43.583441973 CEST	192.168.2.16	1.1.1.1	0xf32b	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.583610058 CEST	192.168.2.16	1.1.1.1	0x7137	Standard query (0)	chrome.cloudflare-dns.com	65	IN (0x0001)	false
Oct 24, 2024 11:42:43.596927881 CEST	192.168.2.16	1.1.1.1	0xe39	Standard query (0)	sb-ssl.google.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.596929073 CEST	192.168.2.16	1.1.1.1	0xc565	Standard query (0)	sb-ssl.google.com	65	IN (0x0001)	false
Oct 24, 2024 11:43:05.769155025 CEST	192.168.2.16	1.1.1.1	0xc229	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:05.769248962 CEST	192.168.2.16	1.1.1.1	0x25fa	Standard query (0)	chrome.cloudflare-dns.com	65	IN (0x0001)	false
Oct 24, 2024 11:43:05.770343065 CEST	192.168.2.16	1.1.1.1	0x366e	Standard query (0)	tunnel.googlezip.net	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:06.571504116 CEST	192.168.2.16	1.1.1.1	0x5ed3	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:06.571840048 CEST	192.168.2.16	1.1.1.1	0xdf6b	Standard query (0)	chrome.cloudflare-dns.com	65	IN (0x0001)	false
Oct 24, 2024 11:43:06.574289083 CEST	192.168.2.16	1.1.1.1	0x45a6	Standard query (0)	tunnel.googlezip.net	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 24, 2024 11:42:33.394104004 CEST	1.1.1.1	192.168.2.16	0xa8c8	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:42:33.394104004 CEST	1.1.1.1	192.168.2.16	0xa8c8	No error (0)	googlehosted.l.googleusercontent.com		142.250.185.65	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:33.395968914 CEST	1.1.1.1	192.168.2.16	0xb808	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:42:36.480568886 CEST	1.1.1.1	192.168.2.16	0xb5a4	No error (0)	www.google.com		142.250.185.196	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.481806040 CEST	1.1.1.1	192.168.2.16	0xd3e7	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 24, 2024 11:42:36.636964083 CEST	1.1.1.1	192.168.2.16	0xa123	No error (0)	chrome.cloudflare-dns.com			65	IN (0x0001)	false
Oct 24, 2024 11:42:36.637084961 CEST	1.1.1.1	192.168.2.16	0xb6b6	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.637084961 CEST	1.1.1.1	192.168.2.16	0xb6b6	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.637227058 CEST	1.1.1.1	192.168.2.16	0x9879	No error (0)	chrome.cloudflare-dns.com			65	IN (0x0001)	false
Oct 24, 2024 11:42:36.637299061 CEST	1.1.1.1	192.168.2.16	0xae3	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:36.637299061 CEST	1.1.1.1	192.168.2.16	0xae3	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.592434883 CEST	1.1.1.1	192.168.2.16	0xf32b	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.592434883 CEST	1.1.1.1	192.168.2.16	0xf32b	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.592461109 CEST	1.1.1.1	192.168.2.16	0x7137	No error (0)	chrome.cloudflare-dns.com			65	IN (0x0001)	false
Oct 24, 2024 11:42:43.605818033 CEST	1.1.1.1	192.168.2.16	0xe39	No error (0)	sb-ssl.google.com	sb-ssl.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:42:43.605818033 CEST	1.1.1.1	192.168.2.16	0xe39	No error (0)	sb-ssl.l.google.com		172.217.16.206	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:42:43.605834007 CEST	1.1.1.1	192.168.2.16	0xc565	No error (0)	sb-ssl.google.com	sb-ssl.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:43:05.777363062 CEST	1.1.1.1	192.168.2.16	0xc229	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:05.777363062 CEST	1.1.1.1	192.168.2.16	0xc229	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:05.777508974 CEST	1.1.1.1	192.168.2.16	0x25fa	No error (0)	chrome.cloudflare-dns.com			65	IN (0x0001)	false
Oct 24, 2024 11:43:05.778460979 CEST	1.1.1.1	192.168.2.16	0x366e	No error (0)	tunnel.googlezip.net		216.239.34.157	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:06.578927994 CEST	1.1.1.1	192.168.2.16	0x5ed3	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:06.578927994 CEST	1.1.1.1	192.168.2.16	0x5ed3	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:43:06.579216957 CEST	1.1.1.1	192.168.2.16	0xdf6b	No error (0)	chrome.cloudflare-dns.com			65	IN (0x0001)	false
Oct 24, 2024 11:43:06.581728935 CEST	1.1.1.1	192.168.2.16	0x45a6	No error (0)	tunnel.googlezip.net		216.239.34.157	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49710	74.248.121.8	80	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Oct 24, 2024 11:42:35.525111914 CEST	595	OUT	GET /d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com HTTP/1.1 Host: 74.248.121.8 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Oct 24, 2024 11:42:35.788690090 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Thu, 24 Oct 2024 09:42:35 GMT Content-Type: application/octet-stream Content-Length: 13554464 Connection: keep-alive Cache-Control: public,max-age=172800 Last-Modified: Thu, 10 Oct 2024 17:25:31 GMT X-CID: 10004 X-CCC: c8f5eedd-9fca-40ac-a31c-6acfdf21da03 Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline' X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Cache-Status: STALE Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 fc 34 be 82 b8 55 d0 d1 b8 55 d0 d1 b8 55 d0 d1 eb 2a d4 d0 a3 55 d0 d1 eb 2a d3 d0 a9 55 d0 d1 eb 2a d5 d0 76 55 d0 d1 eb 2a d1 d0 b1 55 d0 d1 b8 55 d1 d1 98 54 d0 d1 eb 2a d9 d0 f3 55 d0 d1 eb 2a 2f d1 b9 55 d0 d1 eb 2a d2 d0 b9 55 d0 d1 52 69 63 68 b8 55 d0 d1 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 26 c1 06 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0e 24 00 00 03 00 00 d0 c9 00 00 00 00 00 20 73 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 10 00 00 0a 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 cc 00 00 10 00 00 0a a0 cf 00 02 00 60 c1 00 00 08 00 00 00 00 00 00 20 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$4UUUUUvUUUTU/U*URichUPEd&g"$ s@` dpm@& t(p5(@4@5.text `.rdata@@.data) @.pdata&@00@@.rsrcmpp`@@.reloct@B
Oct 24, 2024 11:42:35.788712978 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Oct 24, 2024 11:42:35.788742065 CEST	424	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Oct 24, 2024 11:42:35.788757086 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Oct 24, 2024 11:42:35.788775921 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Oct 24, 2024 11:42:35.788800955 CEST	424	IN	Data Raw: fe 8b c3 48 89 7d a0 49 8b 7d 00 89 45 a8 89 75 ac 48 85 ff 74 0c 48 8b cf e8 4b e1 02 00 03 c3 eb 05 49 8b fe 8b c3 48 89 7d 90 48 8b 7c 24 30 89 45 98 89 75 9c 48 8b 3f 48 85 ff 74 0c 48 8b cf e8 23 e1 02 00 03 c3 eb 05 49 8b fe 8b c3 48 8b 54 Data Ascii: H}I}EuHtHKIH}H\|$0EuH?HtH#IHT$8HNEE3HExE3HD$pHEpHD$`HD$@HD$(D$ H}uHD$xHD$h/HMH3_L$ I[0Is@I{HIA_A^A]A\]HHLMLD$xD$0B
Oct 24, 2024 11:42:35.788829088 CEST	1236	IN	Data Raw: 8d 00 01 00 00 83 65 4c 00 83 65 3c 00 83 65 2c 00 83 65 1c 00 48 8b 19 4c 8b ad c0 00 00 00 4c 8b a5 c8 00 00 00 4c 8b bd e0 00 00 00 4c 8b b5 e8 00 00 00 48 8b b5 f0 00 00 00 48 89 44 24 30 48 8b 85 20 01 00 00 48 89 45 40 48 8b 85 18 01 00 00 Data Ascii: eLe<e,eHLLLLHHD$0H HE@HHE0HHT$8HE HHEUHzU8U(UHtHEHeeHH]HMHEEHtHHgeH]
Oct 24, 2024 11:42:35.788845062 CEST	1236	IN	Data Raw: 24 78 48 8d 0d 24 f9 03 00 48 8b 85 e0 00 00 00 45 33 c9 48 89 44 24 60 45 33 c0 48 8d 44 24 40 89 54 24 7c 48 8b 54 24 38 48 89 44 24 28 c7 44 24 20 14 00 00 00 48 89 7c 24 70 48 c7 44 24 68 08 00 00 00 e8 10 fa ff ff 48 8b 8d 80 00 00 00 48 33 Data Ascii: $xH$HE3HD$`E3HD$@T$\|HT$8HD$(D$ H\|$pHD$hHH3uYL$I[0Is@I{HIA_A^A]A\]H\$Ht$H\|$ UATAUAVAWHl$HpHH3HE`H8HLLLH9LHHEPH0HE@H(
Oct 24, 2024 11:42:35.788868904 CEST	1236	IN	Data Raw: 00 48 83 67 30 00 48 8d 4c 24 30 4c 8b ce 4c 8b c7 ff 15 aa 17 03 00 8b d8 85 c0 74 0d 7e 2c 0f b7 d8 81 cb 00 00 07 80 eb 21 48 8b 05 30 19 04 00 4c 8b 47 08 48 85 c0 74 11 45 0f b7 08 ba 02 00 00 00 48 8b 0e e8 ae d5 02 00 8b c3 48 8b 4c 24 40 Data Ascii: Hg0HL$0LLt~,!H0LGHtEHHL$@H3TH\$hHt$pHP_HHLH$HtZLT$pt#u!EtALILQ!HA(Ht HI0HL$0HL$xHL$(ILT$ HH
Oct 24, 2024 11:42:35.788885117 CEST	636	IN	Data Raw: 83 e1 0f b8 10 00 00 00 48 2b c1 4d 8b c1 48 f7 d9 4d 1b db 4c 23 d8 4d 3b d3 4d 0f 42 da 4b 8d 04 0b 4c 3b c8 74 0e 41 80 38 00 74 08 49 ff c0 4c 3b c0 75 f2 49 8b d0 49 2b d1 49 3b d3 75 6a 49 8b ca 49 8b d0 49 2b cb 0f 57 c9 48 8b c1 4d 8b d8 Data Ascii: H+MHML#M;MBKL;tA8tIL;uII+I;ujIII+WHML+LM;tfoftfuHI;uK:t#HH;uHIL;t:tHH;uI+HLHAt3f9H H+HM3L#
Oct 24, 2024 11:42:35.796149969 CEST	1236	IN	Data Raw: cb 48 8b c1 83 e0 1f 48 2b c8 48 03 ca 49 8d 14 48 4c 3b d2 74 1d c5 f1 ef c9 c4 c1 75 75 0a c5 fd d7 c1 85 c0 c5 f8 77 75 09 49 83 c2 20 4c 3b d2 75 e3 4b 8d 04 58 eb 0a 66 45 39 0a 74 09 49 83 c2 02 4c 3b d0 75 f1 49 8b d2 e9 f6 00 00 00 83 f8 Data Ascii: HH+HIHL;tuuwuI L;uKXfE9tIL;uIAt+HQIL;E3fD9HH;uH+IHHH#HL;IBE3IXL;tfD9tHH;uI+HH;u{IMPH+WHH+HIHfo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49711	74.248.121.8	80	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Oct 24, 2024 11:43:17.998498917 CEST	6	OUT	Data Raw: 00 Data Ascii:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49713	142.250.185.65	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:42:34 UTC	577	OUT	GET /crx/blobs/AYA8Vyx2J_yUZTKcv47OjJ_lQNlaCYqeh8SOiGiawnXT0TvFvxRmwfkcv63jai6G-68PkdQz0qjWRURdD69KjIEk_1WMoGqX2-nmHyARS_kIQQQ8jggfB8g6y3OxQgNbZ3cAxlKa5c6rbuh5modTsW2qcgj5aN-TT3fn/EFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ_24_10_2_0.crx HTTP/1.1 Host: clients2.googleusercontent.com Connection: keep-alive Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:42:34 UTC	574	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Length: 1948893 X-GUploader-UploadID: AHmUCY11fY7MDvPkG5BdLaf2dK5JJF2wnObZuiQZ9W_LFI10LpjCr9EXu9ZPgHzdvd_pv_KUwPUEBx98IQ X-Goog-Hash: crc32c=caaNqA== Server: UploadServer Date: Wed, 23 Oct 2024 16:30:22 GMT Expires: Thu, 23 Oct 2025 16:30:22 GMT Cache-Control: public, max-age=31536000 Age: 61932 Last-Modified: Mon, 21 Oct 2024 11:53:40 GMT ETag: b0efd8c6_841be882_0379d47f_66026c61_ecc4ee2d Content-Type: application/x-chrome-extension Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:42:34 UTC	804	IN	Data Raw: 43 72 32 34 03 00 00 00 19 04 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 8f fb bf 5c 37 63 94 3c b0 ee 01 c4 b5 a6 9a b1 9f 46 74 6f 16 38 a0 32 27 35 dd f0 71 6b 0e dc f6 25 cb b2 ed ea fb 32 d5 af 1e 03 43 03 46 f0 a7 39 db 23 96 1d 65 e5 78 51 f0 84 b0 0e 12 ac 0e 5b dc c9 d6 4c 7c 00 d5 b8 1b 88 33 3e 2f da eb aa f7 1a 75 c2 ae 3a 54 de 37 8f 10 d2 28 e6 84 79 4d 15 b4 f3 bd 3f 56 d3 3c 3f 18 ab fc 2e 05 c0 1e 08 31 b6 61 d0 fd 9f 4f 3f 64 0d 17 93 bc ad 41 c7 48 be 00 27 a8 4d 70 42 92 05 54 a6 6d b8 de 56 6e 20 49 70 ee 10 3e 6b d2 7c 31 bd 1b 6e a4 3c 46 62 9f 08 66 93 f9 2a 51 31 a8 db b5 9d b9 0f 73 e8 a0 09 32 01 e9 7b 2a 8a 36 a0 cf 17 b0 50 70 9d a2 f9 a4 6f 62 4d Data Ascii: Cr240"0H0\7c<Fto82'5qk%2CF9#exQ[L\|3>/u:T7(yM?V<?.1aO?dAH'MpBTmVn Ip>k\|1n<FbfQ1s2{*6PpobM
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: b6 bd 3a 94 33 65 bd 8b c1 75 83 0b e4 a4 5e b3 3c d1 50 4a 04 61 34 ba 04 cb 75 78 df bc f2 ff 28 a0 c8 ce 5f fe 32 52 4c 10 7a e2 35 e0 11 e1 88 c7 fe 40 de 38 3b 91 86 84 66 a7 2b 37 03 27 b1 fb 1a a6 01 0a 5b 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 b4 02 f9 a9 1c ae e1 0c 84 f8 dc 9b 17 72 98 a5 e0 32 d5 db 2b 59 d8 49 c0 ef be e8 6b f9 f8 62 52 b8 6a 35 53 6c 07 8b 38 d4 ff 9a dd bc dd f9 bc 48 22 69 cc 2d 6c a1 01 60 b4 51 e3 7b d1 cf 12 47 30 45 02 21 00 91 99 11 53 61 bf 8b e1 ee 05 f4 95 37 01 de 6d 2b 97 48 74 d1 76 ec e8 bf b0 cf 89 43 30 39 9f 02 20 7d e6 86 d8 51 44 45 63 26 c0 2e f6 49 d0 3f 8c 36 ed 58 f7 c3 39 0d 28 38 35 9e 40 81 98 ea 2b 82 f1 04 12 0a 10 45 08 3d 1c dd d8 1f 20 9f 26 b2 b4 58 d3 Data Ascii: :3eu^<PJa4ux(_2RLz5@8;f+7'[0Y0H=H=Br2+YIkbRj5Sl8H"i-l`Q{G0E!Sa7m+HtvC09 }QDEc&.I?6X9(85@+E= &X
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: 25 c0 8b 1a 04 19 b8 db f1 56 91 fb d1 16 d3 2d 99 1b 8b 82 cb 68 22 6c 1c 42 42 cb 28 10 59 fd ff 6e 99 37 6f 9a 3f 2c 29 25 6c 28 8c 91 6b 84 52 53 7a b7 0d aa 62 54 53 77 b5 ef 7a f4 35 32 19 df c7 a8 b1 0a 93 15 df 81 0a 4f e4 1c 06 b8 06 af 60 ca 43 6a f1 c6 24 ca 0c ba 55 8d 8e ec 8d 54 15 4f f7 34 cf 1c 9b 0f 82 53 d6 4f 5b 65 36 99 e8 f9 e9 8f 91 c6 10 2e d3 1c 43 ae 85 53 74 dd 2c 03 5d 55 b2 4c ad 80 74 2d 4e f3 46 bf dd 63 0e 89 ed 34 2f 4a 1f f5 97 58 93 c7 83 ee ca 26 ec d1 11 e3 90 4d f1 3b e5 b3 aa 1c c5 33 c8 aa 72 b4 ac ca f1 c8 fe 01 50 4b 07 08 01 6c fb f5 cb 01 00 00 c3 03 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 00 2d 00 73 77 5f 6d 6f 64 75 6c 65 73 2f 55 54 05 00 01 be ef 16 67 0a 00 20 Data Ascii: %V-h"lBB(Yn7o?,)%l(kRSzbTSwz52O`Cj$UTO4SO[e6.CSt,]ULt-NFc4/JX&M;3rPKlPK!-sw_modules/UTg
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: cc a4 d7 58 98 a8 49 33 f9 4b 2f 68 e8 59 7b 5f 5b cc 7b 6f 7d ae 76 dc f8 40 df 30 4f e1 0c c4 91 c6 4b 4e e7 23 27 90 b4 9b 20 d2 a9 86 53 0e 9f fa 7f 01 50 4b 07 08 9a 14 02 bb e3 02 00 00 fb 05 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 0d 00 2d 00 6d 61 6e 69 66 65 73 74 2e 6a 73 6f 6e 55 54 05 00 01 f2 ef 16 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 45 fe 48 18 24 db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d5 18 cb 6e dc 36 f0 ee af 30 f6 62 c0 88 24 db 09 92 c0 2d 0a b4 ee cb 07 e7 e0 a4 87 a2 30 04 2e 39 92 68 53 a4 4a 52 5e 2f 0c ff 7b 87 a4 b4 16 d5 7d c8 8f 36 ad f7 62 cd 8b 9c 27 67 e6 7e 6f d6 36 8c 58 c8 5b 2d 66 a7 fb b3 ca da c6 9c 66 19 15 1c a4 35 27 69 a9 54 29 20 a5 aa ce 0c e8 5b 4e Data Ascii: XI3K/hY{_[{o}v@0OKN#' SPKPK!-manifest.jsonUTg EH$n60b$-0.9hSJR^/{}6b'g~o6X[-ff5'iT) [N
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: 42 bf c1 6c ed d4 de 1f 6d 95 fa fe 9d ab 31 46 a8 12 67 f0 21 4b 78 c8 2c 3e ee c3 65 d3 e9 e1 36 82 55 af 33 20 8b 76 55 e3 63 d7 c2 b8 8a 97 1e 95 c2 06 63 e3 6e 74 5c 37 7b 57 86 e5 2b 11 9b 39 2b ee 16 9a cb e1 4e 66 ae d4 4d 4d f4 4d 17 83 57 7b 0f 7f 01 50 4b 07 08 25 68 88 2e 1d 05 00 00 e6 16 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 00 2d 00 73 63 68 65 6d 61 2e 6a 73 6f 6e 55 54 05 00 01 3a c6 91 66 0a 00 20 00 00 00 00 00 01 00 18 00 00 99 b7 3a b9 d4 da 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8d 90 cd 4e c3 30 10 84 ef 79 8a 55 2e 5c 2a 7a e7 56 09 89 f6 80 40 a2 3c 80 93 ac 13 23 d7 6b d9 6b 95 a8 ea bb 63 3b 21 fd 51 10 39 f8 32 3b b3 3b 9f 4f 05 40 c9 bd c5 f2 09 4a aa be b0 e6 72 95 Data Ascii: Blm1Fg!Kx,>e6U3 vUccnt\7{W+9+NfMMMW{PK%h.PK!-schema.jsonUT:f :N0yU.\*zV@<#kkc;!Q92;;O@Jr
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: 15 95 1e d5 bc 8f 72 10 6f 86 02 dd 81 23 a1 37 f4 6f 49 c6 97 c8 45 9c 2a a9 74 43 32 83 27 c4 c1 7c f3 9b f3 5e ee 2b 91 8b d9 7c 25 7b 8c 33 35 fb 4e 93 02 35 3e 54 ae bb 3b e9 72 0f 9f b9 a0 05 52 58 bd 36 d9 60 8b f4 48 c9 f0 74 ec 53 eb f0 f3 d6 b1 f6 2a c3 d3 ad 93 35 9d a2 14 88 64 23 85 0f 7b dc ae f5 8e 58 a5 b8 55 c3 ab 9c 39 f4 4d cb e9 7a d1 23 10 4b 04 66 70 f2 23 4c ad 2d c2 d8 3f 0c 9e 53 ff 36 45 0a f1 98 64 6a 82 07 42 c6 6a a1 f1 cd d1 c9 b4 98 53 78 f7 d1 ea e5 53 65 ec e1 84 a7 f0 48 5d 5d 4a 2b f0 9c 91 fd 76 73 11 85 bd b0 f3 b1 5e ca c1 62 46 48 a0 75 ab 63 ca a6 91 8a 44 a7 13 b7 a0 4a 8e 60 12 57 0f 5a 2f 4b 92 55 bb 81 32 df 28 37 ea d8 00 e1 2b 79 47 bf d8 67 7c 5c 1d 9e 96 6a 14 75 4e 3e 41 cd 9f 95 11 b6 19 85 ae 30 29 71 85 Data Ascii: ro#7oIEtC2'\|^+\|%{35N5>T;rRX6`HtS5d#{XU9Mz#Kfp#L-?S6EdjBjSxSeH]]J+vs^bFHucDJ`WZ/KU2(7+yGg\|\juN>A0)q
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: ac 9f b6 aa 51 59 ea fd c9 d7 48 63 08 87 69 81 a1 d0 c2 2e ba 0e ac 37 29 4d 0b 93 49 4a 67 cb 77 c2 53 99 34 ff 55 f8 ae 11 7b 64 6d 05 5d 93 1c 11 90 9b 16 87 18 0f 1e cb 2e fa 58 9a a3 d4 91 e9 37 96 79 bb 80 06 f5 5d 7b da 98 a4 78 98 54 b9 7a d6 27 cb d4 0a 48 d7 e2 b4 68 34 5f 8f 05 24 b6 d3 a2 da 71 3c e9 1d a9 de 52 95 e7 eb d3 15 c1 f8 2d 65 af c1 e0 01 46 93 2a a3 eb 3f a8 86 4f c3 1f 50 4b 07 08 10 88 26 00 03 02 00 00 2b 04 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 2d 00 63 6f 6e 74 65 6e 74 5f 73 63 72 69 70 74 73 2f 55 54 05 00 01 be ef 16 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 b3 ff 29 18 24 db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 50 4b 07 08 00 00 00 00 02 00 00 00 00 Data Ascii: QYHci.7)MIJgwS4U{dm].X7y]{xTz'Hh4_$q<R-eF*?OPK&+PK!-content_scripts/UTg )$PK
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: a7 1c 57 ba 7a c4 c4 a3 bd ce f9 d5 54 db a1 71 f0 12 de 11 e4 4f fc 52 e1 b0 6b 77 e3 d8 4e bf 5a bc df dd 09 59 b3 60 5c 76 3e 05 9e ef d4 99 fa 2f f8 79 1a 51 58 1b 5e ed 3e 24 bb 04 a2 a2 6e 2d 28 62 ed 7f 01 50 4b 07 08 2d 3a f5 48 43 04 00 00 49 09 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 13 00 2d 00 73 77 5f 6d 6f 64 75 6c 65 73 2f 70 72 6f 78 79 2e 6a 73 55 54 05 00 01 3a c6 91 66 0a 00 20 00 00 00 00 00 01 00 18 00 00 99 b7 3a b9 d4 da 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ad 54 51 6f db 36 10 7e cf af 60 fd 10 50 31 43 db 59 37 14 72 85 c1 4b d2 2d 43 17 17 89 9f 16 07 01 2d 9d 2d a6 12 29 90 a7 26 9a a1 ff be a3 ec 28 4b 3b 04 7d a8 60 40 22 f9 dd dd 77 df 7d f4 e8 e8 47 3d 07 47 6c 76 36 Data Ascii: WzTqORkwNZY`\v>/yQX^>$n-(bPK-:HCIPK!-sw_modules/proxy.jsUT:f :TQo6~`P1CY7rK-C--)&(K;}`@"w}G=Glv6
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: 37 ac ec 9c e5 f3 95 96 93 a9 75 fe 71 f2 ee 0f a7 9f e6 23 72 ae 57 c6 d2 cc 38 43 95 e4 7a 9e 6b 61 29 65 e5 7e 96 39 57 ac 6c 9c 2b 32 a4 97 94 86 a5 99 8b cb 9b e1 d9 20 aa 34 a4 1a e7 7a 26 ac cc 95 93 e4 ca 0a a9 28 75 a6 a4 49 2a 47 9a c0 11 2a 75 34 cd 20 37 d8 6b a7 e4 cc 75 3e 27 6d 57 4e 3e fe 89 0b e5 46 89 c3 cd 62 3e cf 24 69 13 60 bf 1c 43 be 0a 1d e7 06 86 a4 b2 94 65 94 d8 85 c8 4a 75 4b c9 54 c9 04 df e0 4a 42 73 ec 6e 7d c2 e6 da 2b a1 2b 1f b4 24 2b f4 ca b1 f9 ff e1 06 b6 b7 8e 94 b2 da 0a 8e 64 ad d1 ca 11 88 86 60 8d 44 8c b2 17 ce b5 57 ce c4 53 75 0f 95 64 8b 54 aa 89 63 b5 48 c9 31 94 68 b2 a5 e1 5c c3 e9 26 4f ac 8f a8 3b 1f a4 31 34 93 aa 0a 34 02 67 a7 d2 6c 05 1f db 34 e1 9c 74 91 6c e9 60 99 b4 14 19 1f 8a 60 5a 2d 13 9b ad Data Ascii: 7uq#rW8Czka)e~9Wl+2 4z&(uIGu4 7ku>'mWN>Fb>$i`CeJuKTJBsn}++$+d`DWSudTcH1h\&O;144gl4tl``Z-
2024-10-24 09:42:34 UTC	1378	IN	Data Raw: 78 44 2a 94 66 90 4e 40 4e 08 03 fe e2 e2 95 33 6e b0 2c 23 7e 6d 91 5a 13 e5 01 87 10 ae ca 82 c9 a1 6e cc b8 3b 5e 50 8c 97 f9 9d 9a bd b3 81 b9 e7 7a 25 54 93 d0 c9 f4 8b d0 62 86 1c cc e7 c4 b3 5d 60 ca 52 3d d8 81 d2 f3 f3 c1 56 50 7d 0b 4f 9e ca 66 33 d0 3a d7 9e 5b 8e fb 78 1f 41 d1 09 77 03 e9 70 aa 69 5c e0 e5 84 f9 ad 93 e9 0e 84 1b e8 62 e8 2b 1e 7e d9 9e 26 59 a0 c2 05 c0 e3 f9 c5 63 8f 47 96 6e 07 e8 18 74 03 b4 92 76 3a 68 78 81 0a 4c bc 2d c1 32 c9 20 68 c9 77 bc 34 25 d4 71 a1 5b ad 93 52 e3 06 1a f6 3c e7 2f ba 6c 11 b8 13 3d 3f 77 0e 7f 55 31 d8 d7 5f ca 06 b3 6f e1 88 fe 1d ff f3 e4 77 0c 89 2f 1a 54 19 57 50 05 1f d2 cb 43 7e 57 f3 d6 33 50 3d 5e 09 22 b7 bd 93 83 ae e1 70 2f 70 4c 7b 33 37 30 8d 6b a0 f4 c2 e7 b1 e9 65 9f 69 0f 7b 39 Data Ascii: xD*fN@N3n,#~mZn;^Pz%Tb]`R=VP}Of3:[xAwpi\b+~&YcGntv:hxL-2 hw4%q[R</l=?wU1_ow/TWPC~W3P=^"p/pL{370kei{9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49717	162.159.61.3	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:42:37 UTC	245	OUT	POST /dns-query HTTP/1.1 Host: chrome.cloudflare-dns.com Connection: keep-alive Content-Length: 128 Accept: application/dns-message Accept-Language: * User-Agent: Chrome Accept-Encoding: identity Content-Type: application/dns-message
2024-10-24 09:42:37 UTC	128	OUT	Data Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom)TP
2024-10-24 09:42:37 UTC	247	IN	HTTP/1.1 200 OK Server: cloudflare Date: Thu, 24 Oct 2024 09:42:37 GMT Content-Type: application/dns-message Connection: close Access-Control-Allow-Origin: * Content-Length: 468 CF-RAY: 8d7904934b9a4785-DFW alt-svc: h3=":443"; ma=86400
2024-10-24 09:42:37 UTC	468	IN	Data Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 08 00 04 8e fa 71 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcomq^)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.16	49719	142.250.113.138	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:42:40 UTC	405	OUT	GET /webstore/inlineinstall/detail/efaidnbmnnnibpcajpcglclefindmkaj HTTP/1.1 Host: chrome.google.com Connection: keep-alive Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:42:40 UTC	1511	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Thu, 24 Oct 2024 09:42:40 GMT Content-Disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="coop_chromewebstore" Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/chromewebstore/2 Content-Security-Policy: script-src 'report-sample' 'nonce-Y0Qoyl7n3z3PgtJjpcwpwA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri /webstore/cspreport Report-To: {"group":"coop_chromewebstore","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chromewebstore"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: NID=518=nCq_OwDPe2QID9vJVaezRReT-35BLlXWFOV0ItjGhUmOZJl0vl495yzi4ZlgWbU75orPkY35QPT6J_CopG-I6NoJJ3kXk4HPEqMBSmZQ7cTVb5SSpSm-A-e0UX78oS6BMHzKVz31aog3AYEJQB-3pL5ZbO0ClKlBxWWuAUTfUdtvllwtfA; expires=Fri, 25-Apr-2025 09:42:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:42:40 UTC	1511	IN	Data Raw: 31 61 63 32 0d 0a 7b 22 69 63 6f 6e 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 68 33 2e 67 6f 6f 67 6c 65 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 61 71 61 68 47 7a 33 65 75 58 61 64 6d 74 6d 70 38 4e 5a 6e 75 4b 50 6f 55 6d 34 63 6d 65 77 4e 59 30 41 49 31 61 5f 63 4d 73 43 32 38 63 66 76 42 32 42 78 33 4e 41 72 59 39 4d 69 35 30 6f 32 7a 46 34 35 55 68 37 34 52 6d 6d 71 2d 42 68 36 64 4a 52 73 56 41 62 6d 22 2c 22 73 68 6f 77 5f 75 73 65 72 5f 63 6f 75 6e 74 22 3a 74 72 75 65 2c 22 6c 6f 63 61 6c 69 7a 65 64 5f 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 44 6f 20 6d 6f 72 65 20 69 6e 20 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 20 77 69 74 68 20 41 64 6f 62 65 20 41 63 72 6f 62 61 74 20 50 44 46 20 74 6f 6f 6c 73 2e 20 56 69 65 77 2c 20 66 69 6c Data Ascii: 1ac2{"icon_url":"https://lh3.googleusercontent.com/aqahGz3euXadmtmp8NZnuKPoUm4cmewNY0AI1a_cMsC28cfvB2Bx3NArY9Mi50o2zF45Uh74Rmmq-Bh6dJRsVAbm","show_user_count":true,"louserzed_description":"Do more in Google Chrome with Adobe Acrobat PDF tools. View, fil
2024-10-24 09:42:40 UTC	1511	IN	Data Raw: 5f 31 36 2e 70 6e 67 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 5c 22 34 38 5c 22 3a 20 5c 22 62 72 6f 77 73 65 72 2f 69 6d 61 67 65 73 2f 61 63 72 6f 62 61 74 5f 64 63 5f 61 70 70 69 63 6f 6e 5f 34 38 2e 70 6e 67 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 5c 22 31 32 38 5c 22 3a 20 5c 22 62 72 6f 77 73 65 72 2f 69 6d 61 67 65 73 2f 61 63 72 6f 62 61 74 5f 64 63 5f 61 70 70 69 63 6f 6e 5f 31 32 38 2e 70 6e 67 5c 22 5c 6e 20 20 20 20 7d 2c 5c 6e 20 20 20 20 5c 22 61 63 74 69 6f 6e 5c 22 3a 20 7b 5c 6e 20 20 20 20 20 20 20 20 5c 22 64 65 66 61 75 6c 74 5f 74 69 74 6c 65 5c 22 3a 20 5c 22 5f 5f 4d 53 47 5f 65 78 74 65 6e 73 69 6f 6e 4d 65 6e 75 54 69 74 6c 65 5f 5f 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 5c 22 64 65 66 61 75 6c 74 5f 69 63 6f 6e 5c 22 3a 20 5c 22 62 Data Ascii: _16.png\",\n \"48\": \"browser/images/acrobat_dc_appicon_48.png\",\n \"128\": \"browser/images/acrobat_dc_appicon_128.png\"\n },\n \"action\": {\n \"default_title\": \"__MSG_extensionMenuTitle__\",\n \"default_icon\": \"b
2024-10-24 09:42:40 UTC	1511	IN	Data Raw: 20 20 20 20 20 20 5c 22 6d 61 74 63 68 65 73 5c 22 3a 20 5b 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 68 74 74 70 73 3a 2f 2f 64 72 69 76 65 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 2a 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 68 74 74 70 73 3a 2f 2f 64 72 69 76 65 2e 75 73 65 72 63 6f 6e 74 65 6e 74 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 64 6f 77 6e 6c 6f 61 64 2a 5c 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 5d 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 63 73 73 5c 22 3a 20 5b 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 62 72 6f 77 73 65 72 2f 63 73 73 2f 67 64 72 69 76 65 2d 63 6f 6e 74 65 6e 74 2d 73 63 72 69 70 74 2e 63 73 73 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: \"matches\": [\n \"https://drive.google.com/\",\n \"https://drive.usercontent.google.com/download\"\n ],\n \"css\": [\n \"browser/css/gdrive-content-script.css\",\n
2024-10-24 09:42:40 UTC	1511	IN	Data Raw: 20 20 20 20 20 20 20 20 5c 22 62 72 6f 77 73 65 72 2f 6a 73 2f 6c 6f 63 61 6c 2d 66 74 65 2e 68 74 6d 6c 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 62 72 6f 77 73 65 72 2f 6a 73 2f 6c 73 43 6f 70 79 2e 68 74 6d 6c 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 73 69 67 6e 49 6e 41 64 6f 62 65 59 6f 6c 6f 2e 68 74 6d 6c 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 62 72 6f 77 73 65 72 2f 69 6d 61 67 65 73 2f 61 63 72 6f 62 61 74 5f 64 63 5f 61 70 70 69 63 6f 6e 5f 31 32 38 2e 70 6e 67 5c 22 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5c 22 62 72 6f 77 73 65 72 2f 69 6d 61 67 65 73 2f 61 63 72 6f 62 61 74 5f 64 63 5f 74 72 65 66 6f 69 6c 5f 32 34 5f 77 68 69 74 65 2e 73 76 Data Ascii: \"browser/js/local-fte.html\",\n \"browser/js/lsCopy.html\",\n \"signInAdobeYolo.html\",\n \"browser/images/acrobat_dc_appicon_128.png\",\n \"browser/images/acrobat_dc_trefoil_24_white.sv
2024-10-24 09:42:40 UTC	814	IN	Data Raw: 20 5c 22 68 74 74 70 73 3a 2f 2f 64 72 69 76 65 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 2a 5c 22 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 5d 5c 6e 20 20 20 20 20 20 20 20 7d 5c 6e 20 20 20 20 5d 2c 5c 6e 20 20 20 20 5c 22 63 6f 6e 74 65 6e 74 5f 73 65 63 75 72 69 74 79 5f 70 6f 6c 69 63 79 5c 22 3a 20 7b 5c 6e 20 20 20 20 20 20 20 20 5c 22 65 78 74 65 6e 73 69 6f 6e 5f 70 61 67 65 73 5c 22 3a 20 5c 22 73 63 72 69 70 74 2d 73 72 63 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 27 73 65 6c 66 27 3b 20 6f 62 6a 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 73 65 6c 66 27 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 20 66 72 61 6d 65 2d 73 72 63 20 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e Data Ascii: \"https://drive.google.com/*\"\n ]\n }\n ],\n \"content_security_policy\": {\n \"extension_pages\": \"script-src 'self'; child-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://use.typekit.n
2024-10-24 09:42:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49718	52.149.20.212	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:42:40 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=sZTN4KFwpgdCGN8&MD=VOzp3FM4 HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 09:42:41 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 78107718-1e52-4598-bc2c-5a73eeae24b6 MS-RequestId: f698827e-7f8f-413f-9bee-91fcd68fd3bf MS-CV: 8KQlqYJ0QU26C2Zc.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 09:42:40 GMT Connection: close Content-Length: 24490
2024-10-24 09:42:41 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-24 09:42:41 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.16	49721	172.217.16.206	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:42:44 UTC	410	OUT	POST /safebrowsing/clientreport/download?key=dummytoken HTTP/1.1 Host: sb-ssl.google.com Connection: keep-alive Content-Length: 8267 Content-Type: application/octet-stream Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br
2024-10-24 09:42:44 UTC	8267	OUT	Data Raw: 0a b0 01 68 74 74 70 3a 2f 2f 37 34 2e 32 34 38 2e 31 32 31 2e 38 2f 64 2f 6d 73 64 6f 77 6e 6c 6f 61 64 2f 75 70 64 61 74 65 2f 73 6f 66 74 77 61 72 65 2f 64 65 66 75 2f 32 30 32 34 2f 31 30 2f 75 70 64 61 74 65 70 6c 61 74 66 6f 72 6d 2e 61 6d 64 36 34 66 72 65 5f 64 33 66 36 66 38 33 30 30 38 35 35 65 35 36 62 38 65 64 30 30 64 61 36 64 61 63 35 35 61 33 63 34 63 62 66 38 63 32 30 2e 65 78 65 3f 63 61 63 68 65 48 6f 73 74 4f 72 69 67 69 6e 3d 61 75 2e 64 6f 77 6e 6c 6f 61 64 2e 77 69 6e 64 6f 77 73 75 70 64 61 74 65 2e 63 6f 6d 12 22 0a 20 c8 97 26 d2 7a 20 8d 8f a8 e3 5a 05 c7 f2 3d b3 77 19 57 1b 9b d4 ff 79 79 ea e3 ed c4 b0 71 f3 18 a0 a6 bb 06 22 b5 01 0a b0 01 68 74 74 70 3a 2f 2f 37 34 2e 32 34 38 2e 31 32 31 2e 38 2f 64 2f 6d 73 64 6f 77 6e 6c Data Ascii: http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com" &z Z=wWyyq"http://74.248.121.8/d/msdownl
2024-10-24 09:42:44 UTC	418	IN	HTTP/1.1 400 Bad Request Vary: X-Origin Vary: Referer Content-Type: application/json; charset=UTF-8 Date: Thu, 24 Oct 2024 09:42:44 GMT Server: ESF Cache-Control: private X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Origin,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:42:44 UTC	419	IN	Data Raw: 31 39 63 0d 0a 7b 0a 20 20 22 65 72 72 6f 72 22 3a 20 7b 0a 20 20 20 20 22 63 6f 64 65 22 3a 20 34 30 30 2c 0a 20 20 20 20 22 6d 65 73 73 61 67 65 22 3a 20 22 41 50 49 20 6b 65 79 20 6e 6f 74 20 76 61 6c 69 64 2e 20 50 6c 65 61 73 65 20 70 61 73 73 20 61 20 76 61 6c 69 64 20 41 50 49 20 6b 65 79 2e 22 2c 0a 20 20 20 20 22 73 74 61 74 75 73 22 3a 20 22 49 4e 56 41 4c 49 44 5f 41 52 47 55 4d 45 4e 54 22 2c 0a 20 20 20 20 22 64 65 74 61 69 6c 73 22 3a 20 5b 0a 20 20 20 20 20 20 7b 0a 20 20 20 20 20 20 20 20 22 40 74 79 70 65 22 3a 20 22 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 6f 6f 67 6c 65 2e 72 70 63 2e 45 72 72 6f 72 49 6e 66 6f 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 61 73 6f 6e 22 3a 20 22 41 50 49 5f 4b 45 59 5f 49 4e 56 41 4c Data Ascii: 19c{ "error": { "code": 400, "message": "API key not valid. Please pass a valid API key.", "status": "INVALID_ARGUMENT", "details": [ { "@type": "type.googleapis.com/google.rpc.ErrorInfo", "reason": "API_KEY_INVAL
2024-10-24 09:42:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.16	49725	142.250.113.95	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:04 UTC	594	OUT	OPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/1.1 Host: ogads-pa.googleapis.com Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent Origin: chrome-untrusted://new-tab-page User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:04 UTC	622	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: chrome-untrusted://new-tab-page Vary: origin Vary: referer Vary: x-origin Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT Access-Control-Allow-Headers: content-type,x-goog-api-key,x-user-agent Access-Control-Max-Age: 3600 Date: Thu, 24 Oct 2024 09:43:04 GMT Content-Type: text/html Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Server-Timing: gfet4t7; dur=8 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.16	49726	142.250.114.138	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:04 UTC	656	OUT	GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:04 UTC	915	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access" Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} Content-Length: 117949 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 23 Oct 2024 12:08:08 GMT Expires: Thu, 23 Oct 2025 12:08:08 GMT Cache-Control: public, max-age=31536000 Last-Modified: Thu, 10 Oct 2024 19:55:27 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding Age: 77696 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:04 UTC	463	IN	Data Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 64 61 2c 65 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 74 61 2c 77 61 3b 64 61 3d 66 75 6e Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);var da,ea,ha,na,oa,sa,ta,wa;da=fun
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 Data Ascii: totype)return a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)retu
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 61 72 20 62 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 64 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 74 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73 Data Ascii: ar b=typeof Symbol!="undefined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:da(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ta=typeof Object.as
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 46 61 3d 30 3b 74 68 69 73 2e 77 66 3d 76 6f 69 64 20 30 3b 74 68 69 73 2e 4e 72 3d 5b 5d 3b 74 68 69 73 2e 68 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 53 64 61 29 2c 72 65 6a 65 63 74 Data Ascii: function(h){this.Fa=0;this.wf=void 0;this.Nr=[];this.hV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l\|\|(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Sda),reject
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 70 72 6f 6d 69 73 65 3d 74 68 69 73 3b 68 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 77 66 3b 72 65 74 75 72 6e 20 6c 28 68 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 4e 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 4e 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 58 4f 28 74 68 69 73 2e 4e 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 4e 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 79 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 69 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 7a 66 61 3d 66 75 6e 63 Data Ascii: promise=this;h.reason=this.wf;return l(h)};e.prototype.G7=function(){if(this.Nr!=null){for(var h=0;h<this.Nr.length;++h)f.XO(this.Nr[h]);this.Nr=null}};var f=new b;e.prototype.yfa=function(h){var k=this.jF();h.iy(k.resolve,k.reject)};e.prototype.zfa=func
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 6f 72 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f Data Ascii: or("First argument to String.prototype."+c+" must not be a regular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c\|0,d.length));fo
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 72 20 68 3d 30 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 74 68 69 73 2e 47 61 3d 28 68 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 6c 29 7b 6c 3d 5f 2e 72 61 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74 Data Ascii: r h=0,k=function(l){this.Ga=(h+=Math.random()+1).toString();if(l){l=_.ra(l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return t
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 3d 64 28 74 68 69 73 2c 6b 29 3b 72 65 74 75 72 6e 20 6b 2e 5a 65 26 26 6b 2e 6c 69 73 74 3f 28 6b 2e 6c 69 73 74 2e 73 70 6c 69 63 65 28 6b 2e 69 6e 64 65 78 2c 31 29 2c 6b 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 52 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 52 6b 3d 0a 6b 2e 5a 65 2e 52 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 52 6b 3d 66 28 29 3b 74 68 69 73 Data Ascii: e=function(k){k=d(this,k);return k.Ze&&k.list?(k.list.splice(k.index,1),k.list.length\|\|delete this[0][k.id],k.Ze.Rk.next=k.Ze.next,k.Ze.next.Rk=k.Ze.Rk,k.Ze.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Rk=f();this
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 5f 2e 72 61 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 Data Ascii: pe.entries\|\|typeof Object.seal!="function")return!1;try{var c=Object.seal({x:4}),d=new a(_.ra([c]));if(!d.has(c)\|\|d.size!=1\|\|d.add(c)!=d\|\|d.size!=1\|\|d.add({x:4})!=d\|\|d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done\|\|f.value[0]!=c\|\|f.value[1]!=c)r
2024-10-24 09:43:04 UTC	1378	IN	Data Raw: 2b 39 32 31 36 7d 7d 7d 29 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 66 72 6f 6d 43 6f 64 65 50 6f 69 6e 74 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 22 22 2c 64 3d 30 3b 64 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 4e 75 6d 62 65 72 28 61 72 67 75 6d 65 6e 74 73 5b 64 5d 29 3b 69 66 28 65 3c 30 7c 7c 65 3e 31 31 31 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 Data Ascii: +9216}}});na("String.fromCodePoint",function(a){return a?a:function(b){for(var c="",d=0;d<arguments.length;d++){var e=Number(arguments[d]);if(e<0\|\|e>1114111\|\|e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.16	49733	216.239.34.157	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:06 UTC	259	OUT	CONNECT www.virustotal.com:443 HTTP/1.1 Host: www.virustotal.com:443 Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 chrome-tunnel: key=dummytoken
2024-10-24 09:43:06 UTC	101	IN	HTTP/1.1 403 Forbidden Date: Thu, 24 Oct 2024 09:43:06 GMT Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.16	49744	216.239.34.157	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:07 UTC	255	OUT	CONNECT en.wikipedia.org:443 HTTP/1.1 Host: en.wikipedia.org:443 Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 chrome-tunnel: key=dummytoken
2024-10-24 09:43:07 UTC	101	IN	HTTP/1.1 403 Forbidden Date: Thu, 24 Oct 2024 09:43:07 GMT Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.16	49747	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:07 UTC	667	OUT	GET /vi/v8fRusw26IA/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lUX2FHndjDzIURPsJS5ZExpo-D8g HTTP/1.1 Host: i.ytimg.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:07 UTC	654	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 4266 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 09:43:07 GMT Expires: Thu, 24 Oct 2024 11:43:07 GMT Cache-Control: public, max-age=7200 ETag: "1713602725" Content-Type: image/jpeg Vary: Origin Age: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:07 UTC	724	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 05 00 03 04 06 07 02 01 ff c4 00 39 10 00 01 03 03 02 04 03 07 02 05 03 05 00 00 00 00 01 02 03 04 00 05 11 12 21 06 31 41 51 13 22 61 14 32 71 81 91 a1 b1 07 23 33 42 52 d1 f1 15 c1 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"9!1AQ"a2q#3BR
2024-10-24 09:43:07 UTC	1378	IN	Data Raw: 62 10 5c 35 97 1e 18 38 49 27 63 dc 74 39 ff 00 7e d4 04 c6 70 ee e0 c0 48 dc 93 ca ad 8f b4 e0 1a 82 d4 3a 6e ae 54 26 54 52 b5 68 41 25 27 73 9d ab 1c ce 1c 70 be 85 91 50 c9 b5 5c 90 86 c2 b4 6b 1a 7a 13 b7 ce 9b 5b 19 41 d2 8d d3 cd 59 3c aa cb 6e 42 5b 60 36 97 19 43 c9 70 a9 fd 67 04 a3 fb 63 02 82 48 6d 2d 97 52 8f e1 92 ad 20 76 ce d5 a7 5b 18 d2 0d da 91 c2 c9 c2 10 e2 74 9f 5f 4a 8e b3 9c a8 6c 7a 8a 9c eb 7a 77 23 6a 8a 51 80 48 a6 35 ca 77 b1 34 16 af 4a 54 89 c1 c1 15 ed 1d a5 52 f1 09 03 9d 1c b0 3f ec ef 2b c3 4a d4 79 a9 28 3a 54 53 d7 07 9f d2 83 24 54 c6 c2 81 cb 6b 52 73 eb 8c d0 97 52 61 66 e1 4a c3 74 79 a9 da 10 cb 40 cb 52 f1 93 82 b0 8e 99 38 f8 7d 2a 2c 9b 44 a8 80 2a 64 75 24 2b dd 3b ef 51 a0 78 ec 4a 6e 40 56 54 9e 5a b7 da ac Data Ascii: b\58I'ct9~pH:nT&TRhA%'spP\kz[AY<nB[`6CpgcHm-R v[t_Jlzzw#jQH5w4JTR?+Jy(:TS$TkRsRafJty@R8},Ddu$+;QxJn@VTZ
2024-10-24 09:43:07 UTC	1378	IN	Data Raw: db 49 e5 a4 92 32 71 cc ec 69 90 43 b8 da 4c d2 50 a5 b7 f0 3f 0f ae cb 61 09 92 02 a4 ca 59 7d e4 e4 10 9c 81 84 fc 80 1f 3c d1 85 c5 65 0d 84 b6 c8 42 7b 20 60 56 79 fa 7b 79 91 6b 99 12 d0 f3 ea 76 13 98 48 4a ce 7c 12 76 1a 7b 0c ed 8e 55 a7 ba 70 95 9c 6a 09 49 3a 7b e0 56 76 b2 09 19 31 de 6e d5 1a 59 58 f6 7c 7c 20 52 d1 a1 69 d1 b0 c5 55 ae 37 0d 0f ba 11 2c 85 24 e3 c3 0a 23 7f 95 5a 92 b7 66 c0 75 e9 51 04 57 1b 58 00 6e 36 c0 e6 0f c7 f1 54 ab 6d b8 dd b8 8d d6 9c 25 b6 cb aa 52 88 ec 37 3f 3a 5c 31 9e e1 05 3e 77 96 35 0b 9a a2 eb 8a 71 29 48 d4 49 38 e5 52 ac be c6 24 94 ce c2 91 83 8c e7 4e 7b 9c 74 ab 65 da c3 6c 7e d4 e7 b2 35 e0 be d3 05 f4 29 2e 05 6a 48 df 0a f5 c7 5a ce e0 4a d1 24 af 3a b4 72 19 ad 56 34 05 9d dc 73 f0 b4 16 22 5a 14 Data Ascii: I2qiCLP?aY}<eB{ `Vy{ykvHJ\|v{UpjI:{Vv1nYX\|\| RiU7,$#ZfuQWXn6Tm%R7?:\1>w5q)HI8R$N{tel~5).jHZJ$:rV4s"Z
2024-10-24 09:43:07 UTC	786	IN	Data Raw: 4b 6d 37 a8 79 9c c6 70 7d 3d dd c7 3c d3 71 78 5a e9 35 2e a9 94 33 a5 0b 5b 5e 67 47 99 49 38 20 7d 3a e2 89 c7 e2 5b 4d c2 ed 7d 43 ef 18 cc 4f 61 b6 59 79 6d 9d f4 05 82 48 ff 00 df 20 1e 82 9c e1 fb 8f 0f db a2 32 04 b8 e9 92 cc 85 a5 d7 57 18 a9 6e a7 24 24 a0 ff 00 28 23 49 f9 11 cf 7a 19 3a 97 57 8d b2 3d cc 3b 8e da 6e c2 40 b6 d9 c8 3e f0 79 ca e0 8e 23 40 1c 67 ca 11 6d b3 c7 3c 39 79 95 31 85 26 74 37 4b 69 25 44 68 23 4e 46 01 c1 e6 69 8e 19 b6 d9 ee 8f 26 2d c5 e9 68 94 e3 98 69 2c e3 49 1a 73 b9 20 f6 34 60 de 2d 6f b1 c4 b1 57 35 2d 7b 5b a5 c6 1c 52 09 0b f2 8d 86 dd d3 f7 aa b7 0c cf 66 17 11 40 91 2d 61 a6 5a 70 95 af 73 81 a4 8e 9e b8 ad 08 9d ac 9b 4b aa 2e dc d7 ff 00 53 79 fd 00 d0 bf 1b ac 10 92 43 43 db 5f cc a3 77 4e 1f 89 22 7b Data Ascii: Km7yp}=<qxZ5.3[^gGI8 }:[M}COaYymH 2Wn$$(#Iz:W=;n@>y#@gm<9y1&t7Ki%Dh#NFi&-hi,Is 4`-oW5-{[Rf@-aZpsK.SyCC_wN"{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.16	49746	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:07 UTC	667	OUT	GET /vi/Sf2UdT53yFw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nHnDZp41kd8qjHwRBAPpl1cxalyQ HTTP/1.1 Host: i.ytimg.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:07 UTC	657	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 3384 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 08:03:11 GMT Expires: Thu, 24 Oct 2024 10:03:11 GMT Cache-Control: public, max-age=7200 ETag: "1593718275" Content-Type: image/jpeg Vary: Origin Age: 5996 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:07 UTC	721	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 04 03 01 00 00 00 00 00 00 00 00 00 00 00 00 01 02 04 07 03 06 08 05 ff c4 00 46 10 00 01 02 04 03 04 04 07 0e 05 05 01 01 00 00 00 01 02 03 00 04 05 11 06 12 21 07 13 31 41 22 51 61 d1 14 32 71 81 94 a1 b1 15 16 17 24 42 52 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"F!1A"Qa2q$BR
2024-10-24 09:43:07 UTC	1378	IN	Data Raw: f2 16 10 44 55 62 9b dc dc 83 ae 96 e5 0b 08 0d ef 0b 00 44 77 b8 8d 13 61 a8 cc 9e 11 22 30 3e 0f 12 92 45 b5 00 5f f4 30 c0 ad dd 03 28 2d da da 01 a4 58 74 86 d8 98 c3 72 0d 4c 32 5c 4e e4 28 65 3c 08 e6 0d ee 0f 68 8a e1 59 81 f1 55 7b 71 09 e1 fe 31 64 50 9d 5a 30 d5 3c 36 4a 56 a6 45 ba 04 db af 40 21 e9 9b 13 e9 cc cb cb a7 2b 0c a9 2a 73 a4 b5 29 45 45 64 73 2a 24 93 e7 85 21 c0 e9 bb 6f a9 37 f9 2a 22 ff 00 e7 fa 42 b1 30 f2 ee 97 02 42 ad d1 b2 16 05 fb 6e 23 2a 4b f9 15 9b 77 9b e4 da f6 f3 c5 dc 85 be b1 80 37 64 ee 66 b8 f8 bb dd 4f f9 43 b2 0c c1 3b b9 9b 5a f9 b7 a6 c3 b3 c6 87 20 bf 9b f8 9b bc b6 f9 37 bd e1 10 a9 8c c3 79 ba cb cf 2d ef 10 30 6a a0 37 13 63 b4 bb c3 fc a2 42 19 4a 0d c1 59 fe e5 93 ed 31 8d 25 fd e7 48 b7 92 fc af 78 6a Data Ascii: DUbDwa"0>E_0(-XtrL2\N(e<hYU{q1dPZ0<6JVE@!+s)EEds$!o7"B0Bn#Kw7dfOC;Z 7y-0j7cBJY1%Hxj
2024-10-24 09:43:07 UTC	1285	IN	Data Raw: a2 bf e4 9b e8 35 8d 85 a7 a6 65 76 5b 40 98 6b 10 d3 a8 ee ba e3 bb c9 8a 83 61 61 df e2 2c db 52 35 e7 01 e2 2b 1d 61 b4 e3 ba 4e 31 45 49 e5 09 89 73 2d 50 90 74 38 a5 c9 dd 3a 29 1a 58 a2 fc 40 3c ee 01 b9 02 05 56 a7 82 f0 fe 0e ac 51 a8 95 c7 ea 4e d6 a6 1b 52 d4 96 0f c5 db 0a 04 93 7b 02 40 07 4b 82 49 1c 23 47 c2 94 35 e2 9c 6f 2d 4d 52 b7 88 98 99 52 9f 71 b1 61 bb 04 a9 64 75 5c 03 6f 28 8b 4b 6e 14 73 55 c3 4d d6 d9 a7 3b 26 ba 4c d2 e5 16 85 a3 2e f1 82 40 4a c7 d9 be 5b 7f 71 80 c7 2f 89 b0 85 0f 0b 55 24 d9 c5 13 35 ca 74 cc b1 6a 4e 93 35 2e a2 b6 55 63 61 98 81 61 c3 a8 0b 5c 5c c6 8d 31 5c a6 b9 b1 f9 5a 12 26 6f 53 45 50 be a9 70 85 5c 22 ca 17 bd ad cc 73 8d af 64 0a 9d 6b 67 b8 89 ca 65 42 4a 9b 38 99 c6 77 73 73 a5 21 a6 f5 4d f3 12 Data Ascii: 5ev[@kaa,R5+aN1EIs-Pt8:)X@<VQNR{@KI#G5o-MRRqadu\o(KnsUM;&L.@J[q/U$5tjN5.Ucaa\\1\Z&oSEPp\"sdkgeBJ8wss!M

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.16	49748	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:07 UTC	667	OUT	GET /vi/4Eu8wrEejUI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nnSobupLFu6PdHSkj0YQIBkMbOeQ HTTP/1.1 Host: i.ytimg.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:07 UTC	657	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 3110 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 08:03:11 GMT Expires: Thu, 24 Oct 2024 10:03:11 GMT Cache-Control: public, max-age=7200 Age: 5996 ETag: "1701903369" Content-Type: image/jpeg Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:07 UTC	721	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 00 03 04 05 06 07 01 02 08 ff c4 00 40 10 00 02 01 03 02 03 05 03 09 04 0a 03 00 00 00 00 01 02 03 00 04 11 05 21 06 12 31 07 13 22 41 51 61 71 81 14 23 32 91 93 a1 b1 c1 d2 42 73 92 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"@!1"AQaq#2Bs
2024-10-24 09:43:07 UTC	1378	IN	Data Raw: aa 5b 09 d9 13 92 1c 1e 69 0b c6 1c 3a 8c fd 11 9c 1f 5e 46 39 18 c5 64 5a 45 84 56 a5 2e 5d 79 e5 97 c6 ce db 96 27 72 49 f6 9a 56 5e 58 fb 1f 87 1a c8 c6 1a 2e 95 c5 57 9c a6 37 9e 25 3d 0c ec 08 fb ea cb a2 da 6a 37 7a cf f4 1e a3 15 bd bd eb 46 5e 09 59 8f 77 70 00 dc 02 01 c1 c6 4e 3d 86 ac 1a 3d fa f7 7e 26 55 c0 c9 cf 95 77 5f 9f ba 5b 0d 46 da 35 95 ed 6e a3 90 32 9d f1 cc 01 03 1e bd 3e 34 88 e5 76 6a c9 e3 c2 a9 23 cd af 67 da e4 71 77 72 cb a7 30 52 42 91 33 e7 97 c8 1f 05 43 f1 2e 8b 3f 0f bc 0b a8 3c 20 4f 9e ed a3 62 41 23 19 1b 81 be e2 b6 2b 2b c8 2f ad 96 e2 d2 51 24 2c 48 56 1e 78 24 1f bc 1a cd 7b 74 32 8b 5d 21 a1 8d e4 28 f2 b1 0a 7c 87 26 7e ec 8f 8d 69 52 67 3e 50 33 2e 2c 46 4b 78 a4 51 f4 5f 1b fb 45 45 68 53 b3 5f 32 31 d9 d3 60 Data Ascii: [i:^F9dZEV.]y'rIV^X.W7%=j7zF^YwpN==~&Uw_[F5n2>4vj#gqwr0RB3C.?< ObA#++/Q$,HVx${t2]!(\|&~iRg>P3.,FKxQ_EEhS_21`
2024-10-24 09:43:07 UTC	1011	IN	Data Raw: d8 f5 aa 0e 2f b5 c2 70 33 e9 54 5b 3e d6 38 66 f6 f2 3b 5b 56 bc 79 24 38 04 c1 80 3e 24 d4 d3 71 7e 9c 06 4c 57 5f c0 3f 9d 42 12 b7 78 25 19 8b 83 82 33 18 e6 d8 e3 af 84 fa 56 75 da 65 ec 46 23 61 71 25 e0 b5 e5 59 24 ee 53 7c f4 19 f0 ec 00 03 cb d6 ad 47 8d 34 91 d6 1b 9f b3 5f e7 58 ff 00 68 9a d1 bd e2 29 66 8c ca 23 91 82 44 03 f2 30 5e 51 e5 d0 ef 9a 12 5a a2 d8 e4 94 ad 8a c5 aa 58 5b e8 f7 31 58 df 21 89 80 0a f9 f1 c7 b8 d9 97 94 97 cf bf df b5 67 93 b4 12 cc e6 35 ee 57 98 f2 8f d9 c7 e5 f8 7b aa 5d 6f 16 48 1e 1e fe 36 91 c8 5c 3d a0 e7 1b f5 0c 0f 95 32 e2 6d 3a 0d 2b 5b b9 b3 b3 92 69 2d 57 95 a0 79 c0 0e ca 40 dc e3 6e bc c3 e1 45 45 a5 b0 4e 49 ce a3 d5 0c 02 94 70 1c 75 e8 7c 8f bb d6 bd 10 a3 72 69 38 e4 64 f0 ec ca 7a ab 74 ff 00 be Data Ascii: /p3T[>8f;[Vy$8>$q~LW_?Bx%3VueF#aq%Y$S\|G4_Xh)f#D0^QZX[1X!g5W{]oH6\=2m:+[i-Wy@nEENIpu\|ri8dzt

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.16	49752	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:07 UTC	688	OUT	GET / HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	287	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Cache-Control: no-cache Location: https://www.virustotal.com/gui/ X-Cloud-Trace-Context: 734af29269b91de796001c7c1b04501d Date: Thu, 24 Oct 2024 09:43:07 GMT Server: Google Frontend Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.16	49753	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	692	OUT	GET /gui/ HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	333	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 77422ce56c5205097e401760f558cebe Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:08 GMT Expires: Thu, 24 Oct 2024 09:44:08 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: text/html Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:08 UTC	1075	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 63 33 32 0d 0a 0b 77 9b 46 16 fe 2b 84 9e 66 c5 16 10 20 d0 cb 96 73 1c 37 ed a6 4d 9c 6c ec 24 6d 73 72 7a 06 18 a4 b1 81 61 99 91 2c 45 f1 7f df 6f 40 12 48 71 5c a7 4d 8e 6d 1e f7 de 99 b9 8f ef 3e 38 7e 14 f3 48 ae 0a aa cd 64 96 9e 1c ab df 5a 4a f2 e9 44 a7 b9 8e 7b 4a e2 93 63 11 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001Y000c32wF+f s7Ml$msrza,Eo@Hq\Mm>8~HdZJD{Jc
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 5f c6 0e 6a ec ff cd 69 b9 ba a0 29 8d 10 95 9d 5a 75 86 5d 79 f5 d6 7d 6d a5 cf 23 a5 21 a9 a9 4b 38 6f 83 1c 5f e7 3f 3a 88 02 bb e4 5c be 26 08 e0 8d 90 06 d0 52 96 5f 6b 25 4d 27 3a c3 32 fa 26 a8 58 06 ef 11 dd 84 c0 70 80 32 b1 98 22 c2 1a 52 b8 15 4b a0 96 2d f9 f6 1e 00 0c 19 7b b0 23 67 80 7d 2b e2 e9 1e f0 7c d7 4b 02 37 0c f6 49 33 1e b2 14 e0 42 43 0b de 6d c1 ce 0a 38 5a 10 50 43 48 0b d3 40 96 b2 1a 6e 2d 85 72 2d da 3d b8 38 60 a1 d6 df 5b ea 0b 3e 38 86 9c 0b 2b 24 c0 39 b9 da db 6b 08 18 bf b6 24 1c 4c a4 f3 08 51 b4 7f 56 b5 f3 2f c4 55 50 f8 b5 33 34 da af 79 25 9f 47 33 eb 0e a3 6d 8d d1 55 ef 2c 7f b8 f4 87 76 91 ef 1b f0 4b 11 82 7d a2 62 a2 0f bc e5 c0 db 9a 75 e3 05 fb 02 2b 8a 87 0b 1c f5 97 a3 fe bd 02 2b 8a 87 0b 74 7d 7f 89 9f Data Ascii: _ji)Zu]y}m#!K8o_?:\&R_k%M':2&Xp2"RK-{#g}+\|K7I3BCm8ZPCH@n-r-=8`[>8+$9k$LQV/UP34y%G3mU,vK}bu++t}
2024-10-24 09:43:08 UTC	805	IN	Data Raw: a7 7e c5 59 fe 56 9c d5 e3 aa 5d b0 a1 44 4f 89 c0 49 0f a3 50 9d 19 ac 0d bf c2 fd 2a 1d 55 41 ba 7b dd dd 5b ac d6 4b ad 8f 82 a7 55 dd 2f ba 11 46 a8 d6 95 b0 dd d1 68 e8 84 c3 01 f4 ec 0e 88 e3 86 bd 28 a4 41 9f f6 c2 d0 77 3c 8f 56 6a cf 79 c6 e3 79 d5 3e 60 0b 5b 45 df 2d b8 a4 bb 49 a5 55 ce 81 8b 19 b5 bd 70 34 18 41 a8 e3 bb fd 64 d8 a7 61 4c 02 1a f7 62 9f 0c 02 02 e3 fe e5 22 27 77 4c 61 89 98 7d 7d 3c bb 99 93 fc 70 37 9f 2d e6 a1 90 65 c7 33 76 21 b6 31 ea 25 17 67 88 ac 29 8d 5f 52 21 90 ce 27 8f dc e6 c4 3b 73 be c6 ac 08 b1 43 73 55 19 6b bf 90 05 b9 a8 06 f2 1a 80 49 19 45 43 5a 10 1a 72 05 72 31 b5 db 7e b0 51 5e 3e 4f d3 47 5f 1f 05 c1 a5 75 c3 c6 28 f8 14 bd d8 02 e0 b2 3b c7 e1 d0 e8 80 b2 d3 1a 29 6f ec 53 4f e2 d1 f8 29 8f 9b ee e6 Data Ascii: ~YV]DOIP*UA{[KU/Fh(Aw<Vjyy>`[E-IUp4AdaLb"'wLa}}<p7-e3v!1%g)_R!';sCsUkIECZrr1~Q^>OG_u(;)oSO)
2024-10-24 09:43:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.16	49755	142.251.116.100	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	942	OUT	POST /log?format=json&hasfast=true HTTP/1.1 Host: play.google.com Connection: keep-alive Content-Length: 884 sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Accept: / Origin: https://www.google.com X-Client-Data: CPTfygE= Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: AEC=AVYB7cpccTh9qwqFyj4nX8TIScimqkA-LIWOz92B_7kSK-horAARNCQ5jw; NID=518=hAbOcfJo1yfbOqZHgkfHyaISAMelAQqG8IROHInx8mcj9afqH8eDPQs26MeDOBRynOgK8Fo2tJtyU3SkVd6h1Ff0HY9RLviN2fUJwC2L0OhKEAdHPo1wq24vgamuwEbanDA06bXgfhrNOkh_N89IYiiwLx67BagiRq1O9aKSQzXBzsANnncdMP8QbebUD34QXU0
2024-10-24 09:43:08 UTC	884	OUT	Data Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 65 6e 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 4e 6f 74 2e 41 2f 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 34 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 34 2e 30 2e 35 37 33 35 2e 39 30 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 32 39 37 36 32 39 38 36 31 31 32 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 5b 31 2c 34 30 34 30 30 2c Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,"en",null,null,null,[[["Not.A/Brand","8"],["Chromium","114"]],0,"Windows","10.0.0","x86","","114.0.5735.90"],[1,0,0,0,0]]],373,[["1729762986112",null,null,null,null,null,null,"[1,40400,
2024-10-24 09:43:08 UTC	952	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: https://www.google.com Cross-Origin-Resource-Policy: cross-origin Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: X-Playlog-Web Set-Cookie: NID=518=awiY7bKL_vMa6OhaQE7bbd-jbde9_9xRh3ibyX-vE6QW3xQO33L78F5wTCDqWHd5MO55e04TCTNIGO0HYApClE4MyUauVl1nDvFUGnlwrIS_nrWksx4CN8d_XeXfhNHPHVp1hg37BH3njVCsdzrr4Fk6lG1UvcQR-O0G1Co9P_Cgl3Rr7ssmkum7hP0u8-Vlhgs7xfC1E74; expires=Fri, 25-Apr-2025 09:43:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Type: text/plain; charset=UTF-8 Date: Thu, 24 Oct 2024 09:43:08 GMT Server: Playlog Cache-Control: private X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Expires: Thu, 24 Oct 2024 09:43:08 GMT Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:08 UTC	137	IN	Data Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
2024-10-24 09:43:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.16	49756	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	458	OUT	GET /vi/Sf2UdT53yFw/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nHnDZp41kd8qjHwRBAPpl1cxalyQ HTTP/1.1 Host: i.ytimg.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	657	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 3384 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 08:03:11 GMT Expires: Thu, 24 Oct 2024 10:03:11 GMT Cache-Control: public, max-age=7200 ETag: "1593718275" Content-Type: image/jpeg Vary: Origin Age: 5997 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:08 UTC	721	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 04 03 01 00 00 00 00 00 00 00 00 00 00 00 00 01 02 04 07 03 06 08 05 ff c4 00 46 10 00 01 02 04 03 04 04 07 0e 05 05 01 01 00 00 00 01 02 03 00 04 05 11 06 12 21 07 13 31 41 22 51 61 d1 14 32 71 81 94 a1 b1 15 16 17 24 42 52 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"F!1A"Qa2q$BR
2024-10-24 09:43:08 UTC	1378	IN	Data Raw: f2 16 10 44 55 62 9b dc dc 83 ae 96 e5 0b 08 0d ef 0b 00 44 77 b8 8d 13 61 a8 cc 9e 11 22 30 3e 0f 12 92 45 b5 00 5f f4 30 c0 ad dd 03 28 2d da da 01 a4 58 74 86 d8 98 c3 72 0d 4c 32 5c 4e e4 28 65 3c 08 e6 0d ee 0f 68 8a e1 59 81 f1 55 7b 71 09 e1 fe 31 64 50 9d 5a 30 d5 3c 36 4a 56 a6 45 ba 04 db af 40 21 e9 9b 13 e9 cc cb cb a7 2b 0c a9 2a 73 a4 b5 29 45 45 64 73 2a 24 93 e7 85 21 c0 e9 bb 6f a9 37 f9 2a 22 ff 00 e7 fa 42 b1 30 f2 ee 97 02 42 ad d1 b2 16 05 fb 6e 23 2a 4b f9 15 9b 77 9b e4 da f6 f3 c5 dc 85 be b1 80 37 64 ee 66 b8 f8 bb dd 4f f9 43 b2 0c c1 3b b9 9b 5a f9 b7 a6 c3 b3 c6 87 20 bf 9b f8 9b bc b6 f9 37 bd e1 10 a9 8c c3 79 ba cb cf 2d ef 10 30 6a a0 37 13 63 b4 bb c3 fc a2 42 19 4a 0d c1 59 fe e5 93 ed 31 8d 25 fd e7 48 b7 92 fc af 78 6a Data Ascii: DUbDwa"0>E_0(-XtrL2\N(e<hYU{q1dPZ0<6JVE@!+s)EEds$!o7"B0Bn#Kw7dfOC;Z 7y-0j7cBJY1%Hxj
2024-10-24 09:43:08 UTC	1285	IN	Data Raw: a2 bf e4 9b e8 35 8d 85 a7 a6 65 76 5b 40 98 6b 10 d3 a8 ee ba e3 bb c9 8a 83 61 61 df e2 2c db 52 35 e7 01 e2 2b 1d 61 b4 e3 ba 4e 31 45 49 e5 09 89 73 2d 50 90 74 38 a5 c9 dd 3a 29 1a 58 a2 fc 40 3c ee 01 b9 02 05 56 a7 82 f0 fe 0e ac 51 a8 95 c7 ea 4e d6 a6 1b 52 d4 96 0f c5 db 0a 04 93 7b 02 40 07 4b 82 49 1c 23 47 c2 94 35 e2 9c 6f 2d 4d 52 b7 88 98 99 52 9f 71 b1 61 bb 04 a9 64 75 5c 03 6f 28 8b 4b 6e 14 73 55 c3 4d d6 d9 a7 3b 26 ba 4c d2 e5 16 85 a3 2e f1 82 40 4a c7 d9 be 5b 7f 71 80 c7 2f 89 b0 85 0f 0b 55 24 d9 c5 13 35 ca 74 cc b1 6a 4e 93 35 2e a2 b6 55 63 61 98 81 61 c3 a8 0b 5c 5c c6 8d 31 5c a6 b9 b1 f9 5a 12 26 6f 53 45 50 be a9 70 85 5c 22 ca 17 bd ad cc 73 8d af 64 0a 9d 6b 67 b8 89 ca 65 42 4a 9b 38 99 c6 77 73 73 a5 21 a6 f5 4d f3 12 Data Ascii: 5ev[@kaa,R5+aN1EIs-Pt8:)X@<VQNR{@KI#G5o-MRRqadu\o(KnsUM;&L.@J[q/U$5tjN5.Ucaa\\1\Z&oSEPp\"sdkgeBJ8wss!M

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.16	49757	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	458	OUT	GET /vi/v8fRusw26IA/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lUX2FHndjDzIURPsJS5ZExpo-D8g HTTP/1.1 Host: i.ytimg.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	654	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 4266 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 09:43:07 GMT Expires: Thu, 24 Oct 2024 11:43:07 GMT Cache-Control: public, max-age=7200 Age: 1 ETag: "1713602725" Content-Type: image/jpeg Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:08 UTC	724	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 05 00 03 04 06 07 02 01 ff c4 00 39 10 00 01 03 03 02 04 03 07 02 05 03 05 00 00 00 00 01 02 03 04 00 05 11 12 21 06 31 41 51 13 22 61 14 32 71 81 91 a1 b1 07 23 33 42 52 d1 f1 15 c1 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"9!1AQ"a2q#3BR
2024-10-24 09:43:08 UTC	1378	IN	Data Raw: 62 10 5c 35 97 1e 18 38 49 27 63 dc 74 39 ff 00 7e d4 04 c6 70 ee e0 c0 48 dc 93 ca ad 8f b4 e0 1a 82 d4 3a 6e ae 54 26 54 52 b5 68 41 25 27 73 9d ab 1c ce 1c 70 be 85 91 50 c9 b5 5c 90 86 c2 b4 6b 1a 7a 13 b7 ce 9b 5b 19 41 d2 8d d3 cd 59 3c aa cb 6e 42 5b 60 36 97 19 43 c9 70 a9 fd 67 04 a3 fb 63 02 82 48 6d 2d 97 52 8f e1 92 ad 20 76 ce d5 a7 5b 18 d2 0d da 91 c2 c9 c2 10 e2 74 9f 5f 4a 8e b3 9c a8 6c 7a 8a 9c eb 7a 77 23 6a 8a 51 80 48 a6 35 ca 77 b1 34 16 af 4a 54 89 c1 c1 15 ed 1d a5 52 f1 09 03 9d 1c b0 3f ec ef 2b c3 4a d4 79 a9 28 3a 54 53 d7 07 9f d2 83 24 54 c6 c2 81 cb 6b 52 73 eb 8c d0 97 52 61 66 e1 4a c3 74 79 a9 da 10 cb 40 cb 52 f1 93 82 b0 8e 99 38 f8 7d 2a 2c 9b 44 a8 80 2a 64 75 24 2b dd 3b ef 51 a0 78 ec 4a 6e 40 56 54 9e 5a b7 da ac Data Ascii: b\58I'ct9~pH:nT&TRhA%'spP\kz[AY<nB[`6CpgcHm-R v[t_Jlzzw#jQH5w4JTR?+Jy(:TS$TkRsRafJty@R8},Ddu$+;QxJn@VTZ
2024-10-24 09:43:08 UTC	1378	IN	Data Raw: db 49 e5 a4 92 32 71 cc ec 69 90 43 b8 da 4c d2 50 a5 b7 f0 3f 0f ae cb 61 09 92 02 a4 ca 59 7d e4 e4 10 9c 81 84 fc 80 1f 3c d1 85 c5 65 0d 84 b6 c8 42 7b 20 60 56 79 fa 7b 79 91 6b 99 12 d0 f3 ea 76 13 98 48 4a ce 7c 12 76 1a 7b 0c ed 8e 55 a7 ba 70 95 9c 6a 09 49 3a 7b e0 56 76 b2 09 19 31 de 6e d5 1a 59 58 f6 7c 7c 20 52 d1 a1 69 d1 b0 c5 55 ae 37 0d 0f ba 11 2c 85 24 e3 c3 0a 23 7f 95 5a 92 b7 66 c0 75 e9 51 04 57 1b 58 00 6e 36 c0 e6 0f c7 f1 54 ab 6d b8 dd b8 8d d6 9c 25 b6 cb aa 52 88 ec 37 3f 3a 5c 31 9e e1 05 3e 77 96 35 0b 9a a2 eb 8a 71 29 48 d4 49 38 e5 52 ac be c6 24 94 ce c2 91 83 8c e7 4e 7b 9c 74 ab 65 da c3 6c 7e d4 e7 b2 35 e0 be d3 05 f4 29 2e 05 6a 48 df 0a f5 c7 5a ce e0 4a d1 24 af 3a b4 72 19 ad 56 34 05 9d dc 73 f0 b4 16 22 5a 14 Data Ascii: I2qiCLP?aY}<eB{ `Vy{ykvHJ\|v{UpjI:{Vv1nYX\|\| RiU7,$#ZfuQWXn6Tm%R7?:\1>w5q)HI8R$N{tel~5).jHZJ$:rV4s"Z
2024-10-24 09:43:08 UTC	786	IN	Data Raw: 4b 6d 37 a8 79 9c c6 70 7d 3d dd c7 3c d3 71 78 5a e9 35 2e a9 94 33 a5 0b 5b 5e 67 47 99 49 38 20 7d 3a e2 89 c7 e2 5b 4d c2 ed 7d 43 ef 18 cc 4f 61 b6 59 79 6d 9d f4 05 82 48 ff 00 df 20 1e 82 9c e1 fb 8f 0f db a2 32 04 b8 e9 92 cc 85 a5 d7 57 18 a9 6e a7 24 24 a0 ff 00 28 23 49 f9 11 cf 7a 19 3a 97 57 8d b2 3d cc 3b 8e da 6e c2 40 b6 d9 c8 3e f0 79 ca e0 8e 23 40 1c 67 ca 11 6d b3 c7 3c 39 79 95 31 85 26 74 37 4b 69 25 44 68 23 4e 46 01 c1 e6 69 8e 19 b6 d9 ee 8f 26 2d c5 e9 68 94 e3 98 69 2c e3 49 1a 73 b9 20 f6 34 60 de 2d 6f b1 c4 b1 57 35 2d 7b 5b a5 c6 1c 52 09 0b f2 8d 86 dd d3 f7 aa b7 0c cf 66 17 11 40 91 2d 61 a6 5a 70 95 af 73 81 a4 8e 9e b8 ad 08 9d ac 9b 4b aa 2e dc d7 ff 00 53 79 fd 00 d0 bf 1b ac 10 92 43 43 db 5f cc a3 77 4e 1f 89 22 7b Data Ascii: Km7yp}=<qxZ5.3[^gGI8 }:[M}COaYymH 2Wn$$(#Iz:W=;n@>y#@gm<9y1&t7Ki%Dh#NFi&-hi,Is 4`-oW5-{[Rf@-aZpsK.SyCC_wN"{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.16	49758	142.250.114.119	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	458	OUT	GET /vi/4Eu8wrEejUI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3nnSobupLFu6PdHSkj0YQIBkMbOeQ HTTP/1.1 Host: i.ytimg.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	657	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube" Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} Timing-Allow-Origin: * Content-Length: 3110 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Oct 2024 08:03:11 GMT Expires: Thu, 24 Oct 2024 10:03:11 GMT Cache-Control: public, max-age=7200 Age: 5997 ETag: "1701903369" Content-Type: image/jpeg Vary: Origin Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:08 UTC	721	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 84 00 09 06 07 08 07 06 09 08 07 08 0a 0a 09 0b 0d 16 0f 0d 0c 0c 0d 1b 14 15 10 16 20 1d 22 22 20 1d 1f 1f 24 28 34 2c 24 26 31 27 1f 1f 2d 3d 2d 31 35 37 3a 3a 3a 23 2b 3f 44 3f 38 43 34 39 3a 37 01 0a 0a 0a 0d 0c 0d 1a 0f 0f 1a 37 25 1f 25 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 37 ff c0 00 11 08 00 53 00 94 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 00 03 04 05 06 07 01 02 08 ff c4 00 40 10 00 02 01 03 02 03 05 03 09 04 0a 03 00 00 00 00 01 02 03 00 04 11 05 21 06 12 31 07 13 22 41 51 61 71 81 14 23 32 91 93 a1 b1 c1 d2 42 73 92 Data Ascii: JFIF "" $(4,$&1'-=-157:::#+?D?8C49:77%%77777777777777777777777777777777777777777777777777S"@!1"AQaq#2Bs
2024-10-24 09:43:08 UTC	1378	IN	Data Raw: aa 5b 09 d9 13 92 1c 1e 69 0b c6 1c 3a 8c fd 11 9c 1f 5e 46 39 18 c5 64 5a 45 84 56 a5 2e 5d 79 e5 97 c6 ce db 96 27 72 49 f6 9a 56 5e 58 fb 1f 87 1a c8 c6 1a 2e 95 c5 57 9c a6 37 9e 25 3d 0c ec 08 fb ea cb a2 da 6a 37 7a cf f4 1e a3 15 bd bd eb 46 5e 09 59 8f 77 70 00 dc 02 01 c1 c6 4e 3d 86 ac 1a 3d fa f7 7e 26 55 c0 c9 cf 95 77 5f 9f ba 5b 0d 46 da 35 95 ed 6e a3 90 32 9d f1 cc 01 03 1e bd 3e 34 88 e5 76 6a c9 e3 c2 a9 23 cd af 67 da e4 71 77 72 cb a7 30 52 42 91 33 e7 97 c8 1f 05 43 f1 2e 8b 3f 0f bc 0b a8 3c 20 4f 9e ed a3 62 41 23 19 1b 81 be e2 b6 2b 2b c8 2f ad 96 e2 d2 51 24 2c 48 56 1e 78 24 1f bc 1a cd 7b 74 32 8b 5d 21 a1 8d e4 28 f2 b1 0a 7c 87 26 7e ec 8f 8d 69 52 67 3e 50 33 2e 2c 46 4b 78 a4 51 f4 5f 1b fb 45 45 68 53 b3 5f 32 31 d9 d3 60 Data Ascii: [i:^F9dZEV.]y'rIV^X.W7%=j7zF^YwpN==~&Uw_[F5n2>4vj#gqwr0RB3C.?< ObA#++/Q$,HVx${t2]!(\|&~iRg>P3.,FKxQ_EEhS_21`
2024-10-24 09:43:08 UTC	1011	IN	Data Raw: d8 f5 aa 0e 2f b5 c2 70 33 e9 54 5b 3e d6 38 66 f6 f2 3b 5b 56 bc 79 24 38 04 c1 80 3e 24 d4 d3 71 7e 9c 06 4c 57 5f c0 3f 9d 42 12 b7 78 25 19 8b 83 82 33 18 e6 d8 e3 af 84 fa 56 75 da 65 ec 46 23 61 71 25 e0 b5 e5 59 24 ee 53 7c f4 19 f0 ec 00 03 cb d6 ad 47 8d 34 91 d6 1b 9f b3 5f e7 58 ff 00 68 9a d1 bd e2 29 66 8c ca 23 91 82 44 03 f2 30 5e 51 e5 d0 ef 9a 12 5a a2 d8 e4 94 ad 8a c5 aa 58 5b e8 f7 31 58 df 21 89 80 0a f9 f1 c7 b8 d9 97 94 97 cf bf df b5 67 93 b4 12 cc e6 35 ee 57 98 f2 8f d9 c7 e5 f8 7b aa 5d 6f 16 48 1e 1e fe 36 91 c8 5c 3d a0 e7 1b f5 0c 0f 95 32 e2 6d 3a 0d 2b 5b b9 b3 b3 92 69 2d 57 95 a0 79 c0 0e ca 40 dc e3 6e bc c3 e1 45 45 a5 b0 4e 49 ce a3 d5 0c 02 94 70 1c 75 e8 7c 8f bb d6 bd 10 a3 72 69 38 e4 64 f0 ec ca 7a ab 74 ff 00 be Data Ascii: /p3T[>8f;[Vy$8>$q~LW_?Bx%3VueF#aq%Y$S\|G4_Xh)f#D0^QZX[1X!g5W{]oH6\=2m:+[i-Wy@nEENIpu\|ri8dzt

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.16	49759	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	540	OUT	GET /gui/main.1e3f41455405da971270.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:08 UTC	349	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: eb71cf010ddb88ff995f905e127d1a10 Content-Encoding: gzip Server: Google Frontend Date: Wed, 23 Oct 2024 11:18:55 GMT Expires: Thu, 23 Oct 2025 11:18:55 GMT Cache-Control: public, max-age=31536000 ETag: "gp--tA" Content-Type: text/javascript Age: 80653 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:08 UTC	1059	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 02 0d 0a 30 66 66 37 0d 0a ff ec bd 6d 5b 1b b9 b2 36 fa 7d ff 0a c7 3b 87 cb 1e 1a 63 9b 77 93 0e db 80 49 98 01 cc 60 48 26 c3 62 b3 0c 6e c0 13 e3 66 ec 36 81 01 fe fb 73 57 a9 4a 52 fb 8d cc 9c 67 9d f3 25 d7 95 98 ee 52 a9 f4 5e 2a dd 2a a9 73 b9 7c f8 fe e9 be d9 cb 9c 9f 7f 8b 2e ee 9a 97 5f cf 6f e3 d6 a0 13 f5 cf cf c3 a7 72 b9 b4 bc 56 c9 45 41 12 f4 88 31 3b e8 47 99 7e d2 6b 5f 26 d9 f5 ab 41 f7 32 69 c7 dd 4c 97 18 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000010ff7m[6};cwI`H&bnf6sWJRg%R^**s\|._orVEA1;G~k_&A2iL
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 7f 6a 2c a3 dc b2 34 bc ba d7 59 d4 b1 e9 3c 91 aa b7 36 97 74 dd f4 b9 a7 97 42 12 37 98 55 5b bf d0 a7 d1 9f 5b 0d e6 4a f9 75 53 4f 59 53 b5 10 16 f6 d0 fd 0a 97 e8 dd 5c e4 18 af e8 39 29 4a a1 db bc 45 2b 67 f7 9b 77 1c e1 f9 39 db 88 12 7e dc 30 2a f7 aa 17 df 22 9b 95 6c b5 77 3d b8 8d ba 49 5f 18 e7 ff 37 b7 51 39 69 3f ef e6 bb 09 9e 56 9f 4b cb cf 0b e5 3c 1e b7 3a cd db bb a8 95 37 12 de ce 17 12 54 3a 3a e4 86 29 4d e5 3e 46 9b 14 5f 5c 7d 18 fa 13 0f 02 d4 c1 f3 73 f2 3e 92 7e 47 7d 32 41 9e 4d 2f cc af 53 f7 35 b5 51 0c ba a1 99 0d d0 31 7b ef 92 f5 de ec 6c be 7b da 3b 0b 23 fc 48 65 64 ba 2f bd 42 2b 97 04 4f d5 db 0a 4d 52 e7 c1 4e 95 1f 36 83 5d 4c 49 a0 ec 06 bb 26 e8 6b f0 cb 80 29 47 c1 b1 09 ba 0b 8e ff 60 ca 45 70 62 1e 5a c1 6f 26 Data Ascii: j,4Y<6tB7U[[JuSOYS\9)JE+gw9~0*"lw=I_7Q9i?VK<:7T::)M>F_\}s>~G}2AM/S5Q1{l{;#Hed/B+OMRN6]LI&k)G`EpbZo&
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 93 3a 40 96 92 a8 db ea 67 d8 7c 34 7a 8f 70 01 98 72 f9 a7 fe 00 60 51 ae 50 28 34 75 cd 2b 83 9b 56 cb 61 76 9b 8d 97 cd 66 3f 5a 5e 34 76 03 0b c9 be bc 98 a5 58 2b b5 3c 13 f4 62 9c d1 42 e6 90 2e 54 fb 85 61 63 29 09 00 b6 00 f2 c8 03 35 b9 eb 34 b1 cc 9f ff 57 61 fe 3a 60 db ec 32 95 06 c1 2e 8a 92 a4 66 52 98 6d 24 c4 02 36 94 c1 b8 13 15 22 03 90 5c 70 19 4c 79 32 57 4d a0 97 ad 4a 26 1b 60 18 8a 34 9a 53 5e 1f 90 e5 f2 0f 88 f5 07 c4 fa 0f 21 d6 ff 32 83 06 eb 18 80 31 af a9 fe 1f 3d ed 07 98 ff 8f c1 fc ff b2 3a 98 01 85 71 a8 7d 3f ea 5c 29 f6 4a cf 64 fa 8e e3 fb d6 ee b6 e2 6f ca 69 de 26 f1 5e 77 e2 8b 66 47 79 cd db ba c3 ab 05 bf 38 e9 f2 9e 0c 20 ea 4e 0c 75 8d 9d 0b 8e 26 48 b3 41 90 0b e7 e7 3b bb 47 35 82 82 ce 01 03 55 4f f6 8e 1b e7 Data Ascii: :@g\|4zpr`QP(4u+Vavf?Z^4vX+<bB.Tac)54Wa:`2.fRm$6"\pLy2WMJ&`4S^!21=:q}?\)Jdoi&^wfGy8 Nu&HA;G5UO
2024-10-24 09:43:08 UTC	334	IN	Data Raw: f2 40 d6 8c ab a5 a7 0f 6e 9a fd fa b7 2e b4 0e 36 90 92 47 f1 d2 44 0f 16 5c 0b 4e bc 66 99 f8 a6 e8 a6 9a b7 c6 b7 06 e2 22 4c 94 89 b2 ea b4 d2 0b 25 95 af d1 63 1f 5a 01 c3 d8 27 c0 f9 91 72 46 ea 3a 0e 8b 18 63 3d f8 f2 b5 75 27 3b 26 8f 3f 93 eb 5e d8 3e 8d d9 f1 e5 4d 17 13 cd 65 67 00 5f 58 ac 44 35 bd 92 4c 63 ec e0 71 46 ee 48 34 ce 91 ab 9d 5c 13 16 cd 4e ae 9f 37 7e 58 6f 73 f0 4c 76 d1 ac 4f 4b 13 a6 42 df 4a 7b d1 5c 35 91 ab 7e d8 5d 6f be 53 5f e2 f5 a6 cb 55 14 f6 4f 9b 26 57 3d 97 2b eb df 8f 89 69 b4 c2 76 dc 72 3b 43 78 19 99 28 b0 38 86 ad 91 d7 8f 06 fc d8 4d f8 81 3f fd 73 fc e9 c7 9a f8 c7 9a f8 3f 75 ee c4 ad 89 cf 7d 43 50 9c 4d d5 01 3e d6 99 00 ab a0 5e 1b da 9c dc 09 de c5 aa fc c9 21 5e 94 3f 30 ce 5c 0c 7d 1e 94 f3 98 22 a2 Data Ascii: @n.6GD\Nf"L%cZ'rF:c=u';&?^>Meg_XD5LcqFH4\N7~XosLvOKBJ{\5~]oS_UO&W=+ivr;Cx(8M?s?u}CPM>^!^?0\}"
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 30 35 30 30 30 0d 0a 17 9c c9 c2 9e f4 16 f1 bb 7e f5 3c bd a8 f5 e8 0c d8 f9 ff fd d7 c6 3c f9 4c 14 fa 38 3f 94 e4 20 2c 9f 2e 21 4d bc 5a 4f d8 80 c9 45 ca 19 66 f3 54 5f e4 f3 87 fa c2 cc 0a 13 1b 8e 96 c6 53 31 55 15 71 fe 2c 1c 43 6e f3 c2 27 f0 d6 ba 75 97 14 9d 6a b0 2b dc 0d 78 24 23 1f 6f 74 f6 cf 66 65 36 a6 f3 1a 96 eb bf b3 30 25 5c 11 fb 83 8b 3e 9f 06 21 10 f8 7d 71 a3 27 fb 6d f9 57 c1 e0 1f 1b 2f 3f 26 be 7f 3c f1 59 b3 b8 61 0c 57 35 2f 19 27 61 92 76 d1 5e 81 ba e8 25 8e 0e 46 85 0b f4 62 58 9b b2 50 3e 34 7a 49 3c ae 78 e9 c9 6b d3 f8 82 d6 ac 38 7a 49 27 df 98 32 00 fc 21 32 1c 51 d9 b6 62 a0 5e b0 2f 99 33 69 f6 bf 86 30 bd 69 4b 87 40 12 da ee 01 3e c2 61 7c 3e ad fd 17 10 8f 37 25 43 89 bb 07 71 dd a6 26 6b 70 12 51 c0 41 c2 ae 6c Data Ascii: 05000~<<L8? ,.!MZOEfT_S1Uq,Cn'uj+x$#otfe60%\>!}q'mW/?&<YaW5/'av^%FbXP>4zI<xk8zI'2!2Qb^/3i0iK@>a\|>7%Cq&kpQAl
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 01 7b 95 cc de 78 f9 99 03 1f ea e3 0a 97 b3 dc d9 00 08 01 fd 31 e0 06 44 18 ff 0d 4c 4b e1 d5 3c bc bc 50 5f be 40 7f 2b af ae 96 d0 21 ef e8 71 6d 79 71 85 7a 10 3a 30 7a f8 1a b5 16 a8 25 74 71 af 4b 32 66 49 b1 13 f6 5e c5 55 13 e8 38 84 c0 e0 fa 16 f4 0e 02 8a f5 5e 2d 5a d7 3e f5 0a cd 56 0b d0 26 f9 4b e4 83 d3 33 72 f2 86 71 0c 8a 5c 0e 85 65 12 20 17 f7 ba 7b 55 7b c0 b5 4f 4c f6 00 53 95 4a 32 c9 b8 ec 15 b0 e5 89 17 b9 b8 08 d5 8a 7e 8d f7 f5 2e 4e b7 c3 f5 84 ed 6e 77 2e 58 35 83 82 16 b9 9c 2f 30 21 97 0d c9 24 19 9c 30 d9 a3 f1 9c 92 ac 29 0e 5f 08 c4 dc 5d ae 50 f4 5f 3e 2f 47 b7 d5 54 d0 1d 13 f8 8c 64 03 b8 da e0 6a 28 40 4b 15 94 13 b8 29 54 d2 f5 63 25 db bc 80 11 89 9b ad b2 2f ae c6 c8 ed 8a cc 64 b3 0a b5 1e 16 b2 76 09 4c 95 cb f1 Data Ascii: {x1DLK<P_@+!qmyqz:0z%tqK2fI^U8^-Z>V&K3rq\e {U{OLSJ2~.Nnw.X5/0!$0)_]P_>/GTdj(@K)Tc%/dvL
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: f3 f3 1d 1c a8 05 0b 2d bd d2 1c 58 80 55 70 dd d5 7c 0b 8b 2a 29 1e 98 6f f1 6c f2 3c df 12 b3 e7 c9 2c d1 ee 74 71 76 1b 40 58 e5 22 e0 fb 83 2b 83 d9 bb c0 ac 20 2a 17 b3 b7 01 65 a5 32 08 1e f0 ff b1 72 41 fa 69 79 65 6d 6d e5 bb fa 88 3f 2e 0c 4a e1 46 bb 59 a3 f1 cd c7 5c 61 6c f9 51 1b 6f 61 17 97 ee dd 6d 90 15 4b 03 93 7a 25 10 8b bf 9d e2 98 91 a8 7a 14 9b dd 34 94 a4 91 d0 4b be 75 a3 de b6 9c c8 86 f9 a9 07 b0 a1 a8 e5 e8 8b a5 d8 30 b1 4d 91 3d 5e ca fe ed ec 19 30 67 a8 42 8c f9 e2 2a c4 98 30 ae 0f 63 8c 69 9f 36 bd 53 2d d9 fd 66 72 53 c0 ca 4e 11 94 b9 5e 1e 2e f3 e8 f0 b4 1e e2 f6 ce 07 1e 8f e9 11 73 b8 b2 8c 99 68 35 24 1d 9b 96 fc 9a 04 f5 39 b4 ba be a2 83 c9 ea be a7 5d 07 77 d5 be 04 0c 33 4d 2a bf 55 84 70 33 d2 ea cf 44 1b b4 e6 Data Ascii: -XUp\|)ol<,tqv@X"+ e2rAiyemm?.JFY\alQoamKz%z4Ku0M=^0gB0ci6S-frSN^.sh5$9]w3MUp3D
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: 54 be 02 72 06 db 99 8c d5 1e 82 2f c3 2c 1c b2 b2 68 b8 2c 76 2f ef ee b0 77 6c cc e0 7e 16 ad 92 bd 97 65 74 16 8b e2 ac 81 2f b3 58 fe 66 2d 52 8a 5d 30 46 00 47 20 7e ff e8 af 40 fc b8 97 3c 3b 97 9d 6d 05 e6 ef 25 20 7c 06 f2 b1 1d e9 60 fc 4e 70 da 3f a3 0b 2a bf 4f a2 c8 1a 95 79 85 5a 81 e9 db 8b 70 6d 00 ca 77 43 79 a6 87 7b d4 c7 15 cc 35 43 de 52 ae 7d 58 81 d9 e0 5b 98 bd e5 87 07 e1 32 e4 47 e5 fa 8c 6f d9 60 ad b2 1d 66 e9 ab 36 78 da 14 3e 09 a8 85 a7 57 d8 62 ba 0f b6 82 6f 01 b6 70 83 ed 60 f3 0c 7a 07 77 e5 4f d1 3b 3d da 40 17 33 82 f3 46 a9 72 53 77 0b b5 c3 c0 66 57 48 f7 4b 86 c4 69 0a ad 51 0b e8 33 3c 8f bc a8 ef 33 11 2a 22 68 c2 a1 f1 1b bf 41 c3 04 d4 0f 84 ff cf df 03 3a dd 7e 48 97 80 9a 9d 2f ea 62 dd 42 7d 3f 30 b5 e6 65 61 Data Ascii: Tr/,h,v/wl~et/Xf-R]0FG ~@<;m% \|`Np?OyZpmwCy{5CR}X[2Go`f6x>Wbop`zwO;=@3FrSwfWHKiQ3<3"hA:~H/bB}?0ea
2024-10-24 09:43:08 UTC	1408	IN	Data Raw: cd 36 32 c0 5f 7c b8 d0 69 3e 55 d2 7f 0e a2 de 63 03 fa 90 af f0 c7 77 c2 8c 1a e2 a5 fa 08 77 d0 a5 50 8f cc 49 87 f0 56 f4 55 8a c9 96 8c 9c 2c be 93 24 da 46 3d 23 a1 75 86 ec 39 d6 3b 6c 16 bd a6 77 8c 7e 60 bd 23 4e 9e a4 77 64 6b 86 8c 2b 01 fb 48 ef c8 d6 0c e9 1d 51 57 6c 5c ad ad ac c0 76 22 bd 43 ce ca d0 3a 4f 3c 1b 9a e5 a3 d9 bc 94 b5 a4 ec 5f ea ca 92 b6 30 cd b3 e7 f2 08 17 67 81 62 59 eb 98 b2 43 d7 01 3c e6 59 90 9c 93 a1 ef f0 aa a3 11 16 5c 84 83 6f 62 6c d2 bd c6 b2 31 d3 87 16 a2 68 66 fe 86 ca c1 66 f5 dd a0 8a 3b cc 3a 64 25 63 0f 07 06 1d 40 ea 16 ee dd 02 c4 0f 7d 03 5f 1e f2 84 56 25 75 03 42 bb bf 43 be 39 18 b1 17 f0 ae dd 72 de 27 f7 1b c5 ca 3d 96 7e 17 70 ae 7d 70 e4 6f 20 7f c3 38 1b e3 8c 72 b5 71 95 c3 36 de 16 f6 ee f0 Data Ascii: 62_\|i>UcwwPIVU,$F=#u9;lw~`#Nwdk+HQWl\v"C:O<_0gbYC<Y\obl1hff;:d%c@}_V%uBC9r'=~p}po 8rq6
2024-10-24 09:43:09 UTC	1408	IN	Data Raw: 37 e6 48 8e 26 8a bb 7a 4d a2 c3 86 2a 7f 75 1d 61 e4 d3 c0 f6 16 67 06 78 33 2c 57 0f 0d a2 45 a9 ab 71 6a da 54 8d 93 35 a3 88 0a 90 ae e1 da 36 ad 3d ae 76 fd b6 87 1f 2f 76 7b a9 fd 91 6b b6 67 70 49 f5 6d 78 b7 51 45 08 f6 6f e9 67 ca 61 18 8d c4 f5 7b 47 b0 10 22 ec 63 55 79 3b 25 52 e6 c2 ba 2a 46 ec a1 08 b7 3a 32 e8 af e5 58 1f 6a 05 02 cc e6 fa 15 a8 23 7b 9a 7c 53 92 28 05 3e e7 87 6c 18 c7 39 1f af ea 41 2f 99 de 0a 9b ca af 39 98 20 52 6f 15 78 8b 9f ba e6 c2 ed 20 02 a2 8a 70 1f 0a be 82 b7 0e 1c a3 fd 33 45 e4 1a 20 9c 57 50 14 73 57 80 62 49 41 e1 6c 8b 67 47 7a f9 00 f4 e5 8d 99 0a 76 ad 0c 22 56 b9 e5 0d 34 37 56 b0 46 1e 3b 32 2a df b0 6e c6 dd 5d 66 ff b7 86 61 32 84 87 61 0d ac 34 b1 2f df da 63 a9 3b 74 a5 c6 79 b8 49 77 e8 ed e2 a8 Data Ascii: 7H&zMuagx3,WEqjT56=v/v{kgpImxQEoga{G"cUy;%RF:2Xj#{\|S(>l9A/9 Rox p3E WPsWbIAlgGzv"V47VF;2*n]fa2a4/c;tyIw

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.16	49762	142.250.138.190	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	545	OUT	GET /iframe_api?version=3 HTTP/1.1 Host: www.youtube.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:09 UTC	2194	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 X-Content-Type-Options: nosniff Expires: Thu, 24 Oct 2024 09:43:09 GMT Date: Thu, 24 Oct 2024 09:43:09 GMT Cache-Control: private, max-age=0 Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main" Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Cross-Origin-Resource-Policy: cross-origin Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 Content-Security-Policy: require-trusted-types-for 'script' Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info." Server: ESF X-XSS-Protection: 0 Set-Cookie: YSC=VTtyuWaPQ7k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Set-Cookie: VISITOR_INFO1_LIVE=YvhIzuON6oo; Domain=.youtube.com; Expires=Tue, 22-Apr-2025 09:43:09 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Set-Cookie: VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgJw%3D%3D; Domain=.youtube.com; Expires=Tue, 22-Apr-2025 09:43:09 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:09 UTC	1000	IN	Data Raw: 33 65 31 0d 0a 76 61 72 20 73 63 72 69 70 74 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 5c 2f 73 5c 2f 70 6c 61 79 65 72 5c 2f 61 36 32 64 38 33 36 64 5c 2f 77 77 77 2d 77 69 64 67 65 74 61 70 69 2e 76 66 6c 73 65 74 5c 2f 77 77 77 2d 77 69 64 67 65 74 61 70 69 2e 6a 73 27 3b 74 72 79 7b 76 61 72 20 74 74 50 6f 6c 69 63 79 3d 77 69 6e 64 6f 77 2e 74 72 75 73 74 65 64 54 79 70 65 73 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 79 6f 75 74 75 62 65 2d 77 69 64 67 65 74 2d 61 70 69 22 2c 7b 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 78 29 7b 72 65 74 75 72 6e 20 78 7d 7d 29 3b 73 63 72 69 70 74 55 72 6c 3d 74 74 50 6f 6c 69 63 79 2e 63 72 65 61 74 65 53 63 72 69 70 74 55 52 Data Ascii: 3e1var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/a62d836d\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptUR
2024-10-24 09:43:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.16	49763	142.250.115.94	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:08 UTC	538	OUT	GET /recaptcha/api.js?render=explicit HTTP/1.1 Host: www.recaptcha.net Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:09 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Thu, 24 Oct 2024 09:43:09 GMT Date: Thu, 24 Oct 2024 09:43:09 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:09 UTC	629	IN	Data Raw: 36 64 36 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 72 Data Ascii: 6d6/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.r
2024-10-24 09:43:09 UTC	1128	IN	Data Raw: 66 51 41 4c 2b 67 47 56 58 55 2b 66 39 49 51 63 41 41 41 43 54 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 33 4a 6c 59 32 46 77 64 47 4e 6f 59 53 35 75 5a 58 51 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 29 7b 76 2e 63 6f Data Ascii: fQAL+gGVXU+f9IQcAAACTeyJvcmlnaW4iOiJodHRwczovL3JlY2FwdGNoYS5uZXQ6NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.co
2024-10-24 09:43:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.16	49764	142.251.116.97	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:09 UTC	534	OUT	GET /gtm.js?id=GTM-KFBGZNL HTTP/1.1 Host: www.googletagmanager.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:09 UTC	1049	IN	HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control Vary: Accept-Encoding Date: Thu, 24 Oct 2024 09:43:09 GMT Expires: Thu, 24 Oct 2024 09:43:09 GMT Cache-Control: private, max-age=900 Last-Modified: Thu, 24 Oct 2024 09:00:00 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} Server: Google Tag Manager X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:09 UTC	329	IN	Data Raw: 38 30 30 30 0d 0a 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 32 20 47 6f 6f 67 6c 65 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 20 0a 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 67 29 7b 77 5b 67 5d 3d 77 5b 67 5d 7c 7c 7b 7d 3b 0a 20 77 5b 67 5d 2e 65 3d 66 75 6e 63 74 69 6f 6e 28 73 29 7b 72 65 74 75 72 6e 20 65 76 61 6c 28 73 29 3b 7d 3b 7d 29 28 77 69 6e 64 6f 77 2c 27 67 6f 6f 67 6c 65 5f 74 61 67 5f 6d 61 6e 61 67 65 72 27 29 3b 0a 20 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 0a 76 61 72 20 64 61 74 61 20 3d 20 7b 0a 22 72 65 73 6f 75 72 63 65 22 3a 20 7b 0a 20 20 22 76 65 72 73 69 6f 6e 22 3a 22 35 34 22 2c 0a 20 20 0a 20 20 22 6d 61 63 72 6f 73 22 3a 5b 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 75 22 2c Data Ascii: 8000// Copyright 2012 Google Inc. All rights reserved. (function(w,g){w[g]=w[g]\|\|{}; w[g].e=function(s){return eval(s);};})(window,'google_tag_manager'); (function(){var data = {"resource": { "version":"54", "macros":[{"function":"__u",
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 6d 70 74 79 51 75 65 72 79 50 61 72 61 6d 22 3a 66 61 6c 73 65 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 65 22 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 72 65 6d 6d 22 2c 22 76 74 70 5f 73 65 74 44 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 69 6e 70 75 74 22 3a 5b 22 6d 61 63 72 6f 22 2c 30 5d 2c 22 76 74 70 5f 66 75 6c 6c 4d 61 74 63 68 22 3a 74 72 75 65 2c 22 76 74 70 5f 72 65 70 6c 61 63 65 41 66 74 65 72 4d 61 74 63 68 22 3a 74 72 75 65 2c 22 76 74 70 5f 69 67 6e 6f 72 65 43 61 73 65 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 61 70 22 3a 5b 22 6c 69 73 74 22 2c 5b 22 6d 61 70 22 2c 22 6b 65 79 22 2c 22 5c 2f 67 75 69 5c 2f 73 65 61 72 63 68 5c 2f 28 5b 5e 5c 5c 5c 2f 5d 2a 29 5c 2f 66 69 6c 65 73 22 2c 22 76 Data Ascii: mptyQueryParam":false},{"function":"__e"},{"function":"__remm","vtp_setDefaultValue":false,"vtp_input":["macro",0],"vtp_fullMatch":true,"vtp_replaceAfterMatch":true,"vtp_ignoreCase":true,"vtp_map":["list",["map","key","\/gui\/search\/([^\\\/]*)\/files","v
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 72 56 65 72 73 69 6f 6e 22 3a 32 2c 22 76 74 70 5f 73 65 74 44 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 63 75 73 74 6f 6d 5f 65 76 65 6e 74 2e 65 6c 65 6d 65 6e 74 22 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 76 22 2c 22 76 74 70 5f 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 32 2c 22 76 74 70 5f 73 65 74 44 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 61 63 74 69 6f 6e 22 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 76 22 2c 22 76 74 70 5f 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 32 2c 22 76 74 70 5f 73 65 74 44 65 66 61 75 6c 74 56 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 6d 65 74 61 64 Data Ascii: rVersion":2,"vtp_setDefaultValue":false,"vtp_name":"custom_event.element"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"action"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"metad
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 31 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 76 22 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 67 74 6d 2e 65 6c 65 6d 65 6e 74 49 64 22 2c 22 76 74 70 5f 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 31 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 76 22 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 67 74 6d 2e 65 6c 65 6d 65 6e 74 54 61 72 67 65 74 22 2c 22 76 74 70 5f 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 31 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 76 22 2c 22 76 74 70 5f 6e 61 6d 65 22 3a 22 67 74 6d 2e 65 6c 65 6d 65 6e 74 55 72 6c 22 2c 22 76 74 70 5f 64 61 74 61 4c 61 79 65 72 56 65 72 73 69 6f 6e 22 3a 31 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 61 Data Ascii: dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.elementId","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.elementTarget","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.elementUrl","vtp_dataLayerVersion":1},{"function":"__a
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 70 5f 65 6e 61 62 6c 65 55 73 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 36 38 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 5f 70 65 72 5f 65 76 65 6e 74 22 3a 74 72 75 65 2c 22 76 74 70 5f 73 65 6e 64 45 63 6f 6d 6d 65 72 63 65 44 61 74 61 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 65 76 65 6e 74 4e 61 6d 65 22 3a 22 53 65 Data Ascii: p_enableUserProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":68},{"function":"__gaawe","metadata":["map"],"once_per_event":true,"vtp_sendEcommerceData":false,"vtp_eventName":"Se
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 32 4a 52 22 2c 22 76 74 70 5f 65 6e 61 62 6c 65 55 73 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 38 32 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 5f 70 65 72 5f 65 76 65 6e 74 22 3a 74 72 75 65 2c 22 76 74 70 5f 73 65 6e 64 45 63 6f 6d 6d 65 72 63 65 44 61 74 61 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 65 6e 68 61 6e 63 Data Ascii: 2JR","vtp_enableUserProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":82},{"function":"__gaawe","metadata":["map"],"once_per_event":true,"vtp_sendEcommerceData":false,"vtp_enhanc
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 2c 22 76 74 70 5f 6d 65 61 73 75 72 65 6d 65 6e 74 49 64 4f 76 65 72 72 69 64 65 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 76 74 70 5f 65 6e 61 62 6c 65 55 73 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 31 30 30 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 5f 70 65 72 5f 65 76 65 6e 74 22 3a 74 72 75 65 2c 22 Data Ascii: ,"vtp_measurementIdOverride":"G-BLNDV9X2JR","vtp_enableUserProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":100},{"function":"__gaawe","metadata":["map"],"once_per_event":true,"
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 20 4d 65 6e 75 20 2d 20 4f 70 65 6e 20 4d 65 6e 75 22 2c 22 76 74 70 5f 6d 65 61 73 75 72 65 6d 65 6e 74 49 64 4f 76 65 72 72 69 64 65 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 76 74 70 5f 65 6e 61 62 6c 65 55 73 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 31 30 39 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 Data Ascii: Menu - Open Menu","vtp_measurementIdOverride":"G-BLNDV9X2JR","vtp_enableUserProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":109},{"function":"__gaawe","metadata":["map"],"once
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 31 32 31 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 5f 70 65 72 5f 65 76 65 6e 74 22 3a 74 72 75 65 2c 22 76 74 70 5f 73 65 6e 64 45 63 6f 6d 6d 65 72 63 65 44 61 74 61 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 65 6e 68 61 6e 63 65 64 55 73 65 72 49 64 22 3a 66 61 6c 73 65 2c 22 Data Ascii: erProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":121},{"function":"__gaawe","metadata":["map"],"once_per_event":true,"vtp_sendEcommerceData":false,"vtp_enhancedUserId":false,"
2024-10-24 09:43:09 UTC	1378	IN	Data Raw: 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 76 74 70 5f 65 6e 61 62 6c 65 55 73 65 72 50 72 6f 70 65 72 74 69 65 73 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 4d 6f 72 65 53 65 74 74 69 6e 67 73 4f 70 74 69 6f 6e 22 3a 74 72 75 65 2c 22 76 74 70 5f 65 6e 61 62 6c 65 45 75 69 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 6d 69 67 72 61 74 65 64 54 6f 56 32 22 3a 74 72 75 65 2c 22 76 74 70 5f 64 65 6d 6f 56 32 22 3a 66 61 6c 73 65 2c 22 74 61 67 5f 69 64 22 3a 31 34 33 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 61 61 77 65 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 6d 61 70 22 5d 2c 22 6f 6e 63 65 5f 70 65 72 5f 65 76 65 6e 74 22 3a 74 72 75 65 2c 22 76 74 70 5f 73 65 6e 64 45 63 6f 6d 6d 65 72 63 65 44 61 74 61 22 3a 66 61 6c 73 65 2c Data Ascii: "G-BLNDV9X2JR","vtp_enableUserProperties":true,"vtp_enableMoreSettingsOption":true,"vtp_enableEuid":true,"vtp_migratedToV2":true,"vtp_demoV2":false,"tag_id":143},{"function":"__gaawe","metadata":["map"],"once_per_event":true,"vtp_sendEcommerceData":false,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.16	49766	142.251.116.100	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:09 UTC	689	OUT	GET /log?format=json&hasfast=true HTTP/1.1 Host: play.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: AEC=AVYB7cpccTh9qwqFyj4nX8TIScimqkA-LIWOz92B_7kSK-horAARNCQ5jw; NID=518=awiY7bKL_vMa6OhaQE7bbd-jbde9_9xRh3ibyX-vE6QW3xQO33L78F5wTCDqWHd5MO55e04TCTNIGO0HYApClE4MyUauVl1nDvFUGnlwrIS_nrWksx4CN8d_XeXfhNHPHVp1hg37BH3njVCsdzrr4Fk6lG1UvcQR-O0G1Co9P_Cgl3Rr7ssmkum7hP0u8-Vlhgs7xfC1E74
2024-10-24 09:43:09 UTC	270	IN	HTTP/1.1 400 Bad Request Date: Thu, 24 Oct 2024 09:43:09 GMT Content-Type: text/html; charset=UTF-8 Server: Playlog Content-Length: 1555 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-24 09:43:09 UTC	1108	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-
2024-10-24 09:43:09 UTC	447	IN	Data Raw: 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 30 30 25 20 31 30 30 25 7d 7d 23 6c 6f 67 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 35 34 70 78 3b 77 69 64 74 68 3a 31 35 30 70 78 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 61 20 68 72 65 66 3d 2f 2f 77 77 77 2e 67 6f 6f 67 6c Data Ascii: -min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </style> <a href=//www.googl

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.16	49767	142.250.138.190	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:09 UTC	396	OUT	GET /iframe_api?version=3 HTTP/1.1 Host: www.youtube.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:10 UTC	2574	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 X-Content-Type-Options: nosniff Expires: Thu, 24 Oct 2024 09:43:09 GMT Date: Thu, 24 Oct 2024 09:43:09 GMT Cache-Control: private, max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy-Report-Only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-gUmzCssGqvUmt7mByzFI4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline' Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factors=, ch-ua-platform=, ch-ua-platform-version=* Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main" Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 Content-Security-Policy: require-trusted-types-for 'script' P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info." Server: ESF X-XSS-Protection: 0 Set-Cookie: YSC=s2YlTNikP9c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Set-Cookie: VISITOR_INFO1_LIVE=vx_TtRIVL4Q; Domain=.youtube.com; Expires=Tue, 22-Apr-2025 09:43:09 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Set-Cookie: VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgYw%3D%3D; Domain=.youtube.com; Expires=Tue, 22-Apr-2025 09:43:09 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:10 UTC	1000	IN	Data Raw: 33 65 31 0d 0a 76 61 72 20 73 63 72 69 70 74 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 5c 2f 73 5c 2f 70 6c 61 79 65 72 5c 2f 61 36 32 64 38 33 36 64 5c 2f 77 77 77 2d 77 69 64 67 65 74 61 70 69 2e 76 66 6c 73 65 74 5c 2f 77 77 77 2d 77 69 64 67 65 74 61 70 69 2e 6a 73 27 3b 74 72 79 7b 76 61 72 20 74 74 50 6f 6c 69 63 79 3d 77 69 6e 64 6f 77 2e 74 72 75 73 74 65 64 54 79 70 65 73 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 79 6f 75 74 75 62 65 2d 77 69 64 67 65 74 2d 61 70 69 22 2c 7b 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 78 29 7b 72 65 74 75 72 6e 20 78 7d 7d 29 3b 73 63 72 69 70 74 55 72 6c 3d 74 74 50 6f 6c 69 63 79 2e 63 72 65 61 74 65 53 63 72 69 70 74 55 52 Data Ascii: 3e1var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/a62d836d\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptUR
2024-10-24 09:43:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.16	49768	142.250.115.94	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:09 UTC	385	OUT	GET /recaptcha/api.js?render=explicit HTTP/1.1 Host: www.recaptcha.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:10 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Thu, 24 Oct 2024 09:43:09 GMT Date: Thu, 24 Oct 2024 09:43:09 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:10 UTC	629	IN	Data Raw: 36 64 36 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 72 Data Ascii: 6d6/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.r
2024-10-24 09:43:10 UTC	1128	IN	Data Raw: 66 51 41 4c 2b 67 47 56 58 55 2b 66 39 49 51 63 41 41 41 43 54 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 33 4a 6c 59 32 46 77 64 47 4e 6f 59 53 35 75 5a 58 51 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 6f 6e 4c 61 62 65 6c 29 7b 76 2e 63 6f Data Ascii: fQAL+gGVXU+f9IQcAAACTeyJvcmlnaW4iOiJodHRwczovL3JlY2FwdGNoYS5uZXQ6NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.co
2024-10-24 09:43:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.16	49770	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	386	OUT	GET /gui/main.1e3f41455405da971270.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:10 UTC	349	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 105adf166857d74a4a6cd9733d9eeb78 Content-Encoding: gzip Server: Google Frontend Date: Wed, 23 Oct 2024 11:18:07 GMT Expires: Thu, 23 Oct 2025 11:18:07 GMT Cache-Control: public, max-age=31536000 ETag: "gp--tA" Content-Type: text/javascript Age: 80703 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:10 UTC	1059	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff ec bd 6d 5b 1b b9 b2 36 fa 7d ff 0a c7 3b 87 cb 1e 1a 63 9b 77 93 0e db 80 49 98 01 cc 60 48 26 c3 62 b3 0c 6e c0 13 e3 66 ec 36 81 01 fe fb 73 57 a9 4a 52 fb 8d cc 9c 67 9d f3 25 d7 95 98 ee 52 a9 f4 5e 2a dd 2a a9 73 b9 7c f8 fe e9 be d9 cb 9c 9f 7f 8b 2e ee 9a 97 5f cf 6f e3 d6 a0 13 f5 cf cf c3 a7 72 b9 b4 bc 56 c9 45 41 12 f4 88 31 3b e8 47 99 7e d2 6b 5f 26 d9 f5 ab 41 f7 32 69 c7 dd 4c 97 18 f2 4f bd 28 19 f4 ba 19 25 e7 a2 fc 53 fb 2a 57 ed f5 9a 8f 85 76 9f ff 82 96 17 b6 e8 e5 bf e6 7f fa e9 bf 32 3f 65 fe a7 d3 be 8c ba fd 88 9e b7 e2 bb c7 5e fb fa 26 c9 94 8b a5 95 cc 87 38 be ee 44 99 bd bd 2d 04 52 f8 9e 61 6d 65 06 dd 56 Data Ascii: 00000001000000010ffem[6};cwI`H&bnf6sWJRg%R^*s\|._orVEA1;G~k_&A2iLO(%SWv2?e^&8D-RameV
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: 7e dc 30 2a f7 aa 17 df 22 9b 95 6c b5 77 3d b8 8d ba 49 5f 18 e7 ff 37 b7 51 39 69 3f ef e6 bb 09 9e 56 9f 4b cb cf 0b e5 3c 1e b7 3a cd db bb a8 95 37 12 de ce 17 12 54 3a 3a e4 86 29 4d e5 3e 46 9b 14 5f 5c 7d 18 fa 13 0f 02 d4 c1 f3 73 f2 3e 92 7e 47 7d 32 41 9e 4d 2f cc af 53 f7 35 b5 51 0c ba a1 99 0d d0 31 7b ef 92 f5 de ec 6c be 7b da 3b 0b 23 fc 48 65 64 ba 2f bd 42 2b 97 04 4f d5 db 0a 4d 52 e7 c1 4e 95 1f 36 83 5d 4c 49 a0 ec 06 bb 26 e8 6b f0 cb 80 29 47 c1 b1 09 ba 0b 8e ff 60 ca 45 70 62 1e 5a c1 6f 26 fa 6d f0 fb af 1c 74 15 5c 6c f3 c3 db e0 f2 0b 3f 5c 07 d1 6f fc f0 18 5c f3 df ed e0 e6 8e 1f ea c1 1f bf f3 c3 4d d0 39 e6 87 6f 41 e7 13 3f 6c 05 fd 1e 3f dc 07 89 91 d7 08 4c 6e 2e 83 bf 3e 73 c8 c3 4b 7e 9d 1b 33 d3 0c b5 2b 51 07 32 b4 Data Ascii: ~0*"lw=I_7Q9i?VK<:7T::)M>F_\}s>~G}2AM/S5Q1{l{;#Hed/B+OMRN6]LI&k)G`EpbZo&mt\l?\o\M9oA?l?Ln.>sK~3+Q2
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: b9 eb 34 b1 cc 9f ff 57 61 fe 3a 60 db ec 32 95 06 c1 2e 8a 92 a4 66 52 98 6d 24 c4 02 36 94 c1 b8 13 15 22 03 90 5c 70 19 4c 79 32 57 4d a0 97 ad 4a 26 1b 60 18 8a 34 9a 53 5e 1f 90 e5 f2 0f 88 f5 07 c4 fa 0f 21 d6 ff 32 83 06 eb 18 80 31 af a9 fe 1f 3d ed 07 98 ff 8f c1 fc ff b2 3a 98 01 85 71 a8 7d 3f ea 5c 29 f6 4a cf 64 fa 8e e3 fb d6 ee b6 e2 6f ca 69 de 26 f1 5e 77 e2 8b 66 47 79 cd db ba c3 ab 05 bf 38 e9 f2 9e 0c 20 ea 4e 0c 75 8d 9d 0b 8e 26 48 b3 41 90 0b e7 e7 3b bb 47 35 82 82 ce 01 03 55 4f f6 8e 1b e7 e7 58 f1 f3 f6 9b 37 09 54 73 d8 b6 c8 31 35 5d 00 0b b5 dc f5 e2 4b 6c ac 3c 3f 1b 30 16 60 b1 50 30 0d dd 4b 5e 65 d1 10 f9 41 e3 b3 a0 93 58 b4 f1 73 a3 7e 50 00 ce d2 8f 30 71 29 d2 9b 7f 35 3b ad f8 92 c1 65 4d 99 e0 94 88 37 3c a2 50 c3 Data Ascii: 4Wa:`2.fRm$6"\pLy2WMJ&`4S^!21=:q}?\)Jdoi&^wfGy8 Nu&HA;G5UOX7Ts15]Kl<?0`P0K^eAXs~P0q)5;eM7<P
2024-10-24 09:43:10 UTC	253	IN	Data Raw: 3f 93 eb 5e d8 3e 8d d9 f1 e5 4d 17 13 cd 65 67 00 5f 58 ac 44 35 bd 92 4c 63 ec e0 71 46 ee 48 34 ce 91 ab 9d 5c 13 16 cd 4e ae 9f 37 7e 58 6f 73 f0 4c 76 d1 ac 4f 4b 13 a6 42 df 4a 7b d1 5c 35 91 ab 7e d8 5d 6f be 53 5f e2 f5 a6 cb 55 14 f6 4f 9b 26 57 3d 97 2b eb df 8f 89 69 b4 c2 76 dc 72 3b 43 78 19 99 28 b0 38 86 ad 91 d7 8f 06 fc d8 4d f8 81 3f fd 73 fc e9 c7 9a f8 c7 9a f8 3f 75 ee c4 ad 89 cf 7d 43 50 9c 4d d5 01 3e d6 99 00 ab a0 5e 1b da 9c dc 09 de c5 aa fc c9 21 5e 94 3f 30 ce 5c 0c 7d 1e 94 f3 98 22 a2 d3 e2 19 3b f2 95 ce d6 d3 5e b5 cd fc 46 b3 00 cd 5d c3 61 28 18 7e 04 83 1a 9f 51 e3 9c 70 72 b4 bb 85 33 4d 58 e6 c2 e7 bf 9d 9f cd 86 d9 d9 31 21 50 df b0 fe b0 53 c1 67 49 c6 30 4c 8e 8a b3 20 ea 7b 90 48 39 36 b2 33 d9 59 f5 0d 0a Data Ascii: ?^>Meg_XD5LcqFH4\N7~XosLvOKBJ{\5~]oS_UO&W=+ivr;Cx(8M?s?u}CPM>^!^?0\}";^F]a(~Qpr3MX1!PSgI0L {H963Y
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 17 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 30 30 30 30 30 30 31 0d 0a c2 0d 0a 30 30 30 30 34 66 66 63 0d 0a 9e f4 16 f1 bb 7e f5 3c bd a8 f5 e8 0c d8 f9 ff fd d7 c6 3c f9 4c 14 fa 38 3f 94 e4 20 2c 9f 2e 21 4d bc 5a 4f d8 80 c9 45 ca 19 66 f3 54 5f e4 f3 87 fa c2 cc 0a 13 1b 8e 96 c6 53 31 55 15 71 fe 2c 1c 43 6e f3 c2 27 f0 d6 ba 75 97 14 9d 6a b0 2b dc 0d 78 24 23 1f 6f 74 f6 cf 66 65 36 a6 f3 1a 96 eb bf b3 30 25 5c 11 fb 83 8b 3e 9f 06 21 10 f8 7d 71 a3 27 fb 6d f9 57 c1 e0 1f 1b 2f 3f 26 be 7f 3c f1 59 b3 b8 61 0c 57 35 2f 19 27 61 92 76 d1 5e 81 ba e8 25 8e 0e 46 85 0b f4 62 58 9b b2 50 3e 34 7a 49 3c ae 78 e9 c9 6b d3 f8 82 d6 ac 38 7a 49 27 df 98 32 00 fc 21 32 1c 51 d9 Data Ascii: 0000000100000001000000010000000100004ffc~<<L8? ,.!MZOEfT_S1Uq,Cn'uj+x$#otfe60%\>!}q'mW/?&<YaW5/'av^%FbXP>4zI<xk8zI'2!2Q
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: f8 b1 91 95 0f ac ac 04 37 4c e4 ee 6d 09 f9 4c 55 be f0 30 1b 92 03 05 d5 3a 95 31 b8 2f 3c 3a 0a 84 e5 2b d7 c8 cf 7d e1 81 22 76 24 e3 f9 00 25 bf 82 01 7b 95 cc de 78 f9 99 03 1f ea e3 0a 97 b3 dc d9 00 08 01 fd 31 e0 06 44 18 ff 0d 4c 4b e1 d5 3c bc bc 50 5f be 40 7f 2b af ae 96 d0 21 ef e8 71 6d 79 71 85 7a 10 3a 30 7a f8 1a b5 16 a8 25 74 71 af 4b 32 66 49 b1 13 f6 5e c5 55 13 e8 38 84 c0 e0 fa 16 f4 0e 02 8a f5 5e 2d 5a d7 3e f5 0a cd 56 0b d0 26 f9 4b e4 83 d3 33 72 f2 86 71 0c 8a 5c 0e 85 65 12 20 17 f7 ba 7b 55 7b c0 b5 4f 4c f6 00 53 95 4a 32 c9 b8 ec 15 b0 e5 89 17 b9 b8 08 d5 8a 7e 8d f7 f5 2e 4e b7 c3 f5 84 ed 6e 77 2e 58 35 83 82 16 b9 9c 2f 30 21 97 0d c9 24 19 9c 30 d9 a3 f1 9c 92 ac 29 0e 5f 08 c4 dc 5d ae 50 f4 5f 3e 2f 47 b7 d5 54 d0 Data Ascii: 7LmLU0:1/<:+}"v$%{x1DLK<P_@+!qmyqz:0z%tqK2fI^U8^-Z>V&K3rq\e {U{OLSJ2~.Nnw.X5/0!$0)_]P_>/GT
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: e1 d5 1e 8c 1a 73 86 22 5f b8 6f f7 07 cd ce a7 76 f4 ed 2e ee 25 b0 cb de 20 42 93 f4 2d 56 84 3d 3a da 4c a0 34 56 5c b9 2a 90 dd 8d 4b 29 82 59 99 e6 f3 f3 1d 1c a8 05 0b 2d bd d2 1c 58 80 55 70 dd d5 7c 0b 8b 2a 29 1e 98 6f f1 6c f2 3c df 12 b3 e7 c9 2c d1 ee 74 71 76 1b 40 58 e5 22 e0 fb 83 2b 83 d9 bb c0 ac 20 2a 17 b3 b7 01 65 a5 32 08 1e f0 ff b1 72 41 fa 69 79 65 6d 6d e5 bb fa 88 3f 2e 0c 4a e1 46 bb 59 a3 f1 cd c7 5c 61 6c f9 51 1b 6f 61 17 97 ee dd 6d 90 15 4b 03 93 7a 25 10 8b bf 9d e2 98 91 a8 7a 14 9b dd 34 94 a4 91 d0 4b be 75 a3 de b6 9c c8 86 f9 a9 07 b0 a1 a8 e5 e8 8b a5 d8 30 b1 4d 91 3d 5e ca fe ed ec 19 30 67 a8 42 8c f9 e2 2a c4 98 30 ae 0f 63 8c 69 9f 36 bd 53 2d d9 fd 66 72 53 c0 ca 4e 11 94 b9 5e 1e 2e f3 e8 f0 b4 1e e2 f6 ce 07 Data Ascii: s"_ov.% B-V=:L4V\K)Y-XUp\|)ol<,tqv@X"+ e2rAiyemm?.JFY\alQoamKz%z4Ku0M=^0gB0ci6S-frSN^.
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: cf bf 1f f4 cd d7 00 e2 e0 1e f3 3e d2 ba 0f 1e ae f8 e1 c2 f6 cd 2c d6 95 74 d2 db ee 48 b5 c3 2c 2f 32 b3 68 c5 2c ad 2c b3 f0 97 cc d2 00 c9 62 f3 e4 54 be 02 72 06 db 99 8c d5 1e 82 2f c3 2c 1c b2 b2 68 b8 2c 76 2f ef ee b0 77 6c cc e0 7e 16 ad 92 bd 97 65 74 16 8b e2 ac 81 2f b3 58 fe 66 2d 52 8a 5d 30 46 00 47 20 7e ff e8 af 40 fc b8 97 3c 3b 97 9d 6d 05 e6 ef 25 20 7c 06 f2 b1 1d e9 60 fc 4e 70 da 3f a3 0b 2a bf 4f a2 c8 1a 95 79 85 5a 81 e9 db 8b 70 6d 00 ca 77 43 79 a6 87 7b d4 c7 15 cc 35 43 de 52 ae 7d 58 81 d9 e0 5b 98 bd e5 87 07 e1 32 e4 47 e5 fa 8c 6f d9 60 ad b2 1d 66 e9 ab 36 78 da 14 3e 09 a8 85 a7 57 d8 62 ba 0f b6 82 6f 01 b6 70 83 ed 60 f3 0c 7a 07 77 e5 4f d1 3b 3d da 40 17 33 82 f3 46 a9 72 53 77 0b b5 c3 c0 66 57 48 f7 4b 86 c4 69 Data Ascii: >,tH,/2h,,bTr/,h,v/wl~et/Xf-R]0FG ~@<;m% \|`Np?*OyZpmwCy{5CR}X[2Go`f6x>Wbop`zwO;=@3FrSwfWHKi
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: 4a 0e e7 fc 61 83 9b 3e 14 9e cf ed 60 71 8a 01 f6 1d da dc f6 55 ed a7 69 df b3 ec 29 f9 32 cc 99 7a 9a 63 9d 78 96 85 47 15 ad 66 71 ab 10 e6 31 bd e8 cd 36 32 c0 5f 7c b8 d0 69 3e 55 d2 7f 0e a2 de 63 03 fa 90 af f0 c7 77 c2 8c 1a e2 a5 fa 08 77 d0 a5 50 8f cc 49 87 f0 56 f4 55 8a c9 96 8c 9c 2c be 93 24 da 46 3d 23 a1 75 86 ec 39 d6 3b 6c 16 bd a6 77 8c 7e 60 bd 23 4e 9e a4 77 64 6b 86 8c 2b 01 fb 48 ef c8 d6 0c e9 1d 51 57 6c 5c ad ad ac c0 76 22 bd 43 ce ca d0 3a 4f 3c 1b 9a e5 a3 d9 bc 94 b5 a4 ec 5f ea ca 92 b6 30 cd b3 e7 f2 08 17 67 81 62 59 eb 98 b2 43 d7 01 3c e6 59 90 9c 93 a1 ef f0 aa a3 11 16 5c 84 83 6f 62 6c d2 bd c6 b2 31 d3 87 16 a2 68 66 fe 86 ca c1 66 f5 dd a0 8a 3b cc 3a 64 25 63 0f 07 06 1d 40 ea 16 ee dd 02 c4 0f 7d 03 5f 1e f2 84 Data Ascii: Ja>`qUi)2zcxGfq162_\|i>UcwwPIVU,$F=#u9;lw~`#Nwdk+HQWl\v"C:O<_0gbYC<Y\obl1hff;:d%c@}_
2024-10-24 09:43:10 UTC	1408	IN	Data Raw: e0 3b 9f ce 24 64 6f 18 8d 10 e5 c1 78 59 f8 f3 77 f1 1e c2 a9 3c 6a ad 84 af 9a 11 f8 f1 94 b7 71 93 80 3c 9c cf 5e 20 8d d6 1b a7 0f 76 53 76 7b 2c 10 37 e6 48 8e 26 8a bb 7a 4d a2 c3 86 2a 7f 75 1d 61 e4 d3 c0 f6 16 67 06 78 33 2c 57 0f 0d a2 45 a9 ab 71 6a da 54 8d 93 35 a3 88 0a 90 ae e1 da 36 ad 3d ae 76 fd b6 87 1f 2f 76 7b a9 fd 91 6b b6 67 70 49 f5 6d 78 b7 51 45 08 f6 6f e9 67 ca 61 18 8d c4 f5 7b 47 b0 10 22 ec 63 55 79 3b 25 52 e6 c2 ba 2a 46 ec a1 08 b7 3a 32 e8 af e5 58 1f 6a 05 02 cc e6 fa 15 a8 23 7b 9a 7c 53 92 28 05 3e e7 87 6c 18 c7 39 1f af ea 41 2f 99 de 0a 9b ca af 39 98 20 52 6f 15 78 8b 9f ba e6 c2 ed 20 02 a2 8a 70 1f 0a be 82 b7 0e 1c a3 fd 33 45 e4 1a 20 9c 57 50 14 73 57 80 62 49 41 e1 6c 8b 67 47 7a f9 00 f4 e5 8d 99 0a 76 ad Data Ascii: ;$doxYw<jq<^ vSv{,7H&zMuagx3,WEqjT56=v/v{kgpImxQEoga{G"cUy;%RF:2Xj#{\|S(>l9A/9 Rox p3E WPsWbIAlgGzv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.16	49776	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	573	OUT	GET /gui/2121f4aabac6fbe523ec.woff2 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" Origin: https://www.virustotal.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.virustotal.com/gui/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	316	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d8aa001fba4339d3f2433d1d49faadaf Server: Google Frontend Date: Fri, 18 Oct 2024 08:52:47 GMT Expires: Sat, 18 Oct 2025 08:52:47 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: font/woff2 Content-Length: 14712 Age: 521423 Connection: close
2024-10-24 09:43:11 UTC	1092	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 39 78 00 0d 00 00 00 00 88 38 00 00 39 1f 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 6e 1b cf 3c 1c 90 1c 06 60 00 84 62 0a 81 87 7c eb 40 0b 84 64 00 01 36 02 24 03 89 44 04 20 05 84 7c 07 8c 34 1b b5 76 25 ca 6d 17 05 9c 07 20 46 4f f2 23 46 22 6c c5 64 b5 a8 23 03 c1 c6 01 82 84 3f 74 f0 ff 27 24 1d 32 06 f3 6e 83 93 59 65 10 31 24 a0 b0 5d dd bd d9 c3 24 73 a7 ae 57 b7 73 39 a8 3c 25 d3 4c b5 31 7d 59 79 06 36 91 82 88 2d a4 20 62 e1 be 10 5b f9 9d b4 d0 eb 0c 37 21 09 19 3c 4b dd 57 7c be 69 6a f3 87 66 9c cd 3f cd a4 5c 3b b1 ee d0 1a 1b 4e f0 24 f5 08 54 28 14 7d f4 39 eb 22 30 6e e1 a3 e6 d4 cb f3 ff 8d 85 de f7 67 29 40 ac 57 45 11 95 40 03 a3 8c 2e b9 5a 56 b1 95 3d 55 c0 e8 ca 3b c3 Data Ascii: wOF29x89n<`b\|@d6$D \|4v%m FO#F"ld#?t'$2nYe1$]$sWs9<%L1}Yy6- b[7!<KW\|ijf?\;N$T(}9"0ng)@WE@.ZV=U;
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 95 e9 04 c1 10 8b 45 12 09 a6 a2 a2 24 95 12 aa 24 ac a6 26 91 cb 55 14 0a 48 ab 36 52 bb 76 58 87 0e 52 a7 4e 58 97 2e 52 b7 6e a9 1e 3d 14 7d fa 10 fd fa 51 03 06 84 06 0d 32 0d 19 52 33 6c ac d8 38 e3 94 2d b4 84 66 a9 a5 98 15 d6 11 d6 db 0c db 62 ab 8a 5d 76 93 f6 38 04 3b e1 24 d3 99 d9 e3 25 ae 0b e4 ba 5e 3c 63 20 33 a1 cc 1d 54 75 57 fb 26 77 bb 87 ed 5e e2 ee 23 cb fd c4 3d d0 de f2 a0 87 64 5e bf a2 0e e4 76 01 0c 48 00 92 28 42 0f bb 06 20 4e 15 84 e4 1c a0 fd 81 ff 19 73 c7 c6 a9 ea 06 d2 4b 64 c0 b6 06 d1 a8 68 ce 3f c7 7b 35 60 f7 38 3f da 73 0d a4 7c 0e 0b 27 1e d3 d1 7c 39 32 91 83 a1 0b 9d d6 3e bd 92 cd 14 d3 da b1 86 3f b7 13 b5 2c cd 7c c8 2b 23 f9 d3 98 71 6a 22 0d 05 ad c7 47 48 1e 39 bf d1 56 31 7a f9 f2 e7 c3 e8 fe 49 fe a6 2f ce Data Ascii: E$$&UH6RvXRNX.Rn=}Q2R3l8-fb]v8;$%^<c 3TuW&w^#=d^vH(B NsKdh?{5`8?s\|'\|92>?,\|+#qj"GH9V1zI/
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: cf 83 c6 c7 d1 91 93 c7 7b 4f f5 bd f7 07 24 27 fb 5b 2f 1f a0 56 2e 80 67 52 d8 1c 54 2a 65 aa ca 31 0d 05 d7 b0 99 7c 0b 2c d0 b0 c2 4e 85 43 0e 1b 71 c6 59 a3 bd ef 7d 63 21 d8 7b 3a 00 d5 00 a0 03 6d 20 6e 5f af 58 3b 87 e0 f2 a4 7c 75 21 a0 eb 68 1e 69 00 7a b4 01 58 a9 6e e1 66 97 d9 9a c5 92 75 3c d0 aa c3 07 2a 73 28 8b 05 bd 21 c8 07 1d a3 15 05 34 8c 16 e8 ec 58 6c 01 74 43 06 d0 da 27 ba cb 70 00 01 c8 f9 eb da 01 69 80 51 61 4a e0 2c 9f 32 20 c8 b7 6a 20 93 43 1b 03 34 43 05 f0 5b 48 da bc 07 96 c3 30 44 e1 15 d5 03 41 9d 0c 94 38 83 2c a6 38 cd f7 2c 55 48 d1 34 a0 91 3b 2c 52 64 68 8b bb 75 22 42 7d 54 35 c1 e4 4a 4f b1 f6 dc 54 33 38 66 92 65 01 e9 d6 11 b1 7e 40 b1 61 03 45 e6 d9 0e 41 c4 61 32 9d 21 d7 59 a2 de af b1 77 17 32 a8 1d df 8d Data Ascii: {O$'[/V.gRTe1\|,NCqY}c!{:m n_X;\|u!hizXnfu<s(!4XltC'piQaJ,2 j C4C[H0DA8,8,UH4;,Rdhu"B}T5JOT38fe~@aEAa2!Yw2
2024-10-24 09:43:11 UTC	188	IN	Data Raw: ba c2 d4 f2 ff 8f ea ad 0d 13 1e e4 3f d5 fb 02 8a b6 6d 5c 5f 20 b7 03 e3 41 fc ab ed fa 80 64 fd fb 73 8c 21 0e bb 0a 08 34 06 61 20 0e 81 d0 c9 4d 90 10 28 0f c1 ee f0 e6 a5 e1 fb d6 c0 0c 10 ca a1 4d 9a f3 d3 3f 68 f4 6f 9e 5b a9 53 79 af 5d b6 98 0f 03 54 e1 5b 11 81 65 68 7a 3a ed 8c b3 ce 39 ef 82 8b 2e b9 ec 8a ab ae b9 ee 06 04 04 08 04 78 c7 33 10 c7 b7 22 19 8a 5f 57 68 e4 20 1f 16 0e 51 34 0a 7a 10 14 16 76 50 c8 46 9e 48 51 08 48 c8 68 73 5e 58 b4 0d 09 2b 6c 62 37 84 78 23 6f 1b dd 28 48 b3 24 08 94 81 0a fd 40 21 92 46 c7 fa 09 d0 15 05 9a 02 Data Ascii: ?m\_ Ads!4a M(M?ho[Sy]T[ehz:9.x3"_Wh Q4zvPFHQHhs^X+lb7x#o(H$@!F
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 62 68 48 08 31 b0 20 72 c0 d1 22 88 b6 d3 ae 00 9f 1e 94 9e 90 20 64 90 88 4c d6 26 40 ab b9 b9 ce 1b 80 5f 7d 11 d6 91 00 90 0b 15 c2 a3 80 38 52 82 6a 77 1b 74 92 16 61 d6 5a b6 b2 bd 65 05 c0 30 79 ed 6e b9 ed 8e bb ee b9 ef 81 87 1e 79 ea 99 c7 9e 40 40 ea 6e ff a8 01 21 b6 d9 1e 10 01 08 07 61 78 30 a9 96 b0 d5 cd 02 01 45 2a 04 52 17 41 94 6e 56 f0 02 c1 2d e4 7c e0 76 88 a8 d6 50 7b 9a 42 b4 de 10 88 84 4a d1 e8 44 c6 fc b4 28 38 62 c5 90 cb d6 fe 71 0e 04 b2 17 f4 63 c7 45 21 22 2b 83 48 10 04 a6 8b 68 c4 26 b0 15 4c f4 41 50 09 59 46 05 38 96 26 c1 0a 4b 6b 88 44 62 43 0e 33 91 8b 45 36 6a 26 0b 15 8d 19 c0 c8 70 30 42 d2 51 fb 09 41 91 f0 f2 a1 9d 18 40 05 0f c1 32 24 0b 10 5c 80 64 c0 4e 1c 10 0b a1 49 52 10 68 8c 5c 76 f9 0a 1d 88 30 82 87 f9 Data Ascii: bhH1 r" dL&@_}8RjwtaZe0yny@@n!ax0E*RAnV-\|vP{BJD(8bqcE!"+Hh&LAPYF8&KkDbC3E6j&p0BQA@2$\dNIRh\v0
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 0a 69 24 6a 07 66 a6 96 3f 32 5f 3e 75 f1 ab a1 0c 68 f8 eb 73 64 38 67 7b 4a 0f 60 f4 46 fc a1 fb 25 90 99 d4 56 ab b6 41 9d 5d 07 da a2 b4 09 81 4e 60 ca 02 db 5b 0e 3d 76 76 ea 51 f8 32 e8 40 7e 92 25 f1 a0 9e 17 f9 ce c1 c0 f4 45 71 71 4c 8b f1 5d 10 a9 f3 b1 80 02 e4 78 ec 1a d9 a1 62 88 6f cb 07 84 27 c7 ce 8f b2 28 ee d5 e3 4b 07 94 1b a9 51 16 06 87 a0 38 38 53 1d 93 90 bf 66 23 b6 9e 37 94 9e 5b 8f 81 6a 90 32 fa e6 22 48 e0 25 29 65 59 1a 82 7c 40 3e 4b 8e bd b0 a1 12 e5 fe 12 c1 7b 7d 40 52 a4 75 10 d5 82 3e 5a 62 5f 49 0d dd 4f 54 97 57 48 d0 90 db 53 bb ff 13 fa 52 06 0d 4c 7e f4 ae d3 a4 64 f2 db cc 6f af 58 a3 48 1a 08 16 8a a9 fa 3b 8b 47 e8 5c 96 a9 54 44 4f 28 d3 eb 9e ae d7 9e a4 96 b2 78 c6 80 a8 c5 6e 3b 46 4a 66 48 88 00 a2 4e 7a 55 Data Ascii: i$jf?2_>uhsd8g{J`F%VA]N`[=vvQ2@~%EqqL]xbo'(KQ88Sf#7[j2"H%)eY\|@>K{}@Ru>Zb_IOTWHSRL~doXH;G\TDO(xn;FJfHNzU
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: db 17 45 79 c1 51 0b 5b 8f 2e a2 27 24 5f 86 85 fc b0 26 f9 dd f2 b2 63 23 80 04 59 9c c2 da 3a 66 8e e5 bd d6 26 8f c7 f5 a9 6a 61 ed 19 f9 cc 7b c2 29 8b f3 3a c1 86 96 17 aa a7 e5 b5 d1 cb 19 66 e7 5c 51 48 7f 96 43 2c f8 d5 32 ec 9b 55 ff 3c 61 45 cc cd 6f c2 37 1b 36 ab 7a 5f cc 4f b5 bd fe 6b eb a8 4a aa a8 f2 f5 0b 4b ca 4f 0b 83 ca b3 f5 19 a6 1c 6e 79 d4 c7 bc 8f cd cc 4d 4f 0d f9 c0 e6 3b 3b 9a ba 77 5c a6 19 99 7d 82 ee b5 8b 8a 59 25 54 9c 77 8b ff 72 f7 8b ef 59 52 62 74 3e af 4b f0 80 72 8f 75 26 ab 6f 8f 0e 77 c8 7b 6f 23 d8 78 de 13 6c 64 94 65 66 be 38 84 02 c7 f4 d3 3e 2b 42 50 85 75 dd 99 b8 43 6c 20 99 56 ee 33 31 99 fc 19 56 88 15 b9 6e 62 09 5d 19 73 46 2f f5 bc ef c9 5a f7 3c f9 ed 0c 59 09 f4 0a 2e 26 8f 12 bf c6 a1 3e e4 9f ac 81 Data Ascii: EyQ[.'$_&c#Y:f&ja{):f\QHC,2U<aEo76z_OkJKOnyMO;;w\}Y%TwrYRbt>Kru&ow{o#xldef8>+BPuCl V31Vnb]sF/Z<Y.&>
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: e1 02 7d 0b 96 99 a8 4b 4b 17 19 40 0c 2a 6d f8 30 6d 8b d3 a1 6b a9 4d 4d 49 2b 48 15 d5 18 22 13 08 bc 01 a3 54 92 98 25 ce cd 2b a4 2c 48 de c5 2b 17 30 7c 20 7f 94 ae 5e 0b 47 27 32 b3 ed 32 3d 35 e5 37 52 ed c9 7e 74 f4 55 4e 4c 5e 4b de 28 f0 6d 65 21 b1 43 a0 32 c5 c2 82 75 d4 e8 6f 63 e0 d9 5c 7d 9c 2a d9 56 18 9b 28 40 ed ae b5 d7 8c c3 26 cb d2 73 98 0a ca bb 18 5c 64 38 2f ab a0 58 a9 97 e9 b3 46 0a d3 cf 52 aa 79 b1 7e 0a a5 8a cb ab e6 d6 49 7f 21 e2 1b d9 32 22 62 e7 3a 22 f9 22 d0 1e ea db 1c 98 bb 37 83 2f 75 98 6b 0a 13 fa e8 f2 33 34 72 67 bb 1d 68 0f cd 9c 03 2f 3e b9 7c cb 85 fd cc 65 8d 47 53 4d 5d e0 0c ca a2 cc cf 64 f6 f1 f0 50 b0 b6 29 2b bc 6e d0 04 b4 5f 3b 97 c1 9f 8d 02 49 a2 86 1f 0b a5 8b 25 59 19 db ad 65 ff 6f ff c8 7f b1 Data Ascii: }KK@m0mkMMI+H"T%+,H+0\| ^G'22=57R~tUNL^K(me!C2uoc\}V(@&s\d8/XFRy~I!2"b:""7/uk34rgh/>\|eGSM]dP)+n_;I%Yeo
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 59 89 d4 a0 2e 94 24 e4 0f 4b 54 36 78 1b 12 9b 07 71 63 bb c1 77 d6 3a 49 ac be e0 82 91 c9 8d 6f 67 91 f7 a6 47 19 fd 9e ff 38 f4 56 0e a3 fe 5e 7a de ee 12 be b2 b4 33 df 25 91 1b d9 70 a3 c9 92 9a a2 71 d6 f0 c1 b2 21 93 aa a8 70 56 28 fc fa c0 7d c9 ec f9 91 15 6f 46 0d b6 a4 37 a5 cf 07 3f d8 6a 65 6e 6d c1 39 3d 8b 2b 99 2d 11 0f 17 90 ad c7 b4 bc 70 8d bf fb 5d 48 7b 18 47 91 cf 53 78 0c 26 4d 59 b5 0c 44 b0 88 02 49 70 46 27 9d fe 54 2e 7d 47 11 0f ab d7 18 a6 36 76 98 e7 b5 9a f5 6a af e0 b1 25 e7 5b 0d 99 d9 cf f0 20 d2 67 9a 19 14 67 8d af 42 97 ec f3 c9 c0 b2 80 6a fa 3a e3 82 14 27 a5 7b 7f be 5c a7 6b 63 75 0d 9d 89 2c 00 81 6c 62 59 5c b2 4d a6 4c 4d 3f 03 67 c6 a7 49 e5 32 9b 97 97 92 53 ed b3 8b 24 a6 00 f8 07 b5 55 2d 55 d8 cb 85 d1 a3 Data Ascii: Y.$KT6xqcw:IogG8V^z3%pq!pV(}oF7?jenm9=+-p]H{GSx&MYDIpF'T.}G6vj%[ ggBj:'{\kcu,lbY\MLM?gI2S$U-U
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 03 86 18 30 71 71 16 2f a0 15 8e b5 b0 3f e5 ec 92 f7 fe 31 e9 9d d2 a4 cc 01 fb 51 35 89 36 8d 94 5b 49 24 7e 27 50 04 04 ea da 27 98 63 1f bd f3 b2 8f 8f 0f 4a c8 d0 a7 28 dd 56 70 74 5b cc 81 74 59 54 e4 5e 72 22 ef 80 dd d3 58 58 e8 6b c9 e1 8f 08 e3 e9 ee ff 87 8d 9b a7 91 c4 27 69 75 49 b1 a9 2f 40 9b 0a 5f 2c c8 8f d8 9a cf 51 fe 2c aa 08 af 45 6a c1 01 94 ce a5 11 31 4e 6c 85 c7 85 c4 48 ed 49 49 4a 5b 92 94 1c 57 0f 5f 99 c0 16 b9 b4 e2 3f 27 93 22 5b 23 30 2d 98 a8 c0 21 6f e2 1e 46 e2 27 5e c2 31 a2 1e 82 f1 21 89 32 66 77 ba 14 17 b9 97 24 8d ab 0e e3 e9 ee fd 3f 6b 8b f8 52 71 ad 2f 62 b3 b2 1b 0b 0b 8b 5a c0 82 3c be 36 7e 5c 7e 1e 9b 5c 6a a3 92 e9 dd 7a 3d d6 a5 80 e6 3c 3b 95 22 4c 91 97 12 be 56 34 2e 2f 9f a6 83 aa 21 d1 32 72 74 62 b4 Data Ascii: 0qq/?1Q56[I$~'P'cJ(Vpt[tYT^r"XXk'iuI/@_,Q,Ej1NlHIIJ[W_?'"[#0-!oF'^1!2fw$?kRq/bZ<6~\~\jz=<;"LV4./!2rtb

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.16	49774	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	573	OUT	GET /gui/1402accbefdec6a25762.woff2 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" Origin: https://www.virustotal.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.virustotal.com/gui/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	316	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: efe124df8ee0f3abafed52697631f046 Server: Google Frontend Date: Sat, 19 Oct 2024 01:14:02 GMT Expires: Sun, 19 Oct 2025 01:14:02 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: font/woff2 Content-Length: 14892 Age: 462548 Connection: close
2024-10-24 09:43:11 UTC	1092	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 3a 2c 00 0d 00 00 00 00 88 7c 00 00 39 d3 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 6e 1b cf 42 1c 90 1c 06 60 00 84 62 0a 81 88 4c eb 34 0b 84 64 00 01 36 02 24 03 89 44 04 20 05 84 66 07 8c 34 1b 99 76 25 8c db 8f 02 ba 03 bc 98 bc 94 cc 8c 44 d8 ab c5 aa 64 64 a0 64 6f 9e 9c fd ff d7 04 3a 64 08 dd 4d 01 a7 ea 03 45 10 26 88 ea 4a 83 0b 47 11 2e 1c c3 9c 33 1d 4d 78 70 aa b3 ca 14 69 b6 c5 19 f6 56 17 92 75 24 0b 5b 4f e7 3b 4d 55 c7 93 3a 6a 0b 3f 8a 85 7b 2b 2f 3c da ad 98 f7 a8 73 c5 c5 97 09 a3 5e 5b fe 11 64 ae 64 c3 af 1e d1 99 cc 87 d5 8d 74 20 41 90 80 d4 9d ec 60 b1 8f 7a 06 b6 8d fc 49 4e 5e 9e 87 9f eb f3 dc f7 32 c9 fc cc 12 b0 da 6d 59 01 6b 46 85 0a 00 5c ed fa 96 55 59 55 02 Data Ascii: wOF2:,\|9nB`bL4d6$D f4v%Ddddo:dME&JG.3MxpiVu$[O;MU:j?{+/<s^[ddt A`zIN^2mYkF\UYU
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 7a 34 03 03 0d 23 23 96 19 07 b3 b2 d2 b3 b1 31 70 72 42 3c bc 38 3e 3e 98 9f 1f 27 20 00 0b 0a e2 84 84 18 85 85 11 62 c5 a2 44 44 08 c4 89 a3 12 2f 9e 48 82 04 56 89 d2 e8 a4 4b a7 95 2f 8a a7 81 06 68 8d b5 c4 6a a5 00 d6 4e 7b 06 85 ba e0 74 55 0c eb a7 3f 91 41 fd c6 d3 2b 6b 72 e2 32 33 95 5c 0c 30 99 e0 26 8b b8 d9 92 70 8b a5 96 91 58 ce 19 2b b8 d8 4a ce 58 15 2e b6 da 1a 26 07 66 2b 85 2c a4 84 81 11 30 26 40 e1 eb 67 06 54 a4 42 b0 5b 9f 3b bc ea 7d ff 35 86 48 a7 33 0b 01 cd 1a c0 86 01 50 f2 49 bb bd 24 75 a6 83 4c b7 14 76 39 cc d2 e2 88 41 3b b6 a6 f2 3b 8b a4 a4 98 e6 4b 57 07 ad 2d 10 56 1e 1e f5 3c 3c 14 41 fb 47 d2 84 bf 8f 65 f6 1b d1 e1 30 5e 6e 1b f5 68 e3 3f 7a d3 09 3e 38 f9 d2 33 08 61 7f bc d5 33 dd b9 bf 6d 15 5f 7d 0f c8 58 51 Data Ascii: z4##1prB<8>>' bDD/HVK/hjN{tU?A+kr23\0&pX+JX.&f+,0&@gTB[;}5H3PI$uLv9A;;KW-V<<AGe0^nh?z>83a3m_}XQ
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: a8 56 0d 9a 10 73 3e 8c ec 56 0d fc 89 0d b6 c8 83 64 2b ee 7f a4 d1 fb 18 e3 8b f5 71 cb 1d 91 40 4b 84 20 21 25 98 5d 40 34 13 1b 9a 83 93 4c a2 1a 14 f2 e4 09 6f ac f3 8d 15 eb 25 c9 20 83 a5 0c df 7b fe 20 d8 71 15 58 08 30 4b d6 81 c7 d6 31 bb f5 a4 f4 64 e4 cc 14 38 2a 60 e3 56 d0 70 81 51 2a 01 b0 4d bb 55 9a 25 19 c1 d2 18 77 b2 f0 51 2b 3b 9a ad ed cb af 98 9e 2b 80 71 5e b3 1b 5c cc 03 01 a3 7b 5d b0 18 2c 00 a1 cd 34 db 0e 03 a0 03 6a 97 7c 7e a0 ef 19 29 8c 38 d0 91 16 10 42 a1 2d c4 03 5d d3 11 4e 03 ab 81 b9 60 76 6b d8 01 36 c1 6c 30 0c 21 b8 14 49 40 51 3e 17 12 70 86 90 8b 89 94 b4 e0 9e 98 19 9c 60 59 c2 c3 cd ad 54 40 69 2a 51 b2 49 93 22 ca cf 93 32 e5 14 99 cb e1 8c 2a aa 93 aa c1 c5 f2 38 5f 4b 4e 69 b5 84 d0 7a ea a4 b4 27 51 0c 4e Data Ascii: Vs>Vd+q@K !%]@4Lo% { qX0K1d8`VpQMU%wQ+;+q^\{],4j\|~)8B-]N`vk6l0!I@Q>p`YT@iQI"28_KNiz'QN
2024-10-24 09:43:11 UTC	188	IN	Data Raw: fb 1e c5 08 39 b7 e3 cf 9e 45 3d 90 b6 f4 3f 51 7d bd 91 78 3b ff d6 a5 73 01 e2 6e 58 d4 be 3b 62 18 28 db f1 f7 be 3d 4a 10 5e fe 98 0e 33 c2 e0 99 02 c1 50 01 a5 28 1f c4 c3 2b 01 11 5a 81 50 8f 56 2e 49 c6 5f ef b2 07 4c 14 1f f9 2e 6e ce 18 f4 dd cf 56 19 a0 ba ff 5c b5 44 6b 36 08 08 01 cc 41 9a 70 67 9d 73 de 05 17 5d 72 d9 15 57 5d 73 dd 0d 37 dd 82 61 08 02 de f1 17 14 f6 a1 18 d1 0a 0d 6a 0a 92 22 05 15 0d 1d 03 13 6b e8 6d 91 06 d1 48 82 e4 94 d4 83 fd c4 8c b8 ae ae 1c a6 95 a0 22 19 3c 04 16 36 38 b6 5a 0d 45 a8 70 1c b0 c6 bc 7f 53 50 44 30 64 Data Ascii: 9E=?Q}x;snX;b(=J^3P(+ZPV.I_L.nV\Dk6Apgs]rW]s7aj"kmH"<68ZEpSPD0d
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 84 89 40 0b 54 2d c5 60 10 30 33 15 24 11 08 30 13 86 9c 75 0d 08 94 70 04 c4 08 51 38 31 1f 05 f9 99 63 2f 78 0b f8 d5 3b 12 23 0b 48 23 6f 78 e2 4b 88 a7 42 d5 7b 44 39 c6 ba 24 72 0a 29 51 d2 12 2f b0 7d b8 b7 dd 71 d7 3d f7 3d f0 d0 23 8f 3d 51 e6 2f 4f 3d 83 11 b9 86 3f 66 2e 91 6d b6 fb 22 03 76 b1 c8 7e 0b 2c bd 23 c4 81 02 8a 08 11 22 17 8e a4 ea 0c dc 7d 10 96 0d 7d c0 63 50 54 2a a2 d5 41 c1 20 97 27 ae 67 e1 06 56 6e 64 ff aa 4c 5c dc cc 12 35 52 f2 82 0b 66 54 8a 79 9b e3 ae 70 b8 da c3 51 86 90 72 ef 15 7e 5b c5 0e 08 6a 0d e9 2b 47 09 70 e1 e8 a9 48 e2 09 47 cd bd f5 b0 67 2e e3 e0 12 e4 e2 62 e4 9c 9c 06 92 91 86 8c 28 fe 3a ad 17 f0 54 5e 1f f0 71 1a 50 46 8e 95 89 1a 15 24 99 41 6a c3 7a b6 4b 15 ac 58 b2 56 a8 75 b4 33 a4 39 17 42 54 81 Data Ascii: @T-`03$0upQ81c/x;#H#oxKB{D9$r)Q/}q==#=Q/O=?f.m"v~,#"}}cPT*A 'gVndL\5RfTypQr~[j+GpHGg.b(:T^qPF$AjzKXVu39BT
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 00 68 aa a3 22 26 4a 9b 83 fd c0 64 31 18 66 36 71 63 f9 d9 ac d7 44 cd 89 27 c5 15 fc dc a9 5b 5c 3d 67 20 2a 3a 88 d7 36 7a fd b1 b5 26 fe b8 ab ca c7 06 f5 1b b6 56 51 3b 44 c2 10 f3 43 bd 6c 07 62 91 cf 21 c0 6d 06 3e 98 d8 6f c4 d9 b6 41 e3 29 4c de c0 dd b8 8b f6 ba dc c4 a7 b6 27 70 35 ae a6 b5 25 af f7 d7 04 38 47 49 00 96 40 45 82 73 1d 94 07 d4 52 5c 5c 2d 27 2e 91 04 75 b0 51 06 0b 6a 25 82 e3 ae b0 1d d9 16 41 63 86 7c a7 c5 6d b6 cd 66 52 43 6b 40 33 8d a7 a0 a1 a9 e7 10 c8 db 66 41 8d ee 07 e5 45 61 7e 3b c5 04 9f e3 5a 80 53 1e 32 51 6a d9 d2 3a 9c cd ff 10 db 38 75 76 7b 6d 87 d1 1e 48 5d bc 6c da ac 72 37 af 46 37 5c 9c 5b e4 17 67 a2 49 e9 76 18 73 5f 60 dd 11 72 ba 07 e2 8e 3d 10 79 34 81 d3 a1 19 86 b7 0b bb d6 b1 9a 21 18 ca 6c e4 87 Data Ascii: h"&Jd1f6qcD'[\=g *:6z&VQ;DClb!m>oA)L'p5%8GI@EsR\\-'.uQj%Ac\|mfRCk@3fAEa~;ZS2Qj:8uv{mH]lr7F7\[gIvs_`r=y4!l
2024-10-24 09:43:11 UTC	1280	IN	Data Raw: 04 09 f4 71 e0 5c 1a 15 21 fd 0e bf 76 aa a0 a5 09 94 c4 be 3f b9 0e 35 7d 4d 27 5c f7 6a 01 2b d7 2f 6c 9b d7 39 97 06 f1 ac ba d7 f9 3c 3a 83 e3 a0 9e 1f c4 6c 9b 6a e4 9b c2 21 aa 37 c5 0e b8 7d 09 5c aa 12 8d f4 7a 03 a9 6c 84 f4 b0 e1 3d c3 74 57 31 74 c5 27 53 d0 46 52 b7 c9 ce b9 ed ba 9f d2 63 56 89 fe 16 14 ee 4b cd a9 f1 e1 e7 48 64 47 65 e8 15 2e e9 b1 f0 8b e2 68 88 11 74 26 51 06 ce d9 41 07 aa 72 c3 63 3c 1d ac 80 9e d4 75 ac 87 f3 bd 1c 04 74 c3 a4 c6 db e2 b7 3f 33 c8 67 aa c7 50 37 fd e0 ec a5 65 66 fc 7d 0c 05 8b d4 1e c5 c8 cd ed a9 b8 b4 3b 3f 88 0d da 10 a8 ce d4 9a e4 ba 12 27 a0 37 69 a9 d9 cb ef 72 23 c1 4e d6 c6 bd af 81 e2 d2 f1 af ef 5c 41 4c be 88 53 41 30 e4 9f e6 6e 31 40 89 83 0d cd b6 9f 0f fe 28 45 80 3d 0f a7 bc 26 26 96 Data Ascii: q\!v?5}M'\j+/l9<:lj!7}\zl=tW1t'SFRcVKHdGe.ht&QArc<ut?3gP7ef};?'7ir#N\ALSA0n1@(E=&&
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: da 3b b4 a2 ba 72 f1 82 44 6b 3b 54 93 b2 fc bb b5 7c 31 48 3a ea 3f a8 2e 8e 8c 5f 98 76 0f ba e9 38 92 3f 1e 39 a4 7f df 5d 5c 76 e0 d2 e8 4b e8 c9 ca 63 a5 07 c0 f9 8a f3 33 0b 82 c7 ff cb 36 3d 84 48 ab e9 97 c0 f1 f0 f9 37 5f 81 60 24 92 a1 34 8f 0a 0a 32 4a 2c e0 0c ad f1 5a 0d de e5 c1 0d c9 c4 d8 51 06 cb 46 3c f7 24 bd 92 a1 2c f0 34 15 b1 90 06 54 96 97 99 6e a0 7e c2 1d ea 4a 2c 57 f1 98 68 c0 a0 29 56 d2 0b a2 c0 38 e1 3f 1b 15 9e e2 a6 31 ca 2a 16 34 07 94 ed a5 1a 13 a2 76 d7 16 7a 95 95 26 e2 3f e1 d7 cf 01 52 68 7d 9d 4a d5 ec f5 eb 9b 1b 55 5a 3e 42 5e b8 da f8 1b 81 83 70 69 41 79 c0 5f 0b 53 36 05 a4 53 3c 24 f0 98 6e 31 7d b0 db a3 6c 29 d7 c8 58 b7 9e a2 a2 a7 02 13 48 3d ea 94 83 91 89 e8 55 c6 57 77 c7 65 d3 1f e4 fa e5 61 53 25 c0 Data Ascii: ;rDk;T\|1H:?._v8?9]\vKc36=H7_`$42J,ZQF<$,4Tn~J,Wh)V8?1*4vz&?Rh}JUZ>B^piAy_S6S<$n1}l)XH=UWweaS%
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: ce 31 f0 b5 57 59 b7 72 34 be b9 43 f1 43 c8 1b 83 f0 60 62 5e 72 48 ab 8c d1 7e 18 f6 8d c9 5d 71 e1 ff 98 fb 0e ad f7 33 f5 4c 03 8f fc 69 96 33 00 2a a0 6b 11 b4 30 79 ea ff 7b 57 1d 45 33 37 e9 27 8d 20 79 0c c2 bf b4 14 60 0e 06 9c 46 59 f1 b7 ae 1b f5 6c c2 15 72 ee 11 96 54 55 c8 15 f8 24 9c 1c 78 35 46 8e 71 e6 70 72 4d 08 23 4f 03 5b 94 6c 36 6c 94 d9 ff 09 97 7e f9 35 b7 fc 37 17 4f de 51 85 f9 61 3c 1d c6 3a 73 7a 0d 25 8c 83 27 65 76 83 94 72 f7 f8 d3 48 55 4e d6 0b f8 4e b7 6d da b3 75 5b d3 78 79 59 d3 f8 b6 ad 4d 7b 4a 0d 72 78 60 e9 52 b8 47 2e 47 7a 96 2e 45 06 80 07 59 f9 65 9b e4 98 1e b3 45 a7 1c 44 00 23 b6 ac 6c c1 b0 a9 4d 24 53 99 34 0c 98 f3 c1 83 de 42 b1 b6 a0 a6 36 a4 36 f6 b4 2d 74 b8 df 6c c5 9e b0 80 bb b4 b3 46 fa ef dc eb Data Ascii: 1WYr4CC`b^rH~]q3Li3*k0y{WE37' y`FYlrTU$x5FqprM#O[l6l~57OQa<:sz%'evrHUNNmu[xyYM{Jrx`RG.Gz.EYeED#lM$S4B66-tlF
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 52 71 19 6b 90 49 4b 1f 91 45 88 15 61 e0 7c 02 d8 cc e4 e0 16 4e 4c 1a 97 d1 2e 11 da 82 a4 0f 19 c5 06 9f b6 bf c7 52 04 f7 49 aa aa 15 cb 22 15 ae 37 16 5a 42 5c 1f 36 d5 bb b3 34 d3 34 39 fd bb e5 f8 cd 5f 7e 8a a6 2f c8 76 d1 f8 dd a0 30 f3 aa 57 11 4e 79 2b a4 2c c6 1c 95 a0 7b 41 46 36 d1 eb 53 86 bb 15 c5 07 e6 8f ee ab 83 39 49 84 06 eb 91 83 e0 18 0d fb a6 55 57 aa 84 2d 50 59 9d 33 0a 69 3c f7 7d 29 cf 49 a3 53 84 fe 3e 77 83 3d f1 21 56 f4 21 ad 78 21 10 3b 0b 7d 25 b5 1c 5a 2f 15 3b 1c eb af 30 32 19 2a b3 4e 9b 9b 8b e8 2d 1b b6 cb c0 61 9a 67 67 95 6f c5 65 13 49 9f 51 28 ff a6 30 85 9d d9 f8 0a 12 a6 07 55 b1 e9 53 86 d0 26 15 52 ca 6e c5 92 e8 52 9f 16 34 ad 9e 69 46 35 41 02 af e0 71 e1 21 f2 d8 0b eb df 4a ae b2 1e 1c a5 c5 56 56 f9 56 Data Ascii: RqkIKEa\|NL.RI"7ZB\6449_~/v0WNy+,{AF6S9IUW-PY3i<})IS>w=!V!x!;}%Z/;02*N-aggoeIQ(0US&RnR4iF5Aq!JVVV

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.16	49772	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	573	OUT	GET /gui/ee990a93df71bfdfb3b5.woff2 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" Origin: https://www.virustotal.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.virustotal.com/gui/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	316	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 1828feb116bda2134379349feb19e6d2 Server: Google Frontend Date: Fri, 18 Oct 2024 10:08:37 GMT Expires: Sat, 18 Oct 2025 10:08:37 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: font/woff2 Content-Length: 14824 Age: 516873 Connection: close
2024-10-24 09:43:11 UTC	1092	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 39 e8 00 0d 00 00 00 00 88 08 00 00 39 92 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 6e 1b cf 36 1c 90 1c 06 60 00 84 62 0a 81 87 50 ea 78 0b 84 64 00 01 36 02 24 03 89 44 04 20 05 84 7c 07 8c 34 1b 67 76 25 ca 6d 17 c5 dd aa 92 42 f0 a4 97 91 81 c0 79 04 d0 8a fc a6 91 08 73 42 e6 3c f8 ff 8f 07 74 0c 11 3a 53 90 e9 fe 40 82 83 5c ed b4 bb 1a 77 13 d5 78 c6 ef 99 e9 38 41 4d 57 ea 53 95 8b 98 1d 2e e7 5a 3f 12 24 f3 e4 dd 12 10 17 b5 6d 75 74 ad f3 b7 f9 f2 58 82 9c 40 cd fa 5f fe e7 9f 5f 24 81 02 41 66 27 67 af a9 f3 27 10 64 08 78 86 71 26 90 dc ae 54 31 51 5f 94 98 9d 9d 6e 85 e3 a6 8a 7a 85 d7 5f 7d 06 b8 93 23 76 22 f2 f0 ff fe fd bf 73 ed 73 2e 9e fd ad f6 07 50 69 56 42 45 57 e9 32 52 Data Ascii: wOF299n6`bPxd6$D \|4gv%mBysB<t:S@\wx8AMWS.Z?$mutX@__$Af'g'dxq&T1Q_nz_}#v"ss.PiVBEW2R
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 46 46 3a 26 26 2c 33 33 3d 0b 0b 81 8d 08 b3 b3 33 71 70 30 73 73 43 bc 02 88 02 05 c2 82 04 11 05 0b 86 85 08 21 0a 15 ca c2 c7 87 08 17 8e 16 21 02 23 52 24 ad 28 51 e4 a2 45 b3 8b 91 c8 28 49 12 83 86 b2 49 e4 c8 c1 ca 57 40 d0 5c 6b 58 1b 6d 99 15 ea 44 54 a4 07 ac 9f fe e4 06 cd 9e d0 64 a2 13 95 29 a6 56 06 d6 3c 62 35 57 6c e6 e7 fa 5b 60 21 85 45 c2 59 2c 7e 96 08 67 69 ae 9f 65 96 b3 da f3 5a 95 90 39 34 30 d0 00 da 18 34 a9 db 2c a0 42 19 42 c7 1c 48 75 de fe df d8 d3 cb 26 65 13 0a 82 29 79 06 d6 6b 93 54 dd e9 6e 5c a3 75 e5 9b 68 ff d1 1a 14 a6 92 e3 7a 1c c0 8d 69 a5 59 0c 6d de dc 60 68 bb 52 63 a7 1d 66 8b 55 6a ae 57 c5 db 43 a5 b8 e0 c3 91 5c 1d 3b 5d 1e 23 0d b9 d7 7b 70 84 ec 85 91 72 a7 be f5 f6 b9 97 dd d3 1f 27 ad ff 8f d6 bf de 9f Data Ascii: FF:&&,33=3qp0ssC!!#R$(QE(IIW@\kXmDTd)V<b5Wl[`!EY,~gieZ9404,BBHu&e)ykTn\uhziYm`hRcfUjWC\;]#{pr'
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 80 53 72 da 1a ea fa 66 81 7d db e6 e0 11 3a b4 c7 e3 c1 9f 15 33 5a 40 e8 f4 51 00 16 f7 4b 16 e8 42 07 06 9a f0 97 95 7f 01 45 bc 2c cb 57 26 05 34 c9 11 0a 4a 0c 0b 0b 39 1b 07 96 8b 9b 4a 8c ba 78 99 32 b9 e4 eb c8 ad 87 9e 62 0d 32 58 bc 23 8e 48 84 60 87 e9 80 31 80 9f b3 10 84 71 1f b7 88 92 49 db 56 73 e3 f9 d3 02 4b 6f 5c df 9f da b2 3e 53 56 89 56 cd 55 09 14 eb 58 b1 8c 89 36 01 74 64 2e 0c 67 08 99 89 c0 54 e7 81 0f 97 ab 25 0f de 14 ec d5 da 60 e2 53 82 0d d0 6b 05 fd e1 c3 01 b4 40 8f 95 0a 1a 35 ad a9 60 c4 b9 a4 88 21 83 21 ea 25 01 e5 1e 64 59 60 1e 86 20 9a cf e1 87 cb 60 cb c5 30 84 20 46 11 68 4a 45 86 11 8e 4c fc c8 4d d9 7c f3 13 16 12 fe 32 5e 42 dc 61 c9 90 a5 c2 54 5b 27 11 a5 55 4a 8a ea 99 d6 d0 5c 4e 4d 75 28 d5 15 3f 99 22 55 Data Ascii: Srf}:3Z@QKBE,W&4J9Jx2b2X#H`1qIVsKo\>SVVUX6td.gT%`Sk@5`!!%dY` `0 FhJELM\|2^BaT['UJ\NMu(?"U
2024-10-24 09:43:11 UTC	188	IN	Data Raw: 4c 46 f5 9e ff 78 87 80 f8 b7 a7 21 0c 25 3d 3b af fd 31 06 2d 0a 3a a2 6a 56 ec 8c e3 e5 ce 9a bd 81 7c af b7 0b ab ed fa 9f a8 ee 67 56 32 d0 67 5f 7b 96 b7 de 6d 3c b3 cc 9d 50 07 f2 7e 2e 4f 74 43 78 fd 7d ae 30 42 62 33 81 c0 91 21 4d 29 fc b4 aa 23 39 d6 42 16 34 4e 2e a5 c6 4f bb ea 21 93 f4 78 8a dd dd f4 71 e8 97 27 96 1a a0 a5 17 2e 9a af 05 07 04 04 06 e6 a2 0c 5f 27 9d 72 da 19 67 9d 73 de 05 17 5d 72 d9 15 57 5d 83 61 08 02 5e f5 18 e2 58 15 2d 58 85 06 95 8b 94 88 57 0a 09 03 87 80 12 c2 72 71 87 40 0a a4 56 a2 0c 1a 16 1e 79 ce 9b cb cf 12 5a Data Ascii: LFx!%=;1-:jV\|gV2g_{m<P~.OtCx}0Bb3!M)#9B4N.O!xq'._'rgs]rW]a^X-XWrq@VyZ
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 8a fa 62 98 cf e0 91 b5 1b 82 e4 53 41 50 19 65 46 34 79 4d d5 e1 c6 03 79 ad a0 52 20 0c 87 c0 6c b4 90 18 60 a4 0f ce 9e 74 09 84 28 7c dd 7b 42 2c 10 de 3a 69 06 52 e5 a4 6b b5 ef 7c a4 c8 d9 a9 00 14 a0 4c 3c 88 55 27 09 d0 ec 3b 14 ba da 06 14 da 16 75 75 fa 76 c9 80 e3 83 5e 77 c3 4d b7 dc 76 c7 5d f7 dc f7 40 b9 c7 1e 7a 04 23 b2 73 af 35 83 dc 26 9b 63 55 00 97 b0 e2 f1 28 16 3c 17 e2 42 03 45 04 39 22 4b 90 84 20 56 f0 3c 64 2d 74 e9 f0 ee 84 6f d4 d0 d6 69 0a b3 ce 38 31 f1 17 33 bb 58 38 bf 93 95 47 35 36 31 f2 b4 bf e6 81 59 c8 b8 f7 39 5e 08 87 58 5b 38 34 21 94 1a 81 93 31 86 23 5b 90 16 48 7a 75 b4 60 1e 22 13 2d 45 78 c3 a1 53 61 87 a0 05 51 29 17 05 f2 88 1f 72 37 67 81 62 a1 a7 22 8f a0 3c 32 e1 64 19 2b 1d 81 c2 02 1a ab 86 d6 8c 16 83 Data Ascii: bSAPeF4yMyR l`t(\|{B,:iRk\|L<U';uuv^wMv]@z#s5&cU(<BE9"K V<d-toi813X8G561Y9^X[84!1#[Hzu`"-ExSaQ)r7gb"<2d+
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: e5 2d 7f 72 41 5b 7e 9a 8d b9 ca 39 a9 f4 95 8d f8 7a ef 2b b2 64 29 08 41 8c ce 53 a6 96 87 ef 27 0e 66 d9 ab c1 38 f3 9d 6b 90 20 df 03 a9 87 43 a5 cd 61 ad 29 84 11 50 6d 2d fc 0f f0 af d3 7b 2b 40 cc ba 85 b3 27 f9 40 2e c8 c1 4e 6b 62 0a e7 46 c6 96 6a a2 dc 31 51 4b 07 50 9d d1 5c 8e e5 60 ae 3f ef 17 aa 54 cb 64 c9 1e ca 0f a0 9d 6c 3f a3 a1 62 d0 a3 bc 86 8f 65 5d 7e e0 d8 96 c2 08 36 47 20 de ce 86 7a 2c 24 0f 33 2c 71 37 2f d4 39 88 aa 60 93 ee 68 44 80 be 96 f7 2b 54 4f 23 0a e6 b2 ce 0c e6 f5 2c c1 c5 76 c2 9d 58 9a 4b 8d 54 41 bc 4c 2b ed 91 76 86 db d1 20 b2 8a e0 2f 44 17 25 69 92 34 ec 66 8a 8f 10 ca 71 2a 26 e5 90 50 31 d6 d5 2e f5 36 57 aa 57 30 46 84 fc 8a 9b 78 2e 1d 12 de 70 44 63 41 b6 9a 15 ba ee 30 ad 67 f5 e5 61 7b 76 40 8d 2d 57 Data Ascii: -rA[~9z+d)AS'f8k Ca)Pm-{+@'@.NkbFj1QKP\`?Tdl?be]~6G z,$3,q7/9`hD+TO#,vXKTAL+v /D%i4fq*&P1.6WW0Fx.pDcA0ga{v@-W
2024-10-24 09:43:11 UTC	1280	IN	Data Raw: d0 a1 ab 46 f5 cf ef a9 fe 17 3e 2d 2b 8b c3 c8 5f d4 27 cd e7 e4 70 44 ae 16 1c 88 c1 d9 c0 2b e5 f1 aa 01 13 c1 9a 8c 9c da 99 f6 40 c1 5c 59 c5 2a a3 4f 75 d3 f1 59 df 19 b6 78 af 19 3d 1d fc 44 2d 0b a0 5e 7d 65 43 6c f1 ca 17 01 49 2c 94 55 af c3 53 b5 68 f5 4b 95 62 8f 64 a7 4f 6c 9d 25 e3 2a de 80 7f 20 58 26 87 e4 73 57 1d 95 7a 08 55 b1 d6 90 49 bb 9c bd 32 9a 25 ab 35 28 f9 86 71 af 99 fd df f9 90 44 24 24 be 1c 74 68 4e b3 ca a4 fe 6a 8b 80 b2 a7 80 69 e3 86 43 79 8c 0b 55 d1 2f 8f 3f 6d be ea 72 c3 c5 1c c8 8e 40 b5 7b 53 6e 63 98 1e 23 72 04 ef 1d 0c ab dc 6f 65 42 7b 80 76 f7 c3 43 eb 04 7f 76 92 c0 f1 78 03 a7 89 0a 1f 3a 03 33 38 b6 01 e9 64 94 72 d8 9f 15 ba 69 c1 54 88 70 10 7e 4d 77 44 8c 02 81 e6 6f 2b 96 70 f9 be 75 8c d7 fb 0a ae 3f Data Ascii: F>-+_'pD+@\YOuYx=D-^}eClI,UShKbdOl% X&sWzUI2%5(qD$$thNjiCyU/?mr@{Snc#roeB{vCvx:38driTp~MwDo+pu?
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: cd 2d 86 0f bd 85 33 ff 0a 7d 27 98 df 82 0f 8d dc de f6 15 bc b0 fa 0b 52 e2 04 5c f5 85 2e 01 ae b1 7a 9f 57 ef 1d 8f 6c 2a c8 2e 14 95 9b 71 59 ac 06 e3 6d 74 55 ac b6 a7 9d d6 38 04 21 d2 e9 d9 35 c4 dc 0b 7d cd b9 6e 11 9d b2 08 c8 10 f0 7f 64 7d dd cd d4 b9 4c ff b4 9d 42 8f b5 ae 1c 0c a9 e7 36 68 3d 0d 42 43 38 e8 10 fa 15 92 b9 5f 6c 74 00 1d c2 d4 55 a5 4d fa 03 a6 e4 40 95 81 6f 21 1d 92 3b c8 49 94 da 51 e3 b0 db 6a 54 04 a6 9e e7 24 04 09 e0 1b 17 f4 ae 1c f1 a9 52 8d 1a 69 e5 d1 0b 59 9e d3 a9 9b 8d 69 e8 7f 56 3a a2 41 fe db 17 63 d4 18 be 31 e4 f6 2a 83 00 8b 30 f7 56 e9 92 7e 9f 3e d5 ae 51 9a 6a 54 dc 0e 4b b9 49 31 5b ef b6 aa c9 89 3d 0c 2b 23 4c 38 c5 ff 40 29 d4 8b d8 46 2d 68 3e 69 8c 18 20 71 86 33 11 c5 fe f9 5b 16 9e c2 69 83 d2 Data Ascii: -3}'R\.zWl.qYmtU8!5}nd}LB6h=BC8_ltUM@o!;IQjT$RiYiV:Ac10V~>QjTKI1[=+#L8@)F-h>i q3[i
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: c5 d3 11 b8 c6 9f 46 c4 b0 25 e1 9d de 5f 36 0f 46 43 a3 b0 b8 7e b5 d8 4e ed 4c d1 55 92 0a 02 ff b8 25 9d 9b 55 92 b9 40 84 0c 14 17 7c 91 1f 7e 16 85 8d 15 44 a1 9a 3b e5 e8 85 6f e5 00 bd ba 1c 5c fc 5d ff e0 e2 f8 21 06 36 45 20 f5 12 58 86 7a 81 30 20 e1 52 4d a3 b3 a4 3a 2b 95 cb b4 db d9 22 93 cb a5 65 33 8d 7a 99 e2 5d 97 7b f7 fe ca c8 cd 2e bc 3c 19 f8 e9 f2 74 7c bd cd 47 1d ef 8f d3 77 3d c3 fb 5d 88 33 2f 3b e0 0d fe 7d d6 0e aa b8 39 3d b5 77 6f fa 60 73 14 0e ce 79 2a 51 43 9a c1 76 d6 d6 62 db ff 22 11 ff c2 b5 db 37 0a ae 73 06 a4 37 4c ec 1b b2 3d b4 a0 5f 8f 10 17 35 00 86 a9 3a bc 74 cc d2 27 10 d5 89 e9 77 76 54 1d ac 17 19 62 3d 9d 35 0a 6d ba 63 44 6b 5c b6 01 b5 23 01 be 47 b8 3b 24 a5 32 fb 4b 76 a6 40 a2 17 71 29 a0 11 c6 1e 6a Data Ascii: F%_6FC~NLU%U@\|~D;o\]!6E Xz0 RM:+"e3z]{.<t\|Gw=]3/;}9=wo`sy*QCvb"7s7L=_5:t'wvTb=5mcDk\#G;$2Kv@q)j
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: dd e2 24 ed a2 87 ab 5c aa 85 f3 1c 8d c6 f9 92 78 b3 f2 89 48 c2 fb f8 e3 46 7f a5 1f 99 71 22 2a 1c a2 16 b7 d7 61 d6 05 28 d4 22 ac 95 ca 9c 05 aa 51 37 dd ae 70 c1 52 bf ab ae ec 98 a5 f4 d8 10 f2 98 b9 f4 98 cf 55 53 b0 34 ec 6a 40 de 84 91 37 87 50 37 49 f9 73 0b 96 ce 05 17 59 4b a4 a7 39 11 e9 b6 58 22 dd 89 e6 48 8f d9 48 66 9a ec 0e a6 9e 4c 62 e9 1d 76 96 09 3c ed 89 c8 2c b7 1a 2d 63 40 20 08 c0 0d cd 4c 0a 9d 84 8c 65 13 a6 5b 99 95 5a 87 51 2b b1 c6 64 6b ec e0 1c 2b cc 64 a5 6a 24 72 7c 2f 9e d0 27 11 b3 0b f0 86 bf 71 a5 d6 4f 71 af fe 18 24 75 29 44 94 dc 57 fe bc e4 2e 4f 1b 08 60 e0 d6 46 39 34 00 71 32 d9 3f 35 6e e3 6c fe ab f0 9d 4a ad 6a 04 17 58 49 03 d6 68 0d eb 12 81 d0 41 a2 0e 11 4b bf 7b d4 55 f4 cc 27 8e 1d b3 ed ef a3 a5 76 Data Ascii: $\xHFq"*a("Q7pRUS4j@7P7IsYK9X"HHfLbv<,-c@ Le[ZQ+dk+dj$r\|/'qOq$u)DW.O`F94q2?5nlJjXIhAK{U'v

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.16	49775	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	808	OUT	POST /ui/signin?relationships=groups HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Content-Length: 4 sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTI3ODI1NDI0MDgtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYyOTg5LjY0NQ== sec-ch-ua-platform: "Windows" Origin: https://www.virustotal.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:10 UTC	4	OUT	Data Raw: 6e 75 6c 6c Data Ascii: null
2024-10-24 09:43:12 UTC	802	IN	HTTP/1.1 401 Unauthorized Content-Type: application/json Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 9bc891f44e538f3f366c5a4dd2edb57c Date: Thu, 24 Oct 2024 09:43:12 GMT Server: Google Frontend Content-Length: 85 Connection: close
2024-10-24 09:43:12 UTC	85	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 20 7b 22 63 6f 64 65 22 3a 20 22 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 52 65 71 75 69 72 65 64 45 72 72 6f 72 22 2c 20 22 6d 65 73 73 61 67 65 22 3a 20 22 4e 6f 20 75 73 65 72 20 69 73 20 73 69 67 6e 65 64 20 69 6e 22 7d 7d Data Ascii: {"error": {"code": "AuthenticationRequiredError", "message": "No user is signed in"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.16	49773	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	743	OUT	GET /ui/user_notifications HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTAwODA5NTY0NzgtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYyOTg5LjY0Ng== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	882	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: e4ef3a0830713eb1a01ffa94fcdcd7ba Date: Thu, 24 Oct 2024 09:43:11 GMT Server: Google Frontend Content-Length: 13134 Expires: Thu, 24 Oct 2024 09:43:11 GMT Cache-Control: private Connection: close
2024-10-24 09:43:11 UTC	526	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 5b 7b 22 69 64 22 3a 20 22 32 30 32 34 30 31 31 30 30 39 33 36 32 31 2d 65 76 65 72 79 6f 6e 65 22 2c 20 22 74 79 70 65 22 3a 20 22 75 73 65 72 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 75 73 65 72 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 73 2f 32 30 32 34 30 31 31 30 30 39 33 36 32 31 2d 65 76 65 72 79 6f 6e 65 22 7d 2c 20 22 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 6c 69 6e 6b 5f 75 72 6c 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 72 69 67 68 74 74 61 6c 6b 2e 63 6f 6d 2f 77 65 62 63 61 73 74 2f 31 38 32 38 32 2f 36 30 34 33 36 39 3f 75 74 6d 5f 73 6f 75 72 63 65 3d Data Ascii: {"data": [{"id": "20240110093621-everyone", "type": "user_notification", "links": {"self": "https://www.virustotal.com/ui/user_notifications/20240110093621-everyone"}, "attributes": {"link_url": "https://www.brighttalk.com/webcast/18282/604369?utm_source=
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 3e 20 77 68 65 72 65 20 77 65 20 77 69 6c 6c 20 63 6f 76 65 72 20 68 6f 77 20 74 6f 20 68 75 6e 74 20 74 68 72 6f 75 67 68 20 3c 62 3e 53 69 67 6d 61 20 72 75 6c 65 73 3c 2f 62 3e 20 77 69 74 68 20 74 68 65 20 6c 61 74 65 73 74 20 66 65 61 74 75 72 65 73 20 77 65 20 68 61 76 65 20 61 64 64 65 64 20 6f 6e 20 6d 61 63 4f 53 20 61 6e 64 20 4c 69 6e 75 78 2c 20 61 6e 64 20 65 78 70 6c 6f 72 65 20 68 6f 77 20 3c 62 3e 43 72 6f 77 64 73 6f 75 72 63 65 64 20 41 49 3c 2f 62 3e 20 61 6e 61 6c 79 73 69 73 20 63 6f 6d 70 61 72 65 73 20 74 6f 20 61 6e 64 20 63 6f 6d 70 6c 65 6d 65 6e 74 73 20 74 68 65 20 69 64 65 6e 74 69 66 69 65 64 20 53 69 67 6d 61 20 72 75 6c 65 20 6d 61 74 63 68 65 73 2e 3c 2f 70 3e 22 2c 20 22 64 61 74 65 22 3a 20 31 37 30 34 38 37 39 33 38 31 Data Ascii: > where we will cover how to hunt through <b>Sigma rules</b> with the latest features we have added on macOS and Linux, and explore how <b>Crowdsourced AI</b> analysis compares to and complements the identified Sigma rule matches.</p>", "date": 1704879381
2024-10-24 09:43:11 UTC	486	IN	Data Raw: 61 72 67 65 74 5f 74 61 67 73 22 3a 20 5b 22 65 76 65 72 79 6f 6e 65 22 5d 2c 20 22 74 69 74 6c 65 22 3a 20 22 54 68 72 65 61 74 20 48 75 6e 74 69 6e 67 20 77 69 74 68 20 56 69 72 75 73 54 6f 74 61 6c 20 2d 20 65 70 69 73 6f 64 65 20 34 22 7d 2c 20 22 63 6f 6e 74 65 78 74 5f 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 75 73 65 72 5f 72 65 61 64 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 3a 20 66 61 6c 73 65 7d 7d 2c 20 7b 22 69 64 22 3a 20 22 32 30 32 33 30 33 32 33 31 36 35 31 30 30 2d 65 76 65 72 79 6f 6e 65 22 2c 20 22 74 79 70 65 22 3a 20 22 75 73 65 72 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 75 73 Data Ascii: arget_tags": ["everyone"], "title": "Threat Hunting with VirusTotal - episode 4"}, "context_attributes": {"user_read_notification": false}}, {"id": "20230323165100-everyone", "type": "user_notification", "links": {"self": "https://www.virustotal.com/ui/us
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 62 64 65 64 36 35 36 34 33 38 63 38 30 63 31 38 37 39 38 62 31 36 35 33 65 31 31 33 32 34 32 34 61 36 62 38 38 37 63 32 38 61 32 65 32 36 36 31 34 39 63 62 31 61 32 65 34 34 36 34 37 61 38 65 65 38 32 64 35 63 39 65 33 65 64 62 66 35 32 62 36 38 36 65 62 64 62 36 66 33 36 64 64 62 62 33 39 39 33 66 38 36 34 36 34 39 61 35 37 33 62 30 33 65 64 66 36 39 30 31 31 66 34 65 63 37 31 66 39 61 30 30 30 65 35 33 37 33 39 31 61 31 65 61 36 32 61 63 38 30 38 39 39 36 64 64 32 34 33 62 65 34 61 30 32 65 39 64 30 31 36 32 33 61 66 66 65 62 65 37 37 37 66 30 66 63 36 39 31 37 62 36 63 61 34 37 66 30 31 31 34 66 31 33 63 33 61 66 64 64 33 30 64 64 30 30 36 32 33 62 61 64 32 30 33 66 62 62 32 34 36 66 33 35 61 34 38 37 35 34 30 38 36 65 32 32 31 32 34 31 63 65 37 31 34 Data Ascii: bded656438c80c18798b1653e1132424a6b887c28a2e266149cb1a2e44647a8ee82d5c9e3edbf52b686ebdb6f36ddbb3993f864649a573b03edf69011f4ec71f9a000e537391a1ea62ac808996dd243be4a02e9d01623affebe777f0fc6917b6ca47f0114f13c3afdd30dd00623bad203fbb246f35a48754086e221241ce714
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 6c 27 73 20 41 50 49 3f 20 4a 6f 69 6e 20 6f 75 72 20 73 65 73 73 69 6f 6e 20 61 6e 64 20 6c 65 61 72 6e 20 68 6f 77 20 74 6f 20 75 73 65 20 69 74 20 6c 69 6b 65 20 61 20 70 72 6f 21 20 3c 61 20 68 72 65 66 3d 5c 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 67 6f 2f 75 74 6d 2f 39 31 62 30 34 61 35 36 65 33 31 36 65 65 39 39 66 63 35 39 36 39 36 31 62 30 32 34 61 38 66 35 65 35 32 32 33 35 62 38 66 31 30 65 36 31 62 39 65 36 61 32 32 39 65 32 39 35 35 62 31 35 39 37 61 30 65 64 64 65 33 61 62 32 63 35 64 31 37 61 61 62 30 64 66 33 62 64 31 32 32 64 31 36 37 63 30 38 66 37 35 36 31 36 37 34 38 30 38 35 66 62 30 36 61 63 63 33 31 66 33 35 35 31 37 33 64 32 30 38 63 36 66 37 61 37 30 31 61 37 64 39 39 66 62 35 66 61 64 Data Ascii: l's API? Join our session and learn how to use it like a pro! <a href=\"https://www.virustotal.com/go/utm/91b04a56e316ee99fc596961b024a8f5e52235b8f10e61b9e6a229e2955b1597a0edde3ab2c5d17aab0df3bd122d167c08f75616748085fb06acc31f355173d208c6f7a701a7d99fb5fad
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 30 62 36 65 35 34 35 39 33 32 38 34 39 34 37 62 32 31 65 32 32 62 61 39 62 37 65 64 37 39 31 30 62 37 36 34 32 33 65 66 32 37 35 31 37 38 61 64 38 66 64 34 66 30 64 37 32 30 61 61 62 31 36 37 39 33 62 36 36 32 33 39 30 36 37 64 61 30 37 39 66 35 38 62 63 39 31 34 64 32 31 62 37 32 33 37 37 66 38 35 33 63 66 38 64 62 39 32 33 37 34 36 65 38 66 35 62 63 35 38 37 66 63 65 33 33 33 31 38 64 34 34 62 61 38 34 31 38 36 61 64 62 31 62 61 63 66 38 65 37 39 61 34 65 32 63 35 33 62 34 37 31 39 38 37 61 38 63 36 35 31 31 35 34 61 65 37 65 63 36 64 61 32 31 35 31 37 61 33 34 35 66 30 63 32 64 39 5c 22 20 74 61 72 67 65 74 3d 5c 22 5f 62 6c 61 6e 6b 5c 22 3e 68 65 72 65 3c 2f 61 3e 22 2c 20 22 64 61 74 65 22 3a 20 31 36 37 38 37 39 34 34 36 39 2c 20 22 74 61 72 67 65 Data Ascii: 0b6e54593284947b21e22ba9b7ed7910b76423ef275178ad8fd4f0d720aab16793b66239067da079f58bc914d21b72377f853cf8db923746e8f5bc587fce33318d44ba84186adb1bacf8e79a4e2c53b471987a8c651154ae7ec6da21517a345f0c2d9\" target=\"_blank\">here</a>", "date": 1678794469, "targe
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 65 22 5d 2c 20 22 74 69 74 6c 65 22 3a 20 22 53 6d 6f 6f 74 68 6c 79 20 6d 69 67 72 61 74 65 20 66 72 6f 6d 20 56 69 72 75 73 54 6f 74 61 6c 27 73 20 41 50 49 20 76 32 20 74 6f 20 76 33 22 7d 2c 20 22 63 6f 6e 74 65 78 74 5f 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 75 73 65 72 5f 72 65 61 64 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 3a 20 66 61 6c 73 65 7d 7d 2c 20 7b 22 69 64 22 3a 20 22 32 30 32 33 30 32 32 31 2d 72 65 6d 69 6e 64 65 72 2d 66 65 62 2d 32 32 2d 74 68 72 65 61 74 2d 68 75 6e 74 69 6e 67 2d 73 65 73 73 69 6f 6e 22 2c 20 22 74 79 70 65 22 3a 20 22 75 73 65 72 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f Data Ascii: e"], "title": "Smoothly migrate from VirusTotal's API v2 to v3"}, "context_attributes": {"user_read_notification": false}}, {"id": "20230221-reminder-feb-22-threat-hunting-session", "type": "user_notification", "links": {"self": "https://www.virustotal.co
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 67 6f 2f 75 74 6d 2f 62 65 39 31 61 65 31 36 33 62 30 62 37 30 32 30 34 65 39 61 37 33 63 63 35 64 30 35 39 30 66 65 38 37 64 34 63 38 66 36 61 35 62 31 30 37 33 62 36 65 34 31 34 31 39 31 36 64 33 37 33 64 38 38 35 39 39 30 35 64 65 66 34 63 63 61 65 38 38 36 30 65 39 61 61 63 32 34 30 63 31 31 30 61 33 35 31 30 36 35 33 39 37 61 37 64 65 65 38 32 36 63 34 34 32 30 35 64 31 36 31 65 62 33 61 63 32 64 32 34 36 37 64 64 61 66 37 66 63 63 30 35 62 38 31 36 63 31 38 37 38 34 35 39 63 65 61 66 35 66 66 63 37 33 35 31 35 39 66 61 33 33 66 62 65 33 36 65 61 34 30 33 62 35 36 62 38 65 39 63 34 63 38 61 35 37 33 38 61 61 62 62 66 32 36 35 32 62 34 32 34 35 64 61 30 31 64 36 38 62 39 66 31 62 62 32 30 61 32 36 36 39 34 37 30 39 62 63 38 37 66 30 34 66 34 37 66 66 Data Ascii: go/utm/be91ae163b0b70204e9a73cc5d0590fe87d4c8f6a5b1073b6e4141916d373d8859905def4ccae8860e9aac240c110a351065397a7dee826c44205d161eb3ac2d2467ddaf7fcc05b816c1878459ceaf5ffc735159fa33fbe36ea403b56b8e9c4c8a5738aabbf2652b4245da01d68b9f1bb20a26694709bc87f04f47ff
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 38 38 32 32 37 38 64 33 37 30 66 62 31 65 35 65 33 31 63 66 34 63 35 64 37 37 35 38 64 31 35 37 31 38 33 39 38 63 35 33 63 32 39 35 66 36 36 65 62 66 64 64 63 31 39 35 38 39 65 34 38 31 34 35 62 36 39 66 30 37 62 64 66 37 38 64 65 62 31 36 64 36 37 62 62 33 39 38 62 35 38 36 35 33 39 38 63 39 63 36 61 31 34 61 38 63 38 63 66 38 31 37 64 33 64 31 66 61 36 32 61 66 35 65 34 39 63 65 34 33 64 62 30 36 38 61 36 39 65 30 30 31 34 63 30 31 66 37 37 61 32 61 33 31 37 37 35 32 35 36 64 37 32 61 63 39 62 62 35 64 34 31 34 33 32 65 62 66 34 64 39 64 34 65 39 38 34 34 65 63 37 37 33 30 36 35 37 37 31 33 32 33 64 32 64 32 62 66 62 36 35 62 39 32 35 30 34 64 32 34 38 64 35 34 35 39 61 65 38 31 30 37 38 38 64 66 39 63 34 62 33 37 32 65 31 37 37 37 62 61 33 35 34 62 31 Data Ascii: 882278d370fb1e5e31cf4c5d7758d15718398c53c295f66ebfddc19589e48145b69f07bdf78deb16d67bb398b5865398c9c6a14a8c8cf817d3d1fa62af5e49ce43db068a69e0014c01f77a2a31775256d72ac9bb5d41432ebf4d9d4e9844ec773065771323d2d2bfb65b92504d248d5459ae810788df9c4b372e1777ba354b1
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 65 37 37 66 35 33 64 37 64 30 34 31 37 66 39 61 64 37 34 22 2c 20 22 62 6f 64 79 22 3a 20 22 41 6e 79 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 27 73 20 69 6e 66 72 61 73 74 72 75 63 74 75 72 65 20 6d 69 67 68 74 20 69 6e 61 64 76 65 72 74 65 6e 74 6c 79 20 62 65 20 61 62 75 73 65 64 20 62 79 20 61 74 74 61 63 6b 65 72 73 20 61 73 20 70 61 72 74 20 6f 66 20 61 20 6d 61 6c 69 63 69 6f 75 73 20 63 61 6d 70 61 69 67 6e 2e 20 3c 61 20 68 72 65 66 3d 5c 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 67 6f 2f 75 74 6d 2f 63 64 37 37 63 38 64 66 36 62 63 36 65 62 38 36 37 37 63 35 61 34 32 63 38 39 37 31 65 62 66 62 61 39 31 65 62 39 33 30 36 39 62 63 38 61 63 33 38 61 63 37 36 34 66 36 63 32 66 33 61 32 37 66 34 38 35 38 34 33 Data Ascii: e77f53d7d0417f9ad74", "body": "Any organization's infrastructure might inadvertently be abused by attackers as part of a malicious campaign. <a href=\"https://www.virustotal.com/go/utm/cd77c8df6bc6eb8677c5a42c8971ebfba91eb93069bc8ac38ac764f6c2f3a27f485843

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.16	49771	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:10 UTC	742	OUT	GET /ui/cookie_disclaimer HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTE4MjYwNjM4OTYtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYyOTg5LjY1NA== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	879	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 75b230b9f38f386ae228d487f6cd1f6c Date: Thu, 24 Oct 2024 09:43:12 GMT Server: Google Frontend Content-Length: 25 Expires: Thu, 24 Oct 2024 09:43:12 GMT Cache-Control: private Connection: close
2024-10-24 09:43:12 UTC	25	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 7b 22 73 68 6f 77 22 3a 20 66 61 6c 73 65 7d 7d Data Ascii: {"data": {"show": false}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.16	49778	142.250.113.139	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:11 UTC	525	OUT	GET /analytics.js HTTP/1.1 Host: www.google-analytics.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	932	IN	HTTP/1.1 200 OK Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} Server: Golfe2 Date: Thu, 24 Oct 2024 08:22:38 GMT Expires: Thu, 24 Oct 2024 10:22:38 GMT Cache-Control: public, max-age=7200 Age: 4833 Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT Content-Type: text/javascript Vary: Accept-Encoding Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:11 UTC	446	IN	Data Raw: 38 30 30 30 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 6e 3d 74 68 69 73 7c 7c 73 65 6c 66 2c 70 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 76 61 72 20 63 3d 6e 3b 61 5b 30 5d 69 6e 20 63 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 2e 65 78 65 63 53 63 72 69 70 74 7c 7c 63 2e 65 78 65 63 53 63 72 69 70 74 28 22 76 61 72 20 22 2b 61 5b 30 5d 29 3b 66 6f 72 28 76 61 72 20 64 3b 61 2e 6c 65 6e 67 74 68 26 26 28 64 3d 61 2e 73 68 Data Ascii: 8000(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.sh
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 53 54 55 56 57 58 59 5a 22 3b 61 2b 3d 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2b 22 30 31 32 33 34 35 36 37 38 39 2d 5f 22 3b 72 65 74 75 72 6e 20 61 2b 22 2e 22 7d 76 61 72 20 72 2c 76 3b 0a 66 75 6e 63 74 69 6f 6e 20 61 61 28 61 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 6b 29 7b 66 6f 72 28 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 6d 3d 61 2e 63 68 61 72 41 74 28 64 2b 2b 29 2c 6c 3d 76 5b 6d 5d 3b 69 66 28 6e 75 6c 6c 21 3d 6c 29 72 65 74 75 72 6e 20 6c 3b 69 66 28 21 2f 5e 5b 5c 73 5c 78 61 30 5d 2a 24 2f 2e 74 65 73 74 28 6d 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 55 6e 6b 6e 6f 77 6e 20 62 61 73 65 36 34 20 65 6e 63 6f 64 69 6e 67 20 61 74 20 63 68 61 72 3a 20 22 2b 6d 29 3b 7d 72 65 74 75 72 6e 20 6b 7d 72 3d 72 7c 7c 75 28 29 Data Ascii: STUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u()
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 67 6c 65 5f 74 61 67 5f 64 61 74 61 3b 47 2e 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 3d 76 6f 69 64 20 30 3d 3d 3d 62 3f 61 3a 62 3b 72 65 74 75 72 6e 20 47 2e 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 7d 2c 4c 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 49 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 49 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 61 2c 62 2c 21 31 29 3a 49 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 49 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 22 2b 61 2c 62 29 7d 3b 76 61 72 20 64 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 4d 28 29 3b 62 2e 70 65 6e 64 69 6e 67 7c 7c 28 62 2e 70 65 6e 64 69 6e 67 3d 5b 5d 29 3b 63 61 28 62 2e 70 65 6e 64 69 6e 67 2c 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 Data Ascii: gle_tag_data;G.google_tag_data=void 0===b?a:b;return G.google_tag_data},L=function(a,b){I.addEventListener?I.addEventListener(a,b,!1):I.attachEvent&&I.attachEvent("on"+a,b)};var da=function(a){var b=M();b.pending\|\|(b.pending=[]);ca(b.pending,function(c){r
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 61 6d 65 3a 22 2f 22 2b 61 2e 70 61 74 68 6e 61 6d 65 3b 61 3d 61 2e 73 70 6c 69 74 28 22 2f 22 29 3b 30 3c 3d 5b 5d 2e 69 6e 64 65 78 4f 66 28 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 29 26 26 28 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 3d 22 22 29 3b 61 3d 61 2e 6a 6f 69 6e 28 22 2f 22 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 71 75 65 72 79 22 3a 61 3d 61 2e 73 65 61 72 63 68 2e 72 65 70 6c 61 63 65 28 22 3f 22 2c 22 22 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 65 78 74 65 6e 73 69 6f 6e 22 3a 61 3d 0a 61 2e 70 61 74 68 6e 61 6d 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 61 3d 31 3c 61 2e 6c 65 6e 67 74 68 3f 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 3a 22 22 3b 61 3d 61 2e 73 70 6c 69 74 28 22 2f 22 29 5b 30 5d 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 66 72 61 67 Data Ascii: ame:"/"+a.pathname;a=a.split("/");0<=[].indexOf(a[a.length-1])&&(a[a.length-1]="");a=a.join("/");break;case "query":a=a.search.replace("?","");break;case "extension":a=a.pathname.split(".");a=1<a.length?a[a.length-1]:"";a=a.split("/")[0];break;case "frag
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 67 3d 68 2e 70 6c 61 63 65 6d 65 6e 74 2c 76 6f 69 64 20 30 3d 3d 67 26 26 28 67 3d 68 2e 66 72 61 67 6d 65 6e 74 3f 32 3a 31 29 2c 67 3d 3d 3d 62 26 26 7a 28 65 2c 68 2e 63 61 6c 6c 62 61 63 6b 28 29 29 29 7d 72 65 74 75 72 6e 20 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 54 28 29 7b 76 61 72 20 61 3d 4b 28 29 2c 62 3d 61 2e 67 6c 3b 62 26 26 62 2e 64 65 63 6f 72 61 74 6f 72 73 7c 7c 28 62 3d 7b 64 65 63 6f 72 61 74 6f 72 73 3a 5b 5d 7d 2c 61 2e 67 6c 3d 62 29 3b 72 65 74 75 72 6e 20 62 7d 3b 76 61 72 20 6a 61 3d 2f 28 2e 2a 3f 29 5c 2a 28 2e 2a 3f 29 5c 2a 28 2e 2a 29 2f 2c 6b 61 3d 2f 28 5b 5e 3f 23 5d 2b 29 28 5c 3f 5b 5e 23 5d 2a 29 3f 28 23 2e 2a 29 3f 2f 3b 66 75 6e 63 74 69 6f 6e 20 57 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 52 65 67 45 78 70 28 22 Data Ascii: g=h.placement,void 0==g&&(g=h.fragment?2:1),g===b&&z(e,h.callback()))}return e};function T(){var a=K(),b=a.gl;b&&b.decorators\|\|(b={decorators:[]},a.gl=b);return b};var ja=/(.?)\(.?)\(.)/,ka=/([^?#]+)(\?[^#])?(#.*)?/;function W(a){return new RegExp("
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 67 2c 22 20 22 29 29 7b 65 3d 68 2e 73 6c 69 63 65 28 31 29 2e 6a 6f 69 6e 28 22 3d 22 29 3b 62 72 65 61 6b 20 61 7d 7d 65 3d 76 6f 69 64 20 30 7d 62 2e 71 75 65 72 79 3d 6e 61 28 65 7c 7c 22 22 29 7c 7c 7b 7d 3b 65 3d 51 28 63 2c 22 66 72 61 67 6d 65 6e 74 22 29 3b 66 3d 65 2e 6d 61 74 63 68 28 57 28 22 5f 67 6c 22 29 29 3b 62 2e 66 72 61 67 6d 65 6e 74 3d 6e 61 28 66 26 26 66 5b 33 5d 7c 7c 22 22 29 7c 7c 7b 7d 3b 61 26 26 6f 61 28 63 2c 64 2c 65 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 61 28 61 2c 62 29 7b 69 66 28 61 3d 57 28 61 29 2e 65 78 65 63 28 62 29 29 7b 76 61 72 20 63 3d 61 5b 32 5d 2c 64 3d 61 5b 34 5d 3b 62 3d 61 5b 31 5d 3b 64 26 26 28 62 3d 62 2b 63 2b 64 29 7d 72 65 74 75 72 6e 20 62 7d 0a 66 75 6e 63 74 69 6f 6e 20 6f 61 28 61 2c 62 2c 63 Data Ascii: g," ")){e=h.slice(1).join("=");break a}}e=void 0}b.query=na(e\|\|"")\|\|{};e=Q(c,"fragment");f=e.match(W("_gl"));b.fragment=na(f&&f[3]\|\|"")\|\|{};a&&oa(c,d,e)}}function pa(a,b){if(a=W(a).exec(b)){var c=a[2],d=a[4];b=a[1];d&&(b=b+c+d)}return b}function oa(a,b,c
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 3d 3d 63 2e 74 61 67 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 72 65 74 75 72 6e 20 5a 28 61 2c 62 2c 63 2c 64 29 3b 69 66 28 22 66 6f 72 6d 22 3d 3d 3d 63 2e 74 61 67 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 72 65 74 75 72 6e 20 73 61 28 61 2c 62 2c 63 29 7d 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 63 29 72 65 74 75 72 6e 20 59 28 61 2c 62 2c 63 2c 64 29 7d 66 75 6e 63 74 69 6f 6e 20 5a 28 61 2c 62 2c 63 2c 64 29 7b 63 2e 68 72 65 66 26 26 28 61 3d 59 28 61 2c 62 2c 63 2e 68 72 65 66 2c 76 6f 69 64 20 30 3d 3d 3d 64 3f 21 31 3a 64 29 2c 43 2e 74 65 73 74 28 61 29 26 26 28 63 2e 68 72 65 66 3d 61 29 29 7d 0a 66 75 6e 63 74 69 6f 6e 20 73 61 28 61 2c 62 2c 63 29 7b 69 66 28 63 26 26 63 2e 61 63 74 69 6f 6e Data Ascii: ==c.tagName.toLowerCase())return Z(a,b,c,d);if("form"===c.tagName.toLowerCase())return sa(a,b,c)}if("string"==typeof c)return Y(a,b,c,d)}function Z(a,b,c,d){c.href&&(a=Y(a,b,c.href,void 0===d?!1:d),C.test(a)&&(c.href=a))}function sa(a,b,c){if(c&&c.action
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 29 2c 61 26 26 7a 28 63 2c 62 2e 66 72 61 67 6d 65 6e 74 29 3b 72 65 74 75 72 6e 20 63 7d 29 3b 0a 70 28 22 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 2e 74 63 42 72 69 64 67 65 2e 72 65 67 69 73 74 65 72 55 61 22 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2b 22 5f 22 2b 62 3b 76 61 72 20 63 3d 4d 28 29 2c 64 3d 63 2e 64 65 73 74 69 6e 61 74 69 6f 6e 5b 61 5d 3b 64 3f 28 64 2e 73 74 61 74 65 3d 32 2c 64 2e 63 6f 6e 74 61 69 6e 65 72 73 3d 5b 5d 2c 64 2e 64 65 73 74 69 6e 61 74 69 6f 6e 73 3d 5b 62 5d 29 3a 63 2e 64 65 73 74 69 6e 61 74 69 6f 6e 5b 61 5d 3d 7b 73 74 61 74 65 3a 32 2c 63 6f 6e 74 61 69 6e 65 72 73 3a 5b 5d 2c 64 65 73 74 69 6e 61 74 69 6f 6e 73 3a 5b 62 5d 7d 7d 29 3b 70 28 22 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 2e 74 Data Ascii: ),a&&z(c,b.fragment);return c});p("google_tag_data.tcBridge.registerUa",function(a,b){a=a+"_"+b;var c=M(),d=c.destination[a];d?(d.state=2,d.containers=[],d.destinations=[b]):c.destination[a]={state:2,containers:[],destinations:[b]}});p("google_tag_data.t
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 62 5b 63 5d 3d 62 5b 63 5d 7c 7c 61 2e 43 5b 63 5d 3b 72 65 74 75 72 6e 28 6e 65 77 20 24 63 28 62 29 29 2e 65 6e 63 6f 64 65 28 29 7d 2c 44 64 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 67 65 74 28 47 64 29 3b 6b 61 28 61 29 7c 7c 28 61 3d 5b 5d 29 3b 72 65 74 75 72 6e 20 61 7d 3b 76 61 72 20 65 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 61 7d 2c 6b 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 28 61 29 29 7d 2c 71 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 Data Ascii: b[c]=b[c]\|\|a.C[c];return(new $c(b)).encode()},Dd=function(a){a=a.get(Gd);ka(a)\|\|(a=[]);return a};var ea=function(a){return"function"==typeof a},ka=function(a){return"[object Array]"==Object.prototype.toString.call(Object(a))},qa=function(a){return void 0!
2024-10-24 09:43:11 UTC	1378	IN	Data Raw: 65 73 74 28 67 29 26 26 28 65 3d 27 20 6e 6f 6e 63 65 3d 22 27 2b 67 2b 27 22 27 29 2c 66 2e 74 65 73 74 28 61 29 26 26 4d 2e 77 72 69 74 65 28 66 66 2e 63 72 65 61 74 65 48 54 4d 4c 28 22 3c 73 63 72 69 70 74 22 2b 64 2b 65 2b 27 20 73 72 63 3d 22 27 2b 61 2b 27 22 3e 5c 78 33 63 2f 73 63 72 69 70 74 3e 27 29 29 29 3a 28 63 3d 4d 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 2c 63 2e 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 2c 63 2e 61 73 79 6e 63 3d 21 30 2c 63 2e 73 72 63 3d 66 66 2e 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 28 61 29 2c 64 26 26 28 63 2e 6f 6e 6c 6f 61 64 3d 64 29 2c 65 26 26 28 63 2e 6f 6e 65 72 72 6f 72 3d 65 29 2c 62 26 26 28 63 2e 69 64 3d 62 29 2c 67 26 26 63 2e 73 65 74 41 74 Data Ascii: est(g)&&(e=' nonce="'+g+'"'),f.test(a)&&M.write(ff.createHTML("<script"+d+e+' src="'+a+'">\x3c/script>'))):(c=M.createElement("script"),c.type="text/javascript",c.async=!0,c.src=ff.createScriptURL(a),d&&(c.onload=d),e&&(c.onerror=e),b&&(c.id=b),g&&c.setAt

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.16	49779	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:11 UTC	554	OUT	GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 557ac8ebbb799e55609f7e752a8d892e Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:03:31 GMT Expires: Sat, 18 Oct 2025 13:03:31 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506380 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:11 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 66 66 38 0d 0a 02 ff d4 7d 6b 7b db c8 b1 e6 f7 fd 15 34 e3 d5 00 26 44 89 be 9b 14 cc 71 1c db f1 39 13 db c7 f2 e4 5c 28 59 0b 51 90 84 0c 05 30 00 68 8f 23 71 7f fb be 6f 55 77 a3 c1 8b ed 49 72 76 9f cd 93 b1 c0 46 a3 2f d5 75 af ea ee a0 4a 67 e7 fd cf e9 e9 3c 99 fe f2 fc 72 91 ff f2 a9 3e 59 64 27 57 49 96 c7 5f 79 77 73 33 39 0e fb f3 45 75 19 4c 26 f7 1f df df 7f 70 1c 5d df 7b b4 3f 78 34 3c 5f e4 d3 3a 2b f2 20 8d f2 a8 0e af 3f 25 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100ff8}k{4&Dq9\(YQ0h#qoUwIrvF/uJg<r>Yd'WI_yws39EuL&p]{?x4<_:+ ?%
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 60 c0 97 2b 1f 0c f6 51 68 90 57 e6 f2 a4 99 0c d8 cf 39 f8 b7 b2 87 bd 9f 1c fa f4 ef 54 d3 32 9b d7 1d 2c 5a 96 77 28 d2 0e 7b e1 5e a6 ab 67 e6 e9 cd 05 0b 39 39 c6 ba dd 8d aa b8 ec eb c0 47 d9 41 35 ca 7a f1 5d 15 aa 09 b8 86 70 e8 72 92 1d 87 a3 64 67 a7 50 89 4f 31 42 62 b5 d4 99 70 35 bc f5 4a b8 5e 86 1c f9 ed 32 0c 97 86 1d 17 fe b4 06 fb 7f ef bc 28 46 3a af f3 8e e5 17 20 21 cc 96 62 5b 27 dc 08 65 7f 7d ec 9c f7 ff 81 39 1b e5 46 b8 52 e2 49 a2 06 7b ff 6e 68 0c 1a 68 40 6d 32 00 ab ff 4e f9 95 83 1d 38 61 b6 f7 51 a4 7e 67 5a a6 49 9d 9e 75 92 7a ef 2b ec 4b 70 4b f0 c6 e0 0b 78 0b 40 b7 91 c2 cb fe bc 98 07 e0 47 10 06 fd ea 32 3b af 83 f0 e6 a6 db 05 84 33 27 58 f6 1a 79 e0 56 2c 18 62 cd 3e 73 cd 9e 42 aa dd be eb cb ae a3 60 f2 11 22 f1 Data Ascii: `+QhW9T2,Zw({^g99GA5z]prdgPO1Bbp5J^2(F: !b['e}9FRI{nhh@m2N8aQ~gZIuz+KpKx@G2;3'XyV,b>sB`"
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 94 b2 8e 78 30 87 98 4b 1e d1 49 06 36 de 40 41 4b 64 ba 98 41 4a ff 59 2a a3 4e fb b4 fa cc a3 7a 64 da 23 a3 e5 07 c5 a2 58 03 b9 b3 c9 3b f0 4c a9 75 1a a7 51 35 ae e0 f1 6c 54 4d 59 42 55 36 49 b5 ff f1 a7 9f fe d8 10 91 5d f0 ba 0f 57 2b e0 f0 ee ed e1 07 8c 0e 7c 05 2c 11 14 5b 1b 62 fb 63 9a 00 39 e1 f1 a4 ec ca eb dd 0f d0 5c b0 18 54 ac 33 25 aa bd bf 80 4b 8d 3a d3 4b ba 7a eb f8 e7 0f 2f 77 1f c3 e4 61 97 86 bd 78 c8 92 46 25 68 09 1c 1c cc ed ec 0b 80 57 a7 f8 30 bf 48 1b 86 25 dc ea 3e ed 07 72 c0 b3 2f 87 ac a4 fc 16 66 14 b5 a6 7a 01 43 fb 3c 28 9e c6 77 f7 f7 a1 cf 1e dc db df 0f 61 52 1b 50 0c a1 2d 2b 50 e0 a1 49 67 70 93 a3 f2 fd bb 4f d0 64 11 96 4d b5 ee 5f 17 45 9d 50 0b 2a d1 03 fc 46 57 d0 98 b0 a4 ca d4 8a 5c d7 f6 ac 84 7b 17 55 Data Ascii: x0KI6@AKdAJYNzd#X;LuQ5lTMYBU6I]W+\|,[bc9\T3%K:Kz/waxF%hW0H%>r/fzC<(waRP-+PIgpOdM_EPFW\{U
2024-10-24 09:43:11 UTC	327	IN	Data Raw: e7 f4 4b 07 f2 6b a5 ef ba 58 c1 4e 87 3f 7e df 15 2c 26 28 a6 cb 28 ef 3f 8f 33 c4 1e f6 1f 3d 79 bc 81 a4 1e 0f 1e 3c 7e 08 47 4a 3f cd 99 9c b0 0e 62 88 30 c4 88 3c cf 72 43 fa e9 c1 fe 78 d0 0b 76 d3 83 83 41 38 dc ef 05 f2 00 2b 32 1c 9d 15 d7 79 7c 6f b0 53 44 b0 9c 9e 3e 8d 1f 84 4f 01 9e 20 bf 89 ef dd 85 54 ec 01 17 b4 43 32 89 cf 97 d0 15 50 6f df a7 97 bc 7f 96 ae 8c a8 49 52 32 8a 28 a4 16 c4 ab 44 7a a3 29 c8 91 82 04 3d 03 07 f2 a7 f1 c2 e3 a5 46 8d 83 7b 1f 6e 25 00 f6 aa 28 d3 ce 19 14 5c c4 92 b0 cc a7 50 e2 3b 0f ef 77 fe fc d3 bf 75 a0 36 2c 52 e3 87 96 20 3d 12 9b 4a 33 16 84 74 68 00 3c 07 a0 60 04 e4 a0 76 fc 6f 6d 21 5f e7 68 03 59 51 6c 15 8d 4a 37 30 d7 61 23 18 eb 21 df 1d c0 77 55 c0 65 19 dc bb bb 93 85 d1 b4 87 f4 a9 1d c0 2b Data Ascii: KkXN?~,&((?3=y<~GJ?b0<rCxvA8+2y\|oSD>O TC2PoIR2(Dz)=F{n%(\P;wu6,R =J3th<`vom!_hYQlJ70a#!wUe+
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 31 0d 0a f7 0d 0a 32 38 62 36 0d 0a 6f ef 0f 3f fc fc e7 7f ff 8f ff fc af e4 74 7a 96 9e 5f 5c 66 7f f9 65 76 95 17 f3 bf 96 55 bd f8 f4 f9 d7 2f 7f db 1f dc bd 77 ff c1 c3 47 8f 9f f4 f6 ba 56 0b 81 c0 d9 88 24 00 f6 fe 41 8c 30 11 70 df ac 85 c3 f8 36 9e 37 02 ad fb 27 a3 4a c3 d3 f4 39 45 3e d3 3e 94 ea b3 ce c3 7b 02 26 41 da b5 c5 77 58 fe f0 81 e9 2e 7e b2 3f 4e 77 1f 3e 18 3e 79 64 4b 06 77 ef a2 e8 c9 a3 de dd 87 c3 fb 8f 6d e9 83 47 28 bc ff b8 f7 e0 ee f0 fe 3d 24 42 8d 1f e2 e1 91 3c dc 1b ee 0e 00 ba 87 8f 1e 3d 72 90 b3 42 ae 03 e3 8d f6 a8 31 7a 24 d8 b2 88 ff 94 d4 97 fd f3 59 81 c8 7e 50 ee a6 e1 de 5d 58 7f c0 be 8a d6 d1 64 71 4c a7 86 65 6c d4 cf a6 e3 c5 70 fa 74 7f 5c ee 2e 9e 0e c6 75 b0 f0 Data Ascii: 00000001}0128b6o?tz_\fevU/wGV$A0p67'J9E>>{&AwX.~?Nw>>ydKwmG(=$B<=rB1z$Y~P]XdqLelpt\.u
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: d7 7a 6b 80 d5 ca e4 2c 1b b0 4d 7f ff dc 56 bf fc d6 d4 56 eb ff 43 33 5b 6d 6c 6d 62 b4 92 5f 57 66 56 87 29 c0 c7 64 0b 0f 2f e8 8d 23 49 49 fa 93 06 e4 9c ab ad 3b 92 6c 50 c4 0e 22 79 58 41 94 d6 5a ac 34 b9 26 d1 0e 17 a7 53 28 b6 55 6a a8 c6 51 75 e7 a4 d5 0e 77 e0 2c fa af 5e bc 79 f1 1e b6 d6 1f 4e de be ff c3 8b f7 54 bc fa 6f df bf 7e f5 fa cd b3 9f 4c d1 5d 56 db 6c 90 2d 36 1a 64 1e 4a f6 53 18 0f 06 28 ad 81 43 11 17 68 40 c5 64 36 0c d9 fe a8 fa 9c c9 96 a4 9b 9b b5 71 85 d7 53 7a 3b d6 ca 87 26 6d 78 1d f3 46 92 cc 38 32 9f b5 a7 e4 be 5a 5d 55 f3 11 48 2c 59 cc 6a a4 cd b7 7d 6d dd 9f f3 5f f2 e2 73 8e 98 13 d8 10 98 53 07 71 57 ac 33 6c 0c 70 1f 51 40 4d 0e 49 43 1b c8 67 04 d9 f8 f1 7d ab 1e 72 ce 60 87 08 91 08 8b 18 f3 b7 66 ea 9f 68 Data Ascii: zk,MVVC3[mlmb_WfV)d/#II;lP"yXAZ4&S(UjQuw,^yNTo~L]Vl-6dJS(Ch@d6qSz;&mxF82Z]UH,Yj}m_sSqW3lpQ@MICg}r`fh
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 01 16 8c 96 70 7b 48 73 10 59 67 63 5d 6b 35 19 4b 06 07 48 7b 83 6f b4 a5 ed 98 a4 c2 75 31 3c 41 0b d2 d2 4a 08 0d c4 ea 91 18 d7 82 a7 47 6c d0 4b fd 6a 3a 75 04 72 a0 3b 21 9d 7b 91 2e 97 9b bf 19 ec 21 6e d8 e2 e7 16 a1 2c be be dc 68 7d ad b8 da 9c ca 0c 17 1a b9 05 ac 2d 07 28 1d 4b a3 55 a3 ca d4 70 23 e4 6b 6e b0 5d 10 c3 12 1b c2 b5 60 17 65 4d c9 6f 94 7e ed a4 65 be bc b2 7c dd ce a4 b2 94 07 ca 6a 3c 7e a7 59 02 a9 ba d9 ff 81 6c 08 2c 6d ed ac 9b ad ae 08 a0 3c 6b 16 2b c2 84 51 74 37 0b 5d 3a fa 87 98 b8 61 06 50 58 c9 6e 43 1a 2a 97 63 24 39 41 a8 28 1c ac 50 87 ab 20 b3 d1 a2 15 09 2d b5 b7 08 ef 0c 01 ba 11 bb f5 a2 37 e8 96 2c cf 76 da d2 09 62 fa 1b ac 4d c9 5a e2 a4 a8 c0 0f ad 75 9d 45 5c e3 66 45 d1 9a c5 1a 4e 72 9b f1 e5 55 b3 cb Data Ascii: p{HsYgc]k5KH{ou1<AJGlKj:ur;!{.!n,h}-(KUp#kn]`eMo~e\|j<~Yl,m<k+Qt7]:aPXnC*c$9A(P -7,vbMZuE\fENrU
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: d2 e8 d7 7e e8 29 f9 4a 96 1b 69 8b 3b 87 9b 79 31 86 8a 8e 12 3d b9 11 2a 07 61 63 ce 69 24 38 78 74 aa 55 b1 70 b0 42 93 19 d4 56 0d d8 70 e9 ed 69 18 aa 81 e8 a9 79 82 f1 53 8d de 7b c5 8a ea cb a5 e1 5b 76 68 70 dc 58 b5 da 0d d7 a6 55 fb ef 8a c6 84 cd 81 69 3a 2f f0 b0 d2 11 40 6c 47 62 11 b3 3d 10 5b 6a c6 61 fa 48 85 6f 49 47 5c 21 0c 81 7f c8 1b b9 e7 d2 a0 36 14 0a ea a4 76 c8 95 cb 82 69 dc 44 26 7d 4c b6 61 0b e3 6c 14 20 d8 d2 66 ce 3c 30 17 ee ef fa d0 af 81 f4 6d 6d 1e 1b 3a fd 85 6e ba 6f 69 17 ba b0 3e ea 3a a6 27 a9 9f fe 1b 3b 65 8b d2 65 1b 7f 65 14 f6 1d e5 55 43 0e 04 82 79 63 53 5b 5b d8 6e b3 f5 64 57 1a 82 0a 16 50 b0 26 18 9a b0 ae 4e 4c 18 27 fd 99 ad a2 e5 0a 79 88 ab 8a a7 1a b6 88 46 b6 ba 96 80 b6 8a 37 75 a6 9a 16 d0 ae 47 Data Ascii: ~)Ji;y1=*aci$8xtUpBVpiyS{[vhpXUi:/@lGb=[jaHoIG\!6viD&}Lal f<0mm:noi>:';eeeUCycS[[ndWP&NL'yF7uG
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 88 4a e6 45 a1 2f 0a 79 01 2f 24 0f 32 50 74 a1 e5 4a 76 4f 1f 21 ac 55 e3 79 90 e3 1c ff 1d 7a ac 4e 12 32 a5 59 08 e8 42 9e 3e 4d c7 03 40 02 e4 81 aa 2b b9 30 8b a6 aa e3 0a 48 df d0 3b 04 7a 81 7b e4 89 6d 58 af 29 e4 10 8e 62 61 b6 33 d9 80 59 64 9c 1e b2 cd 4f 01 76 a2 43 8f e7 2a 21 82 e9 81 e7 8d 20 73 35 0e f3 3c 46 42 69 c5 db 69 fa 7a 82 5a c0 bd e8 16 33 cf 0c 4f 85 bf d2 74 ca aa cc 5e 90 c3 19 81 aa eb 35 31 d2 b5 e2 e8 32 98 43 23 92 23 db 83 79 9c 86 4b 16 2c 78 79 c2 14 e9 af 98 db 92 ee e4 d1 da 28 47 38 71 96 60 b7 55 69 9a cc fc a9 e8 00 ad d1 c8 d1 8d f4 0b 37 c6 0d f3 41 b7 df 98 07 59 fe da 2c 96 18 b9 65 76 91 cd 2c 97 63 78 e6 3b 3b 6e 42 da 7d a5 7a 20 96 0f 9d 59 09 b8 c9 77 e2 ac 01 5b c9 a0 fc 4b c0 03 b1 0a 5d 46 3a 02 f4 89 Data Ascii: JE/y/$2PtJvO!UyzN2YB>M@+0H;z{mX)ba3YdOvC*! s5<FBiizZ3Ot^512C##yK,xy(G8q`Ui7AY,ev,cx;;nB}z Yw[K]F:
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 3d b4 94 19 b5 d0 19 b4 d0 6e 9f 67 86 60 53 c6 82 47 4d 8f 91 be c3 60 4f 1a cc 22 9c 6f da ed cb db 6a 0c 72 e6 89 8e 98 43 97 d5 ab 31 f3 7c 4c 45 1c 85 23 3e 40 70 16 af 34 c2 99 a7 53 b4 6f cd 52 f9 0e 86 ec c2 58 5d 7b 30 bb d0 5c 1d 27 63 24 ac a3 27 00 b5 1c 23 d6 ce e9 c6 70 ef 02 00 08 d7 2d 73 97 d0 8f 23 e3 e4 c7 2b c3 22 e1 98 44 90 c1 9e a8 15 e3 f4 0a 69 ba 45 2b b8 49 81 e3 15 27 52 2c 7d c8 6f fa e7 72 f9 6d d0 bb 40 10 1c 70 b4 b0 c7 01 01 30 e1 60 fa 60 2c 92 a8 0f fa e7 76 0c 83 22 76 35 58 cd 96 a1 b6 e2 0f 78 24 0e b5 e6 0a c2 59 6f af 26 c5 5c ac 4b 80 6f f0 e1 2d 44 4e 04 83 f0 e0 af b0 16 e3 08 a2 0c 47 7f c9 e8 16 c0 44 4e 02 9c c3 de c4 30 ce 87 c0 1a a7 3c 71 91 79 8d 20 2f bb c0 a6 01 77 30 4c 27 19 07 da 3a 72 98 d9 5e 38 5c Data Ascii: =ng`SGM`O"ojrC1\|LE#>@p4SoRX]{0\'c$'#p-s#+"DiE+I'R,}orm@p0``,v"v5Xx$Yo&\Ko-DNGDN0<qy /w0L':r^8\

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.16	49780	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:11 UTC	540	OUT	GET /gui/5978.4206cee10d7d4c2afd11.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 37733f358060f69c70b3d8294d8ebf39 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:03:55 GMT Expires: Sat, 18 Oct 2025 13:03:55 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506356 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:11 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 66 66 37 0d 0a ff ec 5d 79 97 db c6 91 ff 7f 3f 05 4c db 13 c2 0b 40 24 67 38 07 29 4a b6 65 39 d1 da 4a b4 3a 36 9b 55 f4 14 90 6c 0e 91 01 01 06 00 e7 30 cd ef be bf aa 3e d0 38 c8 99 28 89 37 2f 6f 35 f6 88 ec b3 ba ee aa 2e 40 9d 4d 2e 9c bc c8 a2 59 d1 19 77 73 11 2f 82 1b 31 5d 87 b3 ab 67 cb 4d 72 75 5d 7c dc 44 1f 57 61 94 4c 0e f4 fd fc f3 fb 0f 6e b0 de e4 cb ee fb f7 c3 8b b3 f3 0f de 96 fe Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000ff7]y?L@$g8)Je9J:6Ul0>8(7/o5.@M.Yws/1]gMru]\|DWaLn
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: a6 28 d2 a4 8a b8 65 b1 8a dd ee f5 cf 3f 77 af 27 af fe f4 78 ca 43 9c 79 58 84 7e 21 f2 62 d2 01 ad 69 ae 2f 01 ee 38 cc 0d 93 ce b4 48 1c fc ef a7 9b 22 06 f3 f8 80 73 15 66 77 ce fa d6 1f 76 1c 12 85 49 27 df 4c 81 f7 8e 13 cd cd 32 12 66 09 48 e7 89 a3 00 d3 d8 78 fc 48 ee ff e4 4f 90 63 09 7a 1b b4 77 80 f6 8e a0 9d 47 d7 1a 9e 6b 30 c8 ec ca b9 0c d7 fe 89 13 c6 d1 65 e2 83 e4 ab dc 9f 81 5e 22 c3 5e 5f 6c 7b 3b e7 31 b0 bc 72 be 96 90 4d 3a d4 66 8e 74 ff 12 8f a3 64 bd 29 d4 e9 16 a0 74 c7 59 46 f3 b9 48 f8 88 d4 f0 46 90 ec a7 59 c7 f9 7a b6 0c 93 4b 60 81 f7 50 db 33 0c b5 5f f6 29 6e fc f3 9e b3 f2 c3 4d 91 3a 38 08 a0 7e 7c 5d f8 9b c8 2f 52 9c 04 52 87 c3 54 b6 7f aa c8 03 ee d2 3b 3d 7e d4 98 82 65 1e 01 57 f4 17 9d df 7c fd 13 2c 53 f0 56 Data Ascii: (e?w'xCyX~!bi/8H"sfwvI'L2fHxHOczwGk0e^"^_l{;1rM:ftd)tYFHFYzK`P3_)nM:8~\|]/RRT;=~eW\|,SV
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: a5 f0 f7 19 14 59 ba 92 df d9 17 f6 65 00 82 98 b4 e3 6d e7 a2 08 a3 78 b4 25 35 35 e2 ee 8e 17 cd 47 62 47 fb 42 3f 51 f8 25 19 ed 81 84 a2 14 11 e6 41 79 16 93 3b 52 9a 0c e4 7f be 94 40 8e 91 9a 48 49 8b 7d 0a 90 05 c3 a4 d3 4c 48 7f 7c d6 ad d0 90 91 86 5c 43 a5 31 0f 7e 83 6c c8 6b 31 0b d7 40 4b a8 03 7b 1e 8b dc 08 32 1b b3 74 2e 5c 95 43 6a 52 60 dc e0 89 92 85 08 49 a0 0c fb cf e0 51 29 28 5a 72 aa a9 07 77 87 34 4e c5 0d c4 04 ca ad 64 63 89 2d 99 ab 78 49 0e b2 a2 15 3b fa 20 d1 75 24 6e 46 37 51 32 4f 6f bc e9 66 0a 77 2e 1f 7d d6 f3 60 d6 66 22 26 27 17 df 76 ee 58 25 90 20 0e 0d e9 03 4e 64 ba 80 ce 0b fc d4 08 20 00 5c 3d e0 22 c1 27 f0 c4 38 0b d6 19 99 cc e2 3b b1 08 37 71 d1 d5 f1 85 e0 f8 ac ab f7 95 89 39 0e 38 b4 26 e0 2f b9 bd bb 78 Data Ascii: Yemx%55GbGB?Q%Ay;R@HI}LH\|\C1~lk1@K{2t.\CjR`IQ)(Zrw4Ndc-xI; u$nF7Q2Oofw.}`f"&'vX% Nd \="'8;7q98&/x
2024-10-24 09:43:11 UTC	340	IN	Data Raw: 65 3e c8 00 7d 33 99 ee 3c aa f4 fb 3b f2 d8 af 1e 7d f5 19 58 e5 2b 07 e2 56 e0 fa 32 5c 3b ce f5 30 38 0e 06 4e 77 59 14 eb 7c f4 e8 11 ae 5c a7 ba 17 79 d5 d5 23 97 67 3c 4b d7 77 19 f1 91 33 e8 f5 fb fe a0 37 38 76 e8 7a ae 5c e9 9b 4d b1 4c b3 9c 47 ff 88 f8 0f 81 2c 2e 86 a9 7c c8 79 f9 e2 ad b5 01 2e 2d 37 53 5e ba b8 99 e6 8f cc 6e 8f 70 b5 3c 7d 44 99 a4 47 3f be 78 f6 fc b7 6f 9e f3 d6 8f 46 19 e0 d9 4a de 04 31 47 ce e7 bd e9 c9 7c 1e 8e b9 09 49 d5 e8 32 45 e3 e9 69 bf b7 18 c8 c6 f5 26 83 5f 4a 8d 8b 93 c1 ac af 1a 11 60 d3 64 fe 23 9b c0 44 68 99 a1 36 73 d0 93 2d 28 ab 03 fb a0 51 0c cf 8e 7b aa f1 4e c4 71 7a 83 c6 c5 4c 5c 9c 9e c9 91 14 cd 43 1a 3e 3f be 08 67 27 33 d9 86 ca aa 18 4d 83 de ec e2 42 0d 9b dd 85 34 6a 70 7e 36 9d 0e e5 28 Data Ascii: e>}3<;}X+V2\;08NwY\|\y#g<Kw378vz\MLG,.\|y.-7S^np<}DG?xoFJ1G\|I2Ei&_J`d#Dh6s-(Q{NqzL\C>?g'3MB4jp~6(
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 17 0d 0a 30 30 30 30 30 30 30 31 0d 0a e0 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6f 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 00000001000000010000000100000001p00000001_00000001p00000001s00000001?000000010000000100000001900000001Z00000001000000010000000100000001000000010000000100000001o00000001
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: a0 0e a3 15 73 2b 68 a4 0e 25 26 94 bd 37 e0 54 bd 12 3c 31 67 72 44 7d b1 42 6d 98 9e c7 66 3f 38 3f a3 04 91 c4 9e 59 a2 d4 b5 ee 98 1e ab f2 e9 9a 7d 34 cd 44 78 e5 d3 f7 5d f8 84 d7 91 d3 14 9c bb fc fa 72 8b 1c 0f b9 4c 31 1e b8 c0 e3 34 a3 15 9e 74 89 c5 4e 96 8b 82 43 2c dd 33 ea a9 e6 11 4b 01 63 48 7e f4 29 4d 83 fa 28 77 ab 1e 14 c2 50 ae 8b 45 19 15 3d 8c b4 c5 f3 0e 97 51 32 ea c9 a3 a9 f3 6b 6c 95 c7 d5 2d 60 03 e1 ab 84 98 86 55 ad c4 a8 65 7d 4d 5c 0f 18 40 f4 f7 fc e0 86 1c f0 61 ab f2 5d 2a dd a5 40 f6 de 73 c5 83 1a a3 be 71 39 d9 07 f5 85 6f c7 8a 0f 5b 1f 4f b0 5e 45 85 4f 55 0a 21 ec 02 dc 44 39 4b 1f 9e 98 64 a4 cb 83 dd ea c2 12 27 f5 4e b9 4f 7b 9f da b6 d6 59 3f c4 68 04 f9 fb 09 35 3b a4 ba 22 94 61 67 db 35 aa c3 49 72 7b 63 45 Data Ascii: s+h%&7T<1grD}Bmf?8?Y}4Dx]rL14tNC,3KcH~)M(wPE=Q2kl-`Ue}M\@a]*@sq9o[O^EOU!D9Kd'NO{Y?h5;"ag5Ir{cE
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 8f ac 76 7e 39 4b db 41 e5 98 fb 63 1b da 53 8d dd 1f d0 d8 83 2a 48 3f 04 77 95 18 fb 4e d1 32 8a cf 54 6d df 5a 2a f7 1e 54 32 b6 b4 1a e7 5d cd 3b 26 da f0 a4 47 6a 4c b5 06 36 56 7e a8 1a 19 12 62 cc 0a 87 f1 57 0e b3 31 68 62 c3 ca a9 cc 58 65 85 24 77 eb 37 34 6d 8d 9d 96 4a d6 ae 0f 00 3c 7c 9b 6b 5f 23 13 90 b6 ce a2 b2 00 ab 64 90 ba 2d f9 ac 94 1b 98 2e b9 28 5e e0 38 55 05 01 e5 ac fa d2 17 c7 22 54 75 44 34 a8 6e 00 47 ce 09 df da a3 76 60 30 50 77 f3 34 ce 66 d8 3a 0c 86 41 09 f4 da fa ba cf c2 2a 8d 3a 3f 0e c3 e6 ea 7f ed 7d 2b e0 32 b4 68 45 b6 e9 6d c5 7a d9 5b 83 8e d1 cf 2a ab fe ca b7 26 71 eb b4 aa e3 fb d3 48 d9 3a eb 9e a5 9b a4 b4 ee 63 4b 27 e9 c1 94 ac c1 b0 87 92 ed a3 fe 1e 94 ac 63 b6 24 d7 3e ff b7 1c d1 46 50 89 02 5d b8 24 Data Ascii: v~9KAcSH?wN2TmZT2];&GjL6V~bW1hbXe$w74mJ<\|k_#d-.(^8U"TuD4nGv`0Pw4f:A:?}+2hEmz[&qH:cK'c$>FP]$
2024-10-24 09:43:11 UTC	129	IN	Data Raw: fa 1a f5 5e ae e1 ba f5 9d 8c f1 fa 84 ed cc 5c e4 0f 94 c5 7f c0 9e c8 a3 29 b7 4f 6d 89 06 d6 2c 96 67 5b f5 1f 29 25 d8 b4 a0 fa 09 40 a0 00 45 eb 7d 65 a9 79 ec 1e ab c9 cb 58 e3 2a 99 ce 12 72 0d 4f 63 e4 7d 30 c0 dd 69 ce d9 0f 4b 79 a9 c0 de 2f 41 de cc aa 19 b0 ec e3 4a 1f 8c 26 54 f3 6b 66 30 75 29 9b 68 d6 d6 29 35 ed b3 95 ee 97 bd 34 3d 4a 71 ea d8 6c d2 d8 cc f6 3e 0d 0a Data Ascii: ^\)Om,g[)%@E}eyX*rOc}0iKy/AJ&Tkf0u)h)54=Jql>
2024-10-24 09:43:11 UTC	808	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a e0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 94 0d 0a 30 30 30 30 30 30 30 31 0d 0a e9 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 30 30 30 30 30 31 0d 0a b2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a e9 0d 0a 30 30 30 30 30 30 30 31 0d 0a c8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 24 0d 0a 30 30 30 30 30 31 0d 0a 5a 0d 0a 32 33 39 0d 0a 83 03 5a 4e 60 06 df 4f 88 f2 51 17 ac 53 ce db 4f 8c Data Ascii: 00000001l0000000100000001000000010000000100000001000000010000000100000001M00000001'000000010000000100000001j0000000100000001K0000000100000001$000001Z239ZN`OQSO
2024-10-24 09:43:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.16	49781	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:11 UTC	541	OUT	GET /gui/88220.7a7bbdb48b5a17981431.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:11 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d853fcf1c77a326c519bfa44a40c149b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:42:41 GMT Expires: Sat, 18 Oct 2025 09:42:41 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518430 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:11 UTC	1058	IN	Data Raw: 30 30 30 31 0d 0a 1f 0d 0a 30 66 66 66 0d 0a 8b 08 00 00 00 00 00 02 ff ec bd 7b 63 23 c7 71 ee fd ff f9 14 63 38 56 08 1b c0 62 06 18 5c b8 e2 ca 32 2d 7b 15 ef da 8e 25 af 13 2b 3a 36 48 82 4b 44 20 c0 00 e0 de b8 fc ee ef ef a9 ea 9e 0b 00 ae 28 59 76 92 f3 32 8a 97 e8 e9 9e be d4 bd aa ab 7b 0e d6 d3 f9 79 e7 f5 f4 e4 6a 72 fa cd f1 c5 f5 e2 9b 57 9b bf 5c cf fe 72 39 99 2d 8e 3e 50 f7 fe fd 57 5f 37 3b 57 d7 eb 8b 83 af be 1a 8d b2 ac db ca bb a3 bc df 1a 8f c6 dd ee d7 ad 1b 7b 76 78 b0 6a 4d 5b 9b e6 d1 93 9b c6 f5 7a 9a ac 37 ab d9 e9 a6 f1 78 d3 59 1d 4c 9b ad 4d e7 ec 60 da ba 39 9b 9e 4f ae e7 9b c3 03 da 5d af 6e 9b 8f 37 07 f4 92 36 1f bf 9a ac 92 e5 d1 e6 a0 3f 1a 76 fb cd d6 84 9f e9 60 d0 cf 9b ad 35 3f 07 d9 a8 97 35 5b 0b 7e 66 e9 b8 db Data Ascii: 00010fff{c#qc8Vb\2-{%+:6HKD (Yv2{yjrW\r9->PW_7;W{vxjM[z7xYLM`9O]n76?v`5?5[~f
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: d9 be 02 51 93 d5 db 64 03 f3 c5 99 d3 5b 5b f3 48 fe e9 a6 7b db 48 24 77 8e 1a de 4d 23 f9 f9 e9 7c 76 fa cd 51 c3 ea 9e 24 0e d3 44 70 4b 3e 7e e4 8d 18 f4 11 40 b9 6b 6c 1b 3f 8e 7b 8f 21 9c e1 76 7a ff 6b b3 05 3a d6 1d 03 fd f3 c9 55 f3 e0 06 8a 9a 40 18 67 87 db 0c 77 1b a4 44 95 06 be d3 db 07 52 4e d6 6b e4 23 28 ea b6 75 dd 31 34 ac 8f 8c 30 ae 17 eb c9 f9 f4 f8 8b 2f 9a 07 57 9d 4f 9b ad eb e6 e3 97 07 5f 51 35 a1 99 a4 f1 41 f3 eb d6 79 e7 6a b5 dc 2c 05 d4 56 c3 28 b5 d1 72 b6 69 b6 be a5 75 45 aa ed be 63 5d 35 0f 1a 3f de 25 98 ed 51 77 5b 14 33 38 3f 8a 73 40 e8 88 17 5d 0a d3 af 98 c4 d7 de 3e 99 ac 1a ea d3 35 f4 5b e9 cc f1 00 95 79 2c 9d 9a 8e d3 21 bf 51 ae 69 0f 45 db 6c bd 3e da 74 16 07 c7 cd d6 37 34 1c 8e 87 dd dc 35 ea 9b d6 f3 Data Ascii: Qd[[H{H$wM#\|vQ$DpK>~@kl?{!vzk:U@gwDRNk#(u140/WO_Q5Ayj,V(riuEc]5?%Qw[38?s@]>5[y,!QiEl>t745
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: a7 1f 5c 24 21 90 69 47 62 75 fa 2a 2c 71 2f 70 9d a7 9f 01 e2 35 4a 6b 8a 95 3c 5b 9e 22 01 8b 51 1b cd c3 7b be 58 7b 09 ec 94 65 e1 86 b0 62 67 b1 44 6d 2c 5e ee 57 01 11 cd 81 32 0c c1 98 7f 7f 5a cd 36 48 63 eb 02 cf f7 cd 5d 9e ef 37 f2 7c df 34 1f 7f 1a 3c 5f bc 5d 0b 6e 22 05 e4 f3 1e 7e 41 68 68 f1 f2 16 ff f1 9f aa 9e 70 30 45 4b bf f6 3b bf 5f 37 d5 0b 8f 36 f6 53 f8 c7 35 3b 65 7b 1a 45 a5 59 94 e5 6c fe e9 28 f6 b3 cf 2f 76 7b 97 15 29 76 9d 8f 87 84 9a 89 44 f7 88 3a db 8f 6c 40 f8 da c2 c6 9f cb 05 ee e6 43 9e ff 41 f1 e5 ee 60 48 2c fa 19 3f f3 c1 30 1d 36 5b ff c9 cf 7e 9e f5 d3 66 eb 57 fa d9 cf f1 a5 7f a1 7a 45 d7 9b ad cf f8 39 cc ba 23 9a fe de fc ea cf 9a ad bf a8 61 b7 3b 18 37 5b bf b4 67 7f 69 b6 7e c7 33 0b c5 bb af fd db d6 7f Data Ascii: \$!iGbu*,q/p5Jk<["Q{X{ebgDm,^W2Z6Hc]7\|4<_]n"~Ahhp0EK;_76S5;e{EYl(/v{)vD:l@CA`H,?06[~fWzE9#a;7[gi~3
2024-10-24 09:43:11 UTC	238	IN	Data Raw: e7 6c aa 8d f9 5f 7a 76 4e 0c 25 ba fc a6 91 39 48 2f 64 ed 82 a0 33 76 fc cd c8 72 b6 17 04 6a 4d 2a 2c b1 53 77 f4 d7 8b cd e6 ea f0 d1 a3 7f 8a 5b 1f 3b 4d 6e f1 b6 4d a2 7c ff 94 81 7a 6e 40 10 4f bb 03 d5 f2 09 ca 34 03 8b 57 85 84 04 97 51 85 6e 2d 75 65 a5 53 d0 5f 43 a3 e4 17 a1 5d 74 a4 21 d0 81 48 f8 b6 02 f4 12 9e c7 17 93 05 14 2b 2c 54 ba ac c1 53 56 b4 c7 54 be b4 20 b6 bb 1d 21 eb e2 56 14 fd 9c 8c aa 99 8f 13 b6 44 42 6f 97 65 c5 97 78 40 ec d3 c1 de 4e ed 7b aa bc 63 f2 6a 42 40 78 15 32 56 c2 1e 4f 34 49 1e 55 5e 6d b4 70 76 6c 0e c7 45 f4 a2 98 82 85 30 ee ea a4 c2 9e 45 1f 5b 9c 29 ca fc e8 a3 ca ee cc 0f 91 c1 e3 76 44 44 e4 34 2a 2f 51 c7 16 22 65 63 07 44 4e 8f 9e 14 49 3e e0 0d 0a Data Ascii: l_zvN%9H/d3vrjM,Sw[;MnM\|zn@O4WQn-ueS_C]t!H+,TSVT !VDBoex@N{cjB@x2VO4IU^mpvlE0E[)vDD4/Q"ecDNI>
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 04 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a be 0d 0a 30 30 30 30 30 30 30 31 0d 0a d0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 32 66 66 37 0d 0a 7e 82 61 4f 79 63 32 c2 9d f6 1e 37 d4 c0 04 4f 47 91 90 8f 3e da 02 86 55 b7 a6 9d d9 19 1e d1 04 c7 f0 ed 7a b6 fe 96 f6 9f c6 66 fe de 2d 96 d4 53 34 3c 32 6f 59 50 68 45 de 48 d6 df 23 26 57 6a 21 cc 30 db 6b f8 3d c4 aa 8c 1a 2b fc 92 42 99 19 b3 23 d4 ee 39 48 61 b3 54 63 7e bf 45 77 fe f6 68 b6 fa ab ed 30 29 ae 92 c4 ad ce 90 72 a2 72 4d 9d c7 54 14 df 71 d2 2b 0a ce 05 ce f9 80 fd Data Ascii: 00000001Q0000000100000001:0000000100000001000000010000000100000001.0000000102ff7~aOyc27OG>Uzf-S4<2oYPhEH#&Wj!0k=+B#9HaTc~Ewh0)rrMTq+
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 5c 21 74 d9 93 49 47 82 5d 29 9f 91 32 3e 89 b9 e1 f1 41 a0 fb 90 7e 1f 41 5e f6 c8 20 81 62 42 cb ef 49 23 3f af e7 cb 7f e1 89 69 25 71 d8 fa 83 72 30 d6 81 f3 7f 81 8f 23 b4 3d 25 65 57 98 fc 5e ea a2 22 de 57 c4 f4 0f 56 2b c3 5e 98 00 54 04 0b 29 27 38 ba 03 f2 06 62 1a 6f 4b cc 25 56 43 af d7 75 72 00 86 f4 79 91 24 b7 a5 ea e6 cb e5 37 09 27 1b cc 98 b9 62 53 8c fc 09 92 95 90 cd df b3 c3 53 65 1b b3 37 b6 50 4f 22 0e f9 7f 64 62 b8 55 19 25 e5 de a8 47 60 82 3d 9a d1 dc d9 e8 ff 4d 05 20 84 8c 3c c0 ef 06 a0 97 28 00 41 cd d2 c2 26 d8 8a b2 40 df 6c cc ab f2 9c 8e 84 ec 42 4f ea 48 5e cd d6 33 4b 47 7c eb de d2 fe cc 96 2a 6c 9d 03 ae 95 d9 79 3a 59 4f 61 02 19 ef 5f 5a 02 58 52 cb 78 5c 9e e3 06 a0 e0 0b a0 ec b5 77 66 cc 6e 1e 92 24 7f 17 dd 05 Data Ascii: \!tIG])2>A~A^ bBI#?i%qr0#=%eW^"WV+^T)'8boK%VCury$7'bSSe7PO"dbU%G`=M <(A&@lBOH^3KG\|*ly:YOa_ZXRx\wfn$
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 20 e3 0d 47 5a 76 36 1c 4e c0 6b 6f 24 ec f2 af f5 08 0a f3 61 cf 28 e8 f9 a8 33 1c f7 0c db 7d a7 31 48 a2 d3 1f 43 1c 60 80 29 81 bf 74 98 d0 6d 36 12 4c 52 87 49 67 d4 e5 25 e8 b6 dd 21 5f 99 fe 46 e3 76 af 93 8f 8d 9e 7a fd 74 1f 40 f2 91 d0 a6 a1 c8 6b 9e 64 0c cc aa ec df 80 d4 7c 90 0b a8 bd 81 88 14 98 00 fc e3 5c b4 20 fc 0c 07 49 1f 92 1c 83 94 51 9e 09 1c 83 6e 9a 64 92 4a 9f d2 4b de b5 ce f4 c7 7a 13 68 f3 4c 33 4b d3 4b a6 d6 ef 53 df 19 67 d9 31 cf 91 9f 80 26 1f f5 c1 20 80 61 4c 56 43 57 74 d8 cb 59 94 88 2a 85 29 84 fd 4e 77 c4 db e0 2c 1d e6 9d 11 34 9e 31 6d c8 20 2b d6 c8 c6 62 90 a4 9c cf 5a 4d 16 6b 45 60 08 45 ea 27 a7 80 a6 07 42 f4 a8 59 8a 84 20 a8 4d 42 c3 6c 9c 1d 31 01 ed 3f 4b f9 1c a5 cf 5d f2 2f c8 9c 6d d1 78 87 48 ea 57 Data Ascii: GZv6Nko$a(3}1HC`)tm6LRIg%!_Fvzt@kd\|\ IQndJKzhL3KKSg1& aLVCWtY*)Nw,41m +bZMkE`E'BY MBl1?K]/mxHW
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: 65 16 81 2a 13 9a 1c 9b b2 60 00 bb b0 de 16 d6 81 16 fa 49 5e 91 81 db 94 a0 80 45 bf e2 5b a3 14 fe 81 95 35 bc ad 45 7a c8 e1 03 92 59 b9 c0 e8 42 f4 43 c2 a2 26 f0 e5 85 a7 39 2f 02 cd 21 64 85 94 00 26 1a 12 9e 06 a6 d2 df 43 61 37 bf b0 e9 41 1e 40 41 06 19 02 42 eb c4 f9 4a ac da e4 08 53 f3 0e 20 52 7f 3f ed da db c2 f3 0b 86 b8 e8 75 5f 85 ee 44 1b 18 71 b2 75 46 b2 32 d4 1f 8b ed 56 ba 83 23 51 c4 68 52 28 21 55 7f c0 41 24 54 4c 07 1c fb fb b2 4c d4 81 4f b8 e8 02 9a d0 db 84 68 a0 7c 0c c7 f6 58 13 1b e2 80 82 8d ec 18 bb 49 6f 48 46 f4 89 ed c8 4f ea 11 27 e8 7e 91 31 16 36 a6 09 8f 71 17 a9 82 64 52 41 ff b4 07 80 24 19 89 82 d5 91 e4 11 ab 82 f2 9f e7 fc 19 25 48 de ec 54 14 68 54 08 07 9b 2f 6b a6 8f e1 1c 65 2d 16 06 92 10 95 fd 03 f8 85 Data Ascii: e*`I^E[5EzYBC&9/!d&Ca7A@ABJS R?u_DquF2V#QhR(!UA$TLLOh\|XIoHFO'~16qdRA$%HThT/ke-
2024-10-24 09:43:11 UTC	1408	IN	Data Raw: f6 50 43 29 35 e2 5c 7b 83 de 69 3f 8a d0 82 ad ac d6 df e7 1a f5 64 00 3d 0d 83 26 2c bb f0 59 8f cf 27 e7 27 3e b1 6a 55 98 7d 1f 65 90 e5 bc 9e e5 c1 24 29 22 2a 71 06 03 b6 1b 47 01 1a f5 4a ef 63 3c 42 9f 74 f5 4f 54 1a 45 2b 9b c1 f4 74 3a 3d df 7e bf 00 9f 60 8d cf c1 3f 11 e2 3a ce 84 be 8c d0 9b 2d c8 7a 9a 6d 7c 05 96 13 13 27 56 45 63 59 e1 93 da 46 a3 d5 87 8b ce c9 18 3a d4 bd 1a 41 ce 5a d5 85 32 aa e2 90 35 3d bf 5d ed fd ef 28 e7 53 98 aa 7c bf 62 cf 5d a0 6b 5c ba ec 9b 77 59 eb d8 9a 9e 9f 4c 03 22 82 e8 8c b7 2f 92 98 1c 38 c9 25 aa 6e 40 38 4c d6 4b 2e 1b a9 55 c4 51 a6 f9 74 1c e5 71 e8 ca aa da be 15 75 ad 44 d9 43 67 5a 49 23 ff 7f ed 6b 15 0c 68 e3 48 00 5c a3 f1 f1 f7 86 79 85 09 2b 95 ed f5 a5 ea b3 bb aa e7 70 0f e1 8d 3b 5e 7e Data Ascii: PC)5\{i?d=&,Y''>jU}e$)"*qGJc<BtOTE+t:=~`?:-zm\|'VEcYF:AZ25=](S\|b]k\wYL"/8%n@8LK.UQtquDCgZI#khH\y+p;^~
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 9f db 4f 7e 00 f3 f1 5e ab ea 71 dd 40 79 1c 35 03 79 35 c4 08 ed a6 16 b3 0c 1e 9b 19 b1 e7 e9 ba bd f3 70 e7 81 13 52 1d e0 35 62 76 a7 b9 0e f9 2a f5 71 05 6b cd ea ab 01 a4 56 45 4b b6 4d f4 69 a6 c5 59 70 56 ea 8d 49 4c 37 16 b1 03 7f 87 06 ac 84 68 19 5f 2f e3 7c 1e 16 92 be ac d4 da ee 63 4f 0b 9f cf 5d ef cb b3 31 d2 dd 79 33 ea 8e bb fc 1b f7 77 50 0a 92 74 95 99 9a 29 60 f2 af 66 4b d7 16 57 09 99 7c 1b 1c 02 87 03 8d 2a 9c eb 28 da 95 02 4d 9f 80 f3 67 30 b0 83 87 f2 0f 9e 48 b4 ae cc 8a 8d c0 ae 4f 7f 5b 8a 34 6f cd 56 16 60 db 76 5f 4b f3 67 fa 7d e8 57 4e b4 ec f7 f9 6c b5 e6 83 05 17 b3 f9 59 f5 79 c7 db ec 5b aa d7 44 ae db 26 9c fa 8c 42 5b 1d 8e b8 1b ea b1 51 85 c0 3e 3c f3 ba bf 73 d7 3a f6 b4 0a ab aa d7 dc 54 c4 6e 0d a7 bb e0 34 88 Data Ascii: O~^q@y5y5pR5bvqkVEKMiYpVIL7h_/\|cO]1y3wPt)`fKW\|(Mg0HO[4oV`v_Kg}WNlYy[D&B[Q><s:Tn4

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.16	49782	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:11 UTC	558	OUT	GET /gui/vt-ui-shell-extra-deps.2f0832bf9cf1fc541ba6.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: a701ef1e8bb62d51ed7942d1e4b88494 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:00:04 GMT Expires: Sat, 18 Oct 2025 10:00:04 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517388 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	1058	IN	Data Raw: 30 30 30 30 31 0d 0a 1f 0d 0a 30 66 66 66 0d 0a 8b 08 00 00 00 00 00 02 ff ec 7d 69 77 db 46 b2 f6 f7 fc 0a 18 49 7c 80 09 00 91 d4 4e 19 56 bc de 68 e2 6d bc 24 93 28 7a 65 88 6c 92 88 48 80 01 40 c9 b2 cc fb db ef 53 d5 dd 40 03 04 65 c5 93 39 ef 97 9c 93 d8 20 d0 4b 75 75 ed 55 dd b6 17 b9 b0 f2 22 8b 07 85 7d e0 e4 62 3a 0a 2e c5 d9 3c 1a 9c 3f 9a 2c 92 f3 8b e2 74 11 9f ce a2 38 09 6f f8 f6 e9 d3 f1 89 1b cc 17 f9 c4 39 3e de d9 df db de f6 ba 3b bb db bb de d6 ce e6 de f6 89 77 bd bf bd bf d3 e9 3b c2 2b bc c4 0d ef 5f 27 c1 d0 29 bc eb e7 7d 07 bf 06 4b f7 e0 22 ca ac 2c 4c 9c ad bd dd ce 96 eb e5 78 ec ee ec 6c 6d bb 5e cc 6f 77 76 77 dc 83 a9 28 ac d4 8b bc 69 28 c2 fb 82 fb 0c c3 d1 22 19 14 71 9a c8 c1 bd cc bd a6 b1 72 f4 8b b2 f1 62 26 92 22 Data Ascii: 000010fff}iwFI\|NVhm$(zelH@S@e9 KuuU"}b:.<?,t8o9>;w;+_')}K",Lxlm^owvw(i("qrb&"
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: c5 cc b6 26 22 1e 4f 0a f5 e3 22 16 97 0f d3 0f a1 dd b1 3a 56 6f 0b ff d9 d6 28 86 02 b3 93 34 11 b6 f5 61 36 4d f2 d0 9e 14 c5 bc bf b1 71 79 79 19 5c 6e 06 69 36 de e8 75 3a 9d 0d 0c 6d df ff ea de 1c 04 c2 bd fc 6c 31 15 a1 2d 20 14 d3 e1 d0 b6 06 d3 78 de 7c 37 0c ed e7 3d 6b 33 d8 7e d6 ed 04 7b 3b db 5d ab db 0b 36 f1 f7 b3 9e d5 eb 06 bd cd 4e ef 87 5e ef 27 34 f8 a1 f7 ab 06 e6 eb cd c7 bb bb 4f b7 ed 0d cc 46 b3 de ff ea ab af 20 a8 0e 0a 28 bc 51 b4 98 16 61 be f4 76 f6 f6 77 76 57 90 7a 90 38 fb 7b fb 5d 6c 96 b3 b3 b3 bb b5 57 59 03 bd de de be b2 06 b6 77 60 19 68 6b 80 6d 84 b4 b2 11 22 3c ee 6d 63 c1 2e 6c 03 20 7b bb b7 85 e1 86 78 dc 47 bf 3d d7 1b d0 db ad ce 76 cf f5 e6 78 dc ed 76 ba 78 5c d0 e3 fe fe 1e a6 98 50 83 9d 9d ce ae dc bd Data Ascii: &"O":Vo(4a6Mqyy\ni6u:ml1- x\|7=k3~{;]6N^'4OF (QavwvWz8{]lWYw`hkm"<mc.l {xG=vxvx\P
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: da 2c 0a f1 54 49 46 29 4d 48 32 ea f6 e5 66 d5 da 83 97 59 b1 1b ed 97 2d 36 b8 0e 69 7d 66 75 44 38 ac 31 7c 36 fa 04 cc 7f 77 79 aa 40 2b a7 2a 37 f7 8e 23 23 d1 82 6d 62 08 fb b2 6d b9 0c 65 3f af 48 76 ec 94 24 10 65 c2 bc ff 06 ae c5 28 ce f2 82 f4 c2 12 da 9a 2c 56 f5 eb fd a7 4f b0 ef 86 cb d3 86 c4 85 fe d0 74 66 01 86 36 ce 7b 4f 28 dc 40 50 6d f9 1e d0 a1 7f 4d fa 96 2b 59 d7 dd d6 a2 d9 46 ef ba e0 bd 25 4a 59 fa 92 22 36 31 1a e7 0f 10 f3 bf 10 2a a1 a0 78 e5 8e 73 87 30 59 e0 ff e4 ee dd 0e 74 53 02 45 25 8e 93 13 f6 2c 10 f1 2f f8 61 b9 2a 93 34 30 ad 5b 2f 45 52 a5 a5 65 f7 32 4e a5 6c ca 86 8e 53 30 d9 b0 a7 26 05 25 06 28 38 5e b2 8b e9 3b 9c 43 e9 9c b3 d2 89 ea 1a 03 ba 60 9d 69 f1 18 6e 29 49 fd 59 dd 6c d2 66 85 8c 34 02 f7 0c 94 23 Data Ascii: ,TIF)MH2fY-6i}fuD81\|6wy@+7##mbme?Hv$e(,VOtf6{O(@PmM+YF%JY"61xs0YtSE%,/a*40[/ERe2NlS0&%(8^;C`in)IYlf4#
2024-10-24 09:43:12 UTC	239	IN	Data Raw: 3a 3f 50 b3 43 30 73 be c7 80 20 6b 81 20 d3 10 64 26 04 08 1a 91 9a 79 2d 90 ce cc 11 ac 91 23 79 d5 64 ab 89 50 11 40 29 fc 9c 41 51 50 49 17 c2 33 9c a7 04 61 2c a9 08 e2 b9 f7 b6 b2 9e 1f 7a 2f fe b6 9f ff 22 fb f9 8f f0 61 c3 82 8e cd 5a 3d f2 d5 50 58 07 a7 f0 55 96 8e 33 04 21 a9 50 ec a1 0e e1 eb 97 aa a0 06 d1 c2 75 9f 88 5d b9 3f 82 97 a4 91 42 f8 da e0 a4 75 86 77 b3 75 c7 5b 37 30 8b d9 ca 56 29 ab fe 74 ea f7 39 24 ea f3 f0 2d 59 29 23 9f b5 bc aa ce b1 02 fa a5 25 60 9c c3 3a 40 61 5c a3 11 67 74 df bf 63 13 9e 52 11 90 a4 2c d6 1b f0 2d bf 85 bd b4 3c 78 b1 46 84 55 ee fa 1f a6 d8 6a 0c 52 89 20 da 14 3d 56 bb 10 02 af 40 c0 4b 8c 92 14 fa 43 4a a1 8f 90 37 a8 8f ed aa 12 d7 5f bd 7f 79 0d 0a Data Ascii: :?PC0s k d&y-#ydP@)AQPI3a,z/"aZ=PXU3!Pu]?Buwu[70V)t9$-Y)#%`:@a\gtcR,-<xFUjR =V@KCJ7_y
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 48 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 30 30 30 30 31 0d 0a d1 0d 0a 30 30 30 30 30 30 30 31 0d 0a d5 0d 0a 30 30 30 30 30 30 30 31 0d 0a a5 0d 0a 30 30 30 30 30 30 30 31 0d 0a d6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 30 30 30 30 30 30 31 0d 0a 64 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 75 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2b 0d 0a 30 30 30 30 30 31 0d 0a 4a 0d 0a 31 38 61 30 0d 0a bc ae 8b ec Data Ascii: 00000001?00000001{00000001?00000001z00000001?00000001H000000010000000100000001000000010000000100000001/0000000100000001d0000000100000001C00000001u00000001+000001J18a0
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 22 b0 80 81 c5 a9 9c 34 3f 8f e7 4f 29 f1 4e 21 fc 97 88 91 e0 6f 80 cf 21 5a d2 a0 ec 78 70 66 fe 0d 56 86 78 ea 11 8a 74 62 d8 13 1f 0d 40 10 40 78 f2 41 0c 16 b0 37 43 32 3e 9e c9 6e aa e4 ea 5f 54 5d fc 2a ca a2 59 0e f3 50 ad 55 8e 42 48 84 5b 86 53 29 38 b6 c7 41 3b fb e6 63 55 b5 1a ea 8f 94 48 31 8e 12 c9 73 4a d5 0b ef d8 a6 70 3b 95 14 20 89 11 a3 94 c5 dc 1b fb 24 c8 11 25 74 20 17 a1 bf e9 10 12 98 5b 9f 3f d2 fd d4 71 a4 66 5f f5 5a 4e f5 1c 05 20 54 e3 08 db 01 ea 18 05 55 24 0d 1f a0 0e b1 38 1a 56 46 1e 23 b2 4e 36 87 f6 5e b4 b9 d5 19 74 77 fc d1 d6 ee c8 df da 3d db f2 f7 77 87 91 bf bd 19 89 bd c1 60 6b 6b b0 d7 b1 65 69 09 aa bc 69 40 b5 de 6a 4e 49 c8 16 ea c1 a9 7c 0e 00 bc 42 cb b7 71 41 87 9e bc 22 bc 8e 73 5d b9 21 c7 a9 7e 7b 58 Data Ascii: "4?O)N!o!ZxpfVxtb@@xA7C2>n_T]*YPUBH[S)8A;cUH1sJp; $%t [?qf_ZN TU$8VF#N6^tw=w`kkeii@jNI\|BqA"s]!~{X
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 53 1b c8 f7 72 ed d2 e6 22 99 5c 5f 7a 5d 00 91 3c 30 25 8f cc ee f0 71 7e ed c2 69 9c 95 3b 10 80 fc b2 e2 85 b8 6c 18 3f 4d 17 44 42 63 74 6b cb 88 92 d9 1a 9b 1e 98 bb 6c 13 ec 55 b6 98 4d 59 1d a4 6c 88 70 9c b1 d3 92 98 14 46 a5 19 56 ad da d2 98 47 50 68 c5 6a a6 fa 7d 9c 3e 27 6b e1 2a 16 a8 b9 41 98 b7 52 ce e4 ae a3 84 26 10 1c d3 ae a9 e9 5b 4f df 36 2b 84 33 14 0a 66 5a 4b bc 3a 4a cf 34 89 5c 89 f2 a1 95 1f 6f 96 42 ff 0c 59 fe 33 c9 72 9c fe c3 7d 20 f7 bf 8f 51 f8 0f 16 44 fa db d9 d8 18 c1 d9 c9 83 71 9a 42 6b 47 73 ec 00 4a 11 36 e8 4c e1 e1 28 9a c5 d3 2b ba 06 41 64 70 ad bf a3 52 8f dc 3d c0 c1 2b 1e c6 ba c7 f2 ce a2 a4 43 68 b3 9e b7 48 29 d0 13 b3 19 8a 2c 98 e7 50 51 c1 52 56 4b 44 5d 47 22 6d 7c 79 80 09 29 8f 7e 79 c8 49 2d 7a 95 Data Ascii: Sr"\_z]<0%q~i;l?MDBctklUMYlpFVGPhj}>'k*AR&[O6+3fZK:J4\oBY3r} QDqBkGsJ6L(+AdpR=+ChH),PQRVKD]G"m\|y)~yI-z
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 89 7c 7c 2c 28 21 2f 65 72 5b ac 3b 85 73 e2 a4 22 8c 04 42 24 d2 94 a7 ab 4c a7 d1 95 4f 71 ea 21 2a ab 38 b0 a1 7f d8 f0 2b 10 1b c6 dd 09 3e ea 14 8b 68 de 3c 32 c2 47 a0 28 14 22 8f cb f2 79 26 f3 aa d1 f2 b0 4f fb 64 55 e4 92 27 a9 d5 12 fc 97 af 25 95 e8 ad dd 0c aa ee eb d4 8b e7 d3 77 b0 18 a1 78 5a ae e1 94 0b c6 c9 20 9c 23 ab 2e f7 94 a3 c2 05 83 51 d0 97 19 af 95 86 fa 56 4e dd 76 cd 04 25 18 8c 1a f8 08 ae b7 83 2b dc a0 f9 90 d1 52 5a a9 14 22 0a fd 90 20 c3 9a 6e 52 ef 4b f1 b1 da 53 4f 43 02 a3 de b7 fc b2 da 1b da 8f 4a f0 20 88 57 14 5b 7d 0c b5 c6 72 04 ba 35 4f 03 df 2e bb cc 95 90 f8 da de df c5 fd 8b 38 6b 8d 2b 17 71 b4 86 6e 64 44 a9 3b 3d 6c 77 77 7b 5d 1c e4 e4 6b 17 8d 4b 21 49 d4 d1 55 d0 7b fb db 5b bb 7c 15 34 92 9d b8 c6 83 Data Ascii: \|\|,(!/er[;s"B$LOq!*8+>h<2G("y&OdU'%wxZ #.QVNv%+RZ" nRKSOCJ W[}r5O.8k+qndD;=lww{]kK!IU{[\|4
2024-10-24 09:43:12 UTC	925	IN	Data Raw: b0 67 e7 71 e1 9b c4 5e 7b a7 88 7e 33 f7 2c 25 c5 40 d4 9b 06 0b 30 49 d7 39 a4 b5 71 29 03 25 3b af 4c 62 b0 d1 2f 8e cf e2 55 ae b0 8d c0 1b 2d c8 c8 df d6 c2 cf 10 3f f8 b7 20 94 12 92 3e 67 60 6e 28 79 f9 ca f9 2c 61 53 f2 d9 44 0a 21 a0 06 9b 62 2d ab 12 0a 6d 9f c1 c0 75 ce e3 a3 ee 5f c6 79 38 f7 8a c0 c0 de de ce 3e 9d 75 4f b5 ff 3f 0d 62 27 42 e8 cc 9b ae 06 02 ae b5 a4 88 13 18 99 a8 9c 61 15 e8 fb 66 04 5a c6 8f 65 75 aa 76 4e b7 f6 08 8d 37 b4 d3 74 bf 4d 62 f3 a6 86 75 42 86 20 44 04 c9 ea d2 1f 5f d3 b6 74 3a bd 9d 66 77 45 98 f2 2e 51 a6 e0 1a 37 22 ec 50 da 5f 0d 08 75 cf d6 4e 2c 40 14 fb ae e9 a7 c6 d5 5a b7 94 54 9f 9b af 0a 83 b4 ce 5c 7d 6e 9f 1e 6a 57 17 9b 72 35 d2 ca fc a5 ec 6b c0 5d 56 70 56 82 ae cd 4a 5d d7 ab 15 d8 75 73 49 Data Ascii: gq^{~3,%@0I9q)%;Lb/U-? >g`n(y,aSD!b-mu_y8>uO?b'BafZeuvN7tMbuB D_t:fwE.Q7"P_uN,@ZT\}njWr5k]VpVJ]usI
2024-10-24 09:43:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.16	49783	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	375	OUT	GET /ui/user_notifications HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	225	IN	HTTP/1.1 429 Too Many Requests Content-Type: application/json X-Cloud-Trace-Context: 1d36a006b4a8f9ab6d16b6a2bdbf014c Date: Thu, 24 Oct 2024 09:43:12 GMT Server: Google Frontend Content-Length: 153 Connection: close
2024-10-24 09:43:12 UTC	153	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 20 7b 22 63 6f 64 65 22 3a 20 22 52 65 63 61 70 74 63 68 61 52 65 71 75 69 72 65 64 45 72 72 6f 72 22 2c 20 22 6d 65 73 73 61 67 65 22 3a 20 22 50 6c 65 61 73 65 20 72 65 2d 73 65 6e 64 20 72 65 71 75 65 73 74 20 77 69 74 68 20 61 20 76 61 6c 69 64 20 72 65 43 41 50 54 43 48 41 20 72 65 73 70 6f 6e 73 65 20 69 6e 20 74 68 65 20 5c 22 78 2d 72 65 63 61 70 74 63 68 61 2d 72 65 73 70 6f 6e 73 65 5c 22 20 68 65 61 64 65 72 22 7d 7d Data Ascii: {"error": {"code": "RecaptchaRequiredError", "message": "Please re-send request with a valid reCAPTCHA response in the \"x-recaptcha-response\" header"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.16	49786	142.250.113.139	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	372	OUT	GET /analytics.js HTTP/1.1 Host: www.google-analytics.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	932	IN	HTTP/1.1 200 OK Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} Server: Golfe2 Date: Thu, 24 Oct 2024 08:22:38 GMT Expires: Thu, 24 Oct 2024 10:22:38 GMT Cache-Control: public, max-age=7200 Age: 4834 Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT Content-Type: text/javascript Vary: Accept-Encoding Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	446	IN	Data Raw: 38 30 30 30 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 76 61 72 20 6e 3d 74 68 69 73 7c 7c 73 65 6c 66 2c 70 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 76 61 72 20 63 3d 6e 3b 61 5b 30 5d 69 6e 20 63 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 63 2e 65 78 65 63 53 63 72 69 70 74 7c 7c 63 2e 65 78 65 63 53 63 72 69 70 74 28 22 76 61 72 20 22 2b 61 5b 30 5d 29 3b 66 6f 72 28 76 61 72 20 64 3b 61 2e 6c 65 6e 67 74 68 26 26 28 64 3d 61 2e 73 68 Data Ascii: 8000(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.sh
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 53 54 55 56 57 58 59 5a 22 3b 61 2b 3d 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2b 22 30 31 32 33 34 35 36 37 38 39 2d 5f 22 3b 72 65 74 75 72 6e 20 61 2b 22 2e 22 7d 76 61 72 20 72 2c 76 3b 0a 66 75 6e 63 74 69 6f 6e 20 61 61 28 61 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 6b 29 7b 66 6f 72 28 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 6d 3d 61 2e 63 68 61 72 41 74 28 64 2b 2b 29 2c 6c 3d 76 5b 6d 5d 3b 69 66 28 6e 75 6c 6c 21 3d 6c 29 72 65 74 75 72 6e 20 6c 3b 69 66 28 21 2f 5e 5b 5c 73 5c 78 61 30 5d 2a 24 2f 2e 74 65 73 74 28 6d 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 55 6e 6b 6e 6f 77 6e 20 62 61 73 65 36 34 20 65 6e 63 6f 64 69 6e 67 20 61 74 20 63 68 61 72 3a 20 22 2b 6d 29 3b 7d 72 65 74 75 72 6e 20 6b 7d 72 3d 72 7c 7c 75 28 29 Data Ascii: STUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u()
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 67 6c 65 5f 74 61 67 5f 64 61 74 61 3b 47 2e 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 3d 76 6f 69 64 20 30 3d 3d 3d 62 3f 61 3a 62 3b 72 65 74 75 72 6e 20 47 2e 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 7d 2c 4c 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 49 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3f 49 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 61 2c 62 2c 21 31 29 3a 49 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 49 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 22 2b 61 2c 62 29 7d 3b 76 61 72 20 64 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 4d 28 29 3b 62 2e 70 65 6e 64 69 6e 67 7c 7c 28 62 2e 70 65 6e 64 69 6e 67 3d 5b 5d 29 3b 63 61 28 62 2e 70 65 6e 64 69 6e 67 2c 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 Data Ascii: gle_tag_data;G.google_tag_data=void 0===b?a:b;return G.google_tag_data},L=function(a,b){I.addEventListener?I.addEventListener(a,b,!1):I.attachEvent&&I.attachEvent("on"+a,b)};var da=function(a){var b=M();b.pending\|\|(b.pending=[]);ca(b.pending,function(c){r
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 61 6d 65 3a 22 2f 22 2b 61 2e 70 61 74 68 6e 61 6d 65 3b 61 3d 61 2e 73 70 6c 69 74 28 22 2f 22 29 3b 30 3c 3d 5b 5d 2e 69 6e 64 65 78 4f 66 28 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 29 26 26 28 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 3d 22 22 29 3b 61 3d 61 2e 6a 6f 69 6e 28 22 2f 22 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 71 75 65 72 79 22 3a 61 3d 61 2e 73 65 61 72 63 68 2e 72 65 70 6c 61 63 65 28 22 3f 22 2c 22 22 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 65 78 74 65 6e 73 69 6f 6e 22 3a 61 3d 0a 61 2e 70 61 74 68 6e 61 6d 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 61 3d 31 3c 61 2e 6c 65 6e 67 74 68 3f 61 5b 61 2e 6c 65 6e 67 74 68 2d 31 5d 3a 22 22 3b 61 3d 61 2e 73 70 6c 69 74 28 22 2f 22 29 5b 30 5d 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 66 72 61 67 Data Ascii: ame:"/"+a.pathname;a=a.split("/");0<=[].indexOf(a[a.length-1])&&(a[a.length-1]="");a=a.join("/");break;case "query":a=a.search.replace("?","");break;case "extension":a=a.pathname.split(".");a=1<a.length?a[a.length-1]:"";a=a.split("/")[0];break;case "frag
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 67 3d 68 2e 70 6c 61 63 65 6d 65 6e 74 2c 76 6f 69 64 20 30 3d 3d 67 26 26 28 67 3d 68 2e 66 72 61 67 6d 65 6e 74 3f 32 3a 31 29 2c 67 3d 3d 3d 62 26 26 7a 28 65 2c 68 2e 63 61 6c 6c 62 61 63 6b 28 29 29 29 7d 72 65 74 75 72 6e 20 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 54 28 29 7b 76 61 72 20 61 3d 4b 28 29 2c 62 3d 61 2e 67 6c 3b 62 26 26 62 2e 64 65 63 6f 72 61 74 6f 72 73 7c 7c 28 62 3d 7b 64 65 63 6f 72 61 74 6f 72 73 3a 5b 5d 7d 2c 61 2e 67 6c 3d 62 29 3b 72 65 74 75 72 6e 20 62 7d 3b 76 61 72 20 6a 61 3d 2f 28 2e 2a 3f 29 5c 2a 28 2e 2a 3f 29 5c 2a 28 2e 2a 29 2f 2c 6b 61 3d 2f 28 5b 5e 3f 23 5d 2b 29 28 5c 3f 5b 5e 23 5d 2a 29 3f 28 23 2e 2a 29 3f 2f 3b 66 75 6e 63 74 69 6f 6e 20 57 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 52 65 67 45 78 70 28 22 Data Ascii: g=h.placement,void 0==g&&(g=h.fragment?2:1),g===b&&z(e,h.callback()))}return e};function T(){var a=K(),b=a.gl;b&&b.decorators\|\|(b={decorators:[]},a.gl=b);return b};var ja=/(.?)\(.?)\(.)/,ka=/([^?#]+)(\?[^#])?(#.*)?/;function W(a){return new RegExp("
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 67 2c 22 20 22 29 29 7b 65 3d 68 2e 73 6c 69 63 65 28 31 29 2e 6a 6f 69 6e 28 22 3d 22 29 3b 62 72 65 61 6b 20 61 7d 7d 65 3d 76 6f 69 64 20 30 7d 62 2e 71 75 65 72 79 3d 6e 61 28 65 7c 7c 22 22 29 7c 7c 7b 7d 3b 65 3d 51 28 63 2c 22 66 72 61 67 6d 65 6e 74 22 29 3b 66 3d 65 2e 6d 61 74 63 68 28 57 28 22 5f 67 6c 22 29 29 3b 62 2e 66 72 61 67 6d 65 6e 74 3d 6e 61 28 66 26 26 66 5b 33 5d 7c 7c 22 22 29 7c 7c 7b 7d 3b 61 26 26 6f 61 28 63 2c 64 2c 65 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 61 28 61 2c 62 29 7b 69 66 28 61 3d 57 28 61 29 2e 65 78 65 63 28 62 29 29 7b 76 61 72 20 63 3d 61 5b 32 5d 2c 64 3d 61 5b 34 5d 3b 62 3d 61 5b 31 5d 3b 64 26 26 28 62 3d 62 2b 63 2b 64 29 7d 72 65 74 75 72 6e 20 62 7d 0a 66 75 6e 63 74 69 6f 6e 20 6f 61 28 61 2c 62 2c 63 Data Ascii: g," ")){e=h.slice(1).join("=");break a}}e=void 0}b.query=na(e\|\|"")\|\|{};e=Q(c,"fragment");f=e.match(W("_gl"));b.fragment=na(f&&f[3]\|\|"")\|\|{};a&&oa(c,d,e)}}function pa(a,b){if(a=W(a).exec(b)){var c=a[2],d=a[4];b=a[1];d&&(b=b+c+d)}return b}function oa(a,b,c
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 3d 3d 63 2e 74 61 67 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 72 65 74 75 72 6e 20 5a 28 61 2c 62 2c 63 2c 64 29 3b 69 66 28 22 66 6f 72 6d 22 3d 3d 3d 63 2e 74 61 67 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 72 65 74 75 72 6e 20 73 61 28 61 2c 62 2c 63 29 7d 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 63 29 72 65 74 75 72 6e 20 59 28 61 2c 62 2c 63 2c 64 29 7d 66 75 6e 63 74 69 6f 6e 20 5a 28 61 2c 62 2c 63 2c 64 29 7b 63 2e 68 72 65 66 26 26 28 61 3d 59 28 61 2c 62 2c 63 2e 68 72 65 66 2c 76 6f 69 64 20 30 3d 3d 3d 64 3f 21 31 3a 64 29 2c 43 2e 74 65 73 74 28 61 29 26 26 28 63 2e 68 72 65 66 3d 61 29 29 7d 0a 66 75 6e 63 74 69 6f 6e 20 73 61 28 61 2c 62 2c 63 29 7b 69 66 28 63 26 26 63 2e 61 63 74 69 6f 6e Data Ascii: ==c.tagName.toLowerCase())return Z(a,b,c,d);if("form"===c.tagName.toLowerCase())return sa(a,b,c)}if("string"==typeof c)return Y(a,b,c,d)}function Z(a,b,c,d){c.href&&(a=Y(a,b,c.href,void 0===d?!1:d),C.test(a)&&(c.href=a))}function sa(a,b,c){if(c&&c.action
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 29 2c 61 26 26 7a 28 63 2c 62 2e 66 72 61 67 6d 65 6e 74 29 3b 72 65 74 75 72 6e 20 63 7d 29 3b 0a 70 28 22 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 2e 74 63 42 72 69 64 67 65 2e 72 65 67 69 73 74 65 72 55 61 22 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 61 2b 22 5f 22 2b 62 3b 76 61 72 20 63 3d 4d 28 29 2c 64 3d 63 2e 64 65 73 74 69 6e 61 74 69 6f 6e 5b 61 5d 3b 64 3f 28 64 2e 73 74 61 74 65 3d 32 2c 64 2e 63 6f 6e 74 61 69 6e 65 72 73 3d 5b 5d 2c 64 2e 64 65 73 74 69 6e 61 74 69 6f 6e 73 3d 5b 62 5d 29 3a 63 2e 64 65 73 74 69 6e 61 74 69 6f 6e 5b 61 5d 3d 7b 73 74 61 74 65 3a 32 2c 63 6f 6e 74 61 69 6e 65 72 73 3a 5b 5d 2c 64 65 73 74 69 6e 61 74 69 6f 6e 73 3a 5b 62 5d 7d 7d 29 3b 70 28 22 67 6f 6f 67 6c 65 5f 74 61 67 5f 64 61 74 61 2e 74 Data Ascii: ),a&&z(c,b.fragment);return c});p("google_tag_data.tcBridge.registerUa",function(a,b){a=a+"_"+b;var c=M(),d=c.destination[a];d?(d.state=2,d.containers=[],d.destinations=[b]):c.destination[a]={state:2,containers:[],destinations:[b]}});p("google_tag_data.t
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 62 5b 63 5d 3d 62 5b 63 5d 7c 7c 61 2e 43 5b 63 5d 3b 72 65 74 75 72 6e 28 6e 65 77 20 24 63 28 62 29 29 2e 65 6e 63 6f 64 65 28 29 7d 2c 44 64 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 67 65 74 28 47 64 29 3b 6b 61 28 61 29 7c 7c 28 61 3d 5b 5d 29 3b 72 65 74 75 72 6e 20 61 7d 3b 76 61 72 20 65 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 61 7d 2c 6b 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 22 5b 6f 62 6a 65 63 74 20 41 72 72 61 79 5d 22 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 28 61 29 29 7d 2c 71 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 Data Ascii: b[c]=b[c]\|\|a.C[c];return(new $c(b)).encode()},Dd=function(a){a=a.get(Gd);ka(a)\|\|(a=[]);return a};var ea=function(a){return"function"==typeof a},ka=function(a){return"[object Array]"==Object.prototype.toString.call(Object(a))},qa=function(a){return void 0!
2024-10-24 09:43:12 UTC	1378	IN	Data Raw: 65 73 74 28 67 29 26 26 28 65 3d 27 20 6e 6f 6e 63 65 3d 22 27 2b 67 2b 27 22 27 29 2c 66 2e 74 65 73 74 28 61 29 26 26 4d 2e 77 72 69 74 65 28 66 66 2e 63 72 65 61 74 65 48 54 4d 4c 28 22 3c 73 63 72 69 70 74 22 2b 64 2b 65 2b 27 20 73 72 63 3d 22 27 2b 61 2b 27 22 3e 5c 78 33 63 2f 73 63 72 69 70 74 3e 27 29 29 29 3a 28 63 3d 4d 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 2c 63 2e 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 2c 63 2e 61 73 79 6e 63 3d 21 30 2c 63 2e 73 72 63 3d 66 66 2e 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 28 61 29 2c 64 26 26 28 63 2e 6f 6e 6c 6f 61 64 3d 64 29 2c 65 26 26 28 63 2e 6f 6e 65 72 72 6f 72 3d 65 29 2c 62 26 26 28 63 2e 69 64 3d 62 29 2c 67 26 26 63 2e 73 65 74 41 74 Data Ascii: est(g)&&(e=' nonce="'+g+'"'),f.test(a)&&M.write(ff.createHTML("<script"+d+e+' src="'+a+'">\x3c/script>'))):(c=M.createElement("script"),c.type="text/javascript",c.async=!0,c.src=ff.createScriptURL(a),d&&(c.onload=d),e&&(c.onerror=e),b&&(c.id=b),g&&c.setAt

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.16	49788	142.251.116.95	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	531	OUT	GET /v1/pages/ChRDaHJvbWUvMTE0LjAuNTczNS45MBIQCXGeWqiY4LsDEgUNU1pHxQ==?alt=proto HTTP/1.1 Host: content-autofill.googleapis.com Connection: keep-alive X-Goog-Encode-Response-If-Executable: base64 X-Goog-Api-Key: dummytoken X-Client-Data: CPTfygE= Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	409	IN	HTTP/1.1 400 Bad Request Vary: X-Origin Vary: Referer Content-Type: application/x-protobuf Date: Thu, 24 Oct 2024 09:43:12 GMT Server: ESF Cache-Control: private X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Origin,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	172	IN	Data Raw: 61 36 0d 0a 08 03 12 2f 41 50 49 20 6b 65 79 20 6e 6f 74 20 76 61 6c 69 64 2e 20 50 6c 65 61 73 65 20 70 61 73 73 20 61 20 76 61 6c 69 64 20 41 50 49 20 6b 65 79 2e 1a 71 0a 28 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 6f 6f 67 6c 65 2e 72 70 63 2e 45 72 72 6f 72 49 6e 66 6f 12 45 0a 0f 41 50 49 5f 4b 45 59 5f 49 4e 56 41 4c 49 44 12 0e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 1a 22 0a 07 73 65 72 76 69 63 65 12 17 61 75 74 6f 66 69 6c 6c 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 0d 0a Data Ascii: a6/API key not valid. Please pass a valid API key.q(type.googleapis.com/google.rpc.ErrorInfoEAPI_KEY_INVALIDgoogleapis.com"serviceautofill.googleapis.com
2024-10-24 09:43:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.16	49789	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	541	OUT	GET /gui/25076.f1d5707846ec1ba9ed7f.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 9f7b75895c418b2a01a37a4926808bdd Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:48:00 GMT Expires: Sat, 18 Oct 2025 09:48:00 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518112 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 31 0d 0a ff 0d 0a 34 30 61 0d 0a 7c 94 dd 6e e3 36 10 85 ef fb 14 ac da 1a 64 21 2b b2 e3 bf 48 a1 53 20 6d 81 00 db 6e b1 c0 de 34 30 76 29 69 24 73 43 93 2a 49 29 f1 da 7a f7 8e 64 3b 6d 11 a0 57 1a 49 43 ce 99 c3 6f 18 34 0e 88 f3 56 e6 3e 48 a9 03 55 46 cf 90 d5 22 7f ba df 36 fa a9 f5 9f 1a f9 69 27 a4 e6 ff f3 ef 78 7c dc b0 a8 6e dc 96 3e 3e 4e e7 f1 72 b1 09 0f d3 c5 cd 3c a1 10 fa 50 33 be 3e e8 c8 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010140a\|n6d!+HS mn40v)i$sC*I)zd;mWICo4V>HUF"6i'x\|n>>Nr<P3>
2024-10-24 09:43:12 UTC	107	IN	Data Raw: 8d f5 db 07 1c 10 6c 25 6d 79 4d 1f f1 e8 4c 94 9f 98 56 d0 5f 4f 8c 06 ca 54 3d d4 ad 84 e7 80 6d c2 96 85 1e ef 89 52 34 ca f3 b6 eb 36 2c fd e6 ea ea 3b e2 70 bb 1c 7e 43 f8 b0 f4 c7 0f ef f8 70 eb 47 e5 a4 98 2f e3 e5 6a b6 80 7c 92 89 1b 28 96 65 f4 c5 45 3b 51 ff 0d 00 00 ff ff 03 00 83 b8 5d ba 69 06 00 00 0d 0a Data Ascii: l%myMLV_OT=mR46,;p~CpG/j\|(eE;Q]i
2024-10-24 09:43:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.16	49790	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	541	OUT	GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 8fc60ecfcda9cd830113993c1d741e75 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:11:03 GMT Expires: Sat, 18 Oct 2025 13:11:03 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 505929 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 31 0d 0a 00 0d 0a 30 66 66 38 0d 0a 02 ff ec bd 09 77 dd c7 71 b7 f9 55 ae 39 b1 43 24 00 74 f7 05 34 ec e8 45 32 43 9f a1 12 1f 3b d1 3b af 3c 3e 09 96 4b 12 11 08 60 b0 90 a2 69 7e f7 79 7e d5 5d cb 05 40 6a b5 e5 99 23 cb 12 aa eb 56 6f d5 d5 d5 d5 d5 d5 fd 7f 7c bd 3e 7b be fb 66 7d 74 79 78 fc e5 c1 cb db f3 2f 5f df fc e7 ed e9 7f be 3a 3c 3d df ff c8 6f 7f fe f3 1f fe b8 b5 7b 79 7b fd f2 f1 1f fe 30 99 8f 67 93 3f 6e bf b3 bf 7b 8f 0f b6 d7 db 57 5b fb bf 7a f7 e8 f6 7a 3d Data Ascii: 000000010000000100000001000000010000000100000001000000010010ff8wqU9C$t4E2C;;<>K`i~y~]@j#Vo\|>{f}tyx/_:<=o{y{0g?n{W[zz=
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 5f 6f d4 e2 ad f3 86 3c ee f5 1c 9f ad 0f af a2 26 ab c3 9b d2 cb f3 e4 7e 9b 4b 5b ef 6f 6d 5c 0f 5e 9e 9e 9d 5c ad cf e1 6c 9b b7 5f 3f 1b ff fc e7 83 5d 94 ed bf 1c 1e bf 7c cc a4 fd d5 bb 83 dd 9b 8b 9b c3 b3 df dc ac 5f 5d d7 39 ec ab c6 c1 ee e6 9c 6f 72 b4 31 43 e9 68 13 a4 df 77 f4 e3 83 ad a6 30 07 6b 34 d4 c9 fa e6 f0 f4 6c 17 51 5e 7f f5 a4 75 e0 67 fb fb eb 3e 10 95 9b eb ad f7 35 49 29 f7 6b db 3f 68 83 75 97 03 ef 8b 52 fb fa 71 72 b5 d0 46 b1 d7 53 eb b6 8a 9d ca 94 c7 d6 7b 38 7d 62 93 c4 16 83 c1 c1 fe 7f dd 5c 1d 9e 5f 9f 31 c3 fe af c7 3b 7f f7 6e 34 1c fe c3 fd 06 bf ff f9 d6 7f 75 85 fa 98 15 60 f7 e5 cd ab b3 ad c7 47 c8 e5 d1 fe d9 7f 0d 7e 79 72 fa 7a f0 4f af 34 05 99 e3 57 fb 8f fe ee dd f0 fd 23 c7 dc de 38 c2 d6 a6 fd 47 4d 33 Data Ascii: _o<&~K[om\^\l_?]\|_]9or1Chw0k4lQ^ug>5I)k?huRqrFS{8}b\_1;n4u`G~yrzO4W#8GM3
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: c4 c6 b2 f2 f5 a5 34 37 d3 bd 86 58 97 bf 3e f7 ff b8 c0 42 3f 3c bf 97 bd 0d 64 e6 7f b3 ef bd f8 98 dd d3 d6 1e f1 a4 19 3f 9f 61 e6 8c 26 a3 19 2e c7 67 fb 57 bb e7 8f 3f db da fe 0a dc 6c 35 1d 8d b6 b6 bf 30 dc 57 5b db 4f c1 ad a6 43 19 49 9f 1b ee e9 d6 f6 6f 84 5b 4e c7 8b ad ed ff 36 dc 6f 9a 2f f2 f7 db 7f da fe 34 ed a4 df fd 64 27 fd 00 76 52 b3 49 fe 6e ff 0f ef 6c b6 ee 3d fa 67 fc 68 6f 2f 6e 07 5f b2 b5 c1 e1 f8 68 bb 4f 5a fc 7b c7 c7 2c 84 37 d7 83 17 ec f2 8c e6 f0 f8 18 8f 22 1b b7 c1 ff c1 2e e8 e5 a3 ed 32 9b a1 1f 1c 5c bc 7a 75 7b 7e 7a f3 76 00 a5 f2 b2 51 62 eb 78 6d 99 c9 25 47 b5 e5 dc 1e 1c 52 ca c5 99 8a 5a 7f 75 79 76 71 b5 1e 5c dc 5e d9 22 8d 92 1f bc 3e bd be 25 eb db ed 81 39 ae d8 82 0e 6e d0 0d 87 37 03 6c 98 57 17 e7 Data Ascii: 47X>B?<d?a&.gW?l50W[OCIo[N6o/4d'vRInl=gho/n_hOZ{,7".2\zu{~zvQbxm%GRZuyvq\^">%9n7lW
2024-10-24 09:43:12 UTC	321	IN	Data Raw: 5b ac 04 f3 49 7e 5d 10 c1 72 35 9b 62 95 13 44 80 45 7f d3 42 08 26 4b 02 07 2c 84 00 9c fc a8 8f f1 11 6d 3d b9 e8 51 0a 07 bb a7 27 db 7f ff c9 3f fc ec ff 3e 1f fc c3 80 4d c7 0d fa 0e 8f f9 e0 f5 6c 77 b2 3b 1e 3c f6 e1 c5 d0 41 f7 b5 5f 6d 7c b7 2c c7 c1 c5 e5 db 2b 9b e8 e3 e1 68 b4 33 1e 8e 27 83 7f 47 68 b2 a4 4f 6f 6f 5e b2 76 1a f5 33 54 d5 b9 d4 b4 59 72 83 cf 7e f3 ef a5 02 16 87 db 23 2b fa e6 cd d1 f5 27 51 db 27 b8 73 8e 3e d1 b2 f5 c9 b3 df 1c fc cb bf fe fe 5f ac ea 4f f6 ae 68 cf bb 1d f9 8c 8e ce 6e d7 7b 83 ff 6d 78 34 3d 39 39 7c 62 28 59 97 2f 2e 40 ce e7 a3 e1 f3 71 43 5e de 5e b1 12 09 f9 7c 3a 3e 1e 75 e4 e9 f9 97 ca 6c ff 6b 28 2c 41 30 c7 b3 f1 74 3c 6c 18 e2 16 38 e4 03 b9 9e 2d 26 c3 8e 7c 8b c5 71 f1 06 e4 f3 e3 f5 6a be 68 Data Ascii: [I~]r5bDEB&K,m=Q'?>Mlw;<A_m\|,+h3'GhOoo^v3TYr~#+'Q's>_Ohn{mx4=99\|b(Y/.@qC^^\|:>ulk(,A0t<l8-&\|qjh
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1e 0d 0a 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8c 0d 0a 30 30 30 30 30 30 30 31 0d 0a b2 0d 0a 30 31 0d 0a af 0d 0a 34 66 66 37 0d 0a f4 4f 41 8f 1b 7a fc 9c 7f 0a 9a 7e 41 bd 9e eb 9f 82 9e 1a fa d8 fe 57 d0 33 43 1f 4d f4 4f 41 cf 0d 7d af 85 0b 43 4f 4f f4 4f a1 5e 1a fa 5e bb 57 86 1e 1d ea 9f 46 dd 3d 67 b4 af 0e 32 8b 9e 76 38 ea 7a e1 b6 6c 39 11 0e 17 47 de 11 d4 da 39 ab b8 ba 57 c6 ef 44 63 7a 05 b2 8e 74 af 69 e7 ea c5 d1 de 60 34 da 1e 2c 16 db 83 f1 68 d9 da d1 6b 6c bf ce f8 65 b4 18 43 d2 f9 a5 9a db 4f 43 7e 19 4f c8 38 e9 b2 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001014ff7OAz~AW3CMOA}COOO^^WF=g2v8zl9G9WDczti`4,hkleCOC~O8
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: f1 44 2a e0 fd ed d9 bb 4b ce 4a 24 ad 67 c4 8e ed 59 3e 90 1f e1 65 cf 37 48 aa ce e4 e1 fb 43 02 3f c5 42 13 da e0 a3 e9 73 fb 41 9a 1c bb 65 f3 97 3e 0d 58 cd 30 5d 6c 0f 51 56 0d 2d 1a ef 0f f7 6c b1 78 67 5a 72 b3 b4 a2 8f 1e 5a 36 b6 c8 8b 77 fb f1 1f 74 86 f3 47 ee 09 08 36 97 f5 1f b9 5d f1 c1 9f 7a 7d ad 33 be 1c 3e d8 b4 eb d7 2f de b1 8e d9 e9 c7 8e 05 56 ec bd 22 14 f3 6c fd be 9d 1e 31 09 8a 7a 25 6c bc 1f 2a d9 44 b7 fa f7 da 9c e7 50 ed 94 50 a0 ad 77 9c 46 48 2e 83 b4 0f 05 22 6d e2 d1 8d 39 6f 54 8a 8c 63 94 d9 ad b1 8e f3 b6 58 0f 32 04 d2 78 fb 07 8b 6d 68 ad fa e3 3b 5c 86 d7 8c df 25 e7 61 cc e0 9e 6f fb 0f 3a 6a df 77 9a 1d 6e ca 7c 79 7a b3 83 b3 0f 83 55 67 2b 7b ed 27 ef 9b 98 bc 87 7f eb 90 fe 9c 6c 6d e6 6e 5d 8e 1f ef 56 b8 b7 Data Ascii: DKJ$gY>e7HC?BsAe>X0]lQV-lxgZrZ6wtG6]z}3>/V"l1z%lDPPwFH."m9oTcX2xmh;\%ao:jwn\|yzUg+{'lmn]V
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 05 0d df 9b c8 db a7 6d 42 21 80 87 e6 08 ec 6e a9 3b bf be df d5 05 a8 9a bd b9 a0 6b cf 75 75 a3 52 dc 2f 82 bb 26 4e f0 c1 6a b8 d2 72 97 e6 7e 55 ba 88 75 67 3f 5a ba f2 7e 57 b7 6b 36 7f 67 7f b3 d9 df f7 bb 76 b1 eb 1d ff 6d 8e ce 8d 02 cc fe b4 6d 4f 1c 46 35 dd 6a 3f b8 d4 0f 46 77 4d d8 a0 ee 8b c6 07 0a f5 93 a7 6f 54 a6 13 3f 54 24 e7 53 fd a0 bb ab fe 17 b9 29 19 dd 37 a2 36 5d 8c 7e 44 7e c7 bf 48 99 be b8 6c 6d b4 9f 1f 36 ee 71 7d 87 2a a3 2f ed 60 ad ba 35 3f 58 ed e6 dd 35 56 f8 ea 1b 44 95 6c b4 51 77 80 de fd 09 4b 98 9b f3 7b 5c ab aa 02 aa b5 64 93 5b 20 ba ee ce 45 56 27 b0 5a af 63 9f 2c fd fd 31 c6 8d 2a ed 86 36 cf 42 a9 68 a3 cc 8d 55 75 83 cc da 53 4a 74 53 f7 e3 6d 18 ee 2e ef e7 f9 70 5b bc d0 92 e7 fe 62 1c cd aa 72 92 6c d9 Data Ascii: mB!n;kuuR/&Njr~Uug?Z~Wk6gvmmOF5j?FwMoT?T$S)76]~D~Hlm6q}/`5?X5VDlQwK{\d[ EV'Zc,16BhUuSJtSm.p[brl
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: ba 74 c0 26 6b c7 d3 bb ac 5d ec 0e e7 a3 b6 72 0d f2 b3 0d f7 26 53 2f 8a 87 0e be 07 6b ef 2e 5c 2c 24 ab d5 e7 5c 3f 62 61 9a 73 b1 1d be 4e b4 18 b5 bf 33 16 25 9e a0 1a f0 f7 e9 62 72 30 9f ee 8e e6 93 a9 92 dc 12 0b 6a 03 87 9f 53 d0 f7 95 6f 97 af ae b2 b4 ea dc 51 67 0f 2e 3a 93 29 eb df 7c fc 4c 7f 79 08 ea fb b6 c2 05 ad b4 e2 ee da f7 8d b4 ea 26 af 59 fc 77 17 2b 5b ec 0f 46 b3 d5 ee 6c a9 05 7f bc bb 58 6a c9 44 23 4f 16 bb d3 e9 b8 c3 93 03 e1 56 53 96 d1 21 bf 8d 57 5c 57 1b cc 27 83 d5 88 ff 1e cc c6 0d 0f 02 6b c6 a9 00 47 93 c9 81 fe 60 15 2c e7 53 44 19 f5 34 99 f0 d0 d3 6a 97 f1 9a ec 4a 25 8f 91 72 9f eb 3f f6 c2 b3 c9 a2 d9 98 67 db 86 33 e4 4b 33 71 49 37 c7 bb d3 11 f2 36 e6 5e 3a 36 0e 7f f9 97 9b 7b 0b e4 4f f0 64 d4 e9 80 e7 74 Data Ascii: t&k]r&S/k.\,$\?basN3%br0jSoQg.:)\|Ly&Yw+[FlXjD#OVS!W\W'kG`,SD4jJ%r?g3K3qI76^:6{Odt
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 39 1d 4d 56 cf b4 36 8c 60 22 b9 19 7b b9 cb b0 6e f4 bb 84 12 6b 47 69 69 17 99 6c 93 79 4b 4b 0f d3 9a 09 33 ce e8 27 1a 7c 4d 30 2d 26 94 37 56 f7 10 96 11 dd e7 39 51 ac a5 36 d8 0b 64 79 a3 6f df 57 59 c8 40 98 88 c7 f3 c9 53 1a fb 0c a1 fd 3e 36 51 77 7c de b1 7c be 95 ab c7 0d 32 db 56 7b 42 3b 6a 87 1f d8 4c 8f f4 6a c2 80 4d 97 8c f3 e9 f2 ce 56 f9 2f e1 d7 f9 90 67 c0 1b f9 9d 5a cf e0 8f 56 7f bd c6 e7 92 21 29 98 c1 3b 9c 64 9f cf 35 87 87 d3 67 53 26 f3 72 b5 1a 4c a6 4f a7 73 f7 06 7c 7b 2b f9 61 89 78 c8 7f fb 1d 36 18 78 a2 97 9a d8 d3 19 db 4c f6 0b 23 56 a4 29 ee 5b 19 20 cd 7b 20 2b 40 e0 54 1b d8 66 8d a0 59 4c 2f e3 aa 9d 33 ed cc d9 6d ab 36 ea 89 df 84 1b b3 71 33 cb 85 b4 60 65 b7 bf 13 8c 51 a6 e6 d8 f4 25 b3 06 83 80 2f fa 90 e6 Data Ascii: 9MV6`"{nkGiilyKK3'\|M0-&7V9Q6dyoWY@S>6Qw\|\|2V{B;jLjMV/gZV!);d5gS&rLOs\|{+ax6xL#V)[ { +@TfYL/3m6q3`eQ%/
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: e4 d3 f1 8f a6 19 bc 1a 2a 8e 13 07 bb 38 2f 8e cb 4d 45 eb 4d a0 71 f2 73 b4 ab f4 4a fb 68 9d 42 20 7b 8a 67 65 f3 6c 69 0e 32 39 64 d0 41 25 22 a5 a3 11 8e c5 67 5a 2b 90 17 1d 3e 68 24 22 cd 84 99 32 71 82 9e 72 38 42 e4 a8 9b 13 22 98 84 68 eb 38 5c e1 21 e6 87 8b b4 4e 88 f4 bb c8 91 70 92 4c 6a ad 40 1c 90 99 7c 48 f0 c4 f3 95 fa a6 56 b0 db 57 7a c9 de 4d e9 32 26 cc 08 a4 bd b1 c4 20 1a ab 70 89 e9 8c 49 af 79 61 3a c3 86 06 ad 31 99 b1 5d d2 b9 06 d8 89 2a e9 d4 06 f7 a1 d1 22 49 bc 10 54 4e 8d e3 c7 87 66 8c be e8 25 1b 56 0a ab 53 47 3b be ef 41 c5 77 93 55 f9 a9 38 9d 56 d8 07 e7 53 9c cc f6 24 83 41 b4 0d e3 89 41 a5 9f b5 5f 64 8f 88 04 1b b5 25 ed 1c 57 a7 7a f9 b3 f8 44 d2 73 f7 a4 95 fd f9 6c 32 24 47 43 29 72 87 83 2a 1d fc 5a 01 d8 19 Data Ascii: 8/MEMqsJhB {geli29dA%"gZ+>h$"2qr8B"h8\!NpLj@\|HVWzM2& pIya:1]"ITNf%VSG;AwU8VS$AA_d%WzDsl2$GC)r*Z

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.16	49791	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	541	OUT	GET /gui/88116.be3428c199d3d7ca9393.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:12 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 24f4e1460e2f4620912e579be6ee1af6 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:58:32 GMT Expires: Sat, 18 Oct 2025 09:58:32 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517480 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:12 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 31 0d 0a 00 0d 0a 30 66 66 38 0d 0a 02 ff ec 5c 6b 77 db 38 92 fd be bf 82 d1 cc 78 c4 5e 92 d6 d3 b6 24 cb 9e 4c 3a 3d e3 39 dd e9 3e 76 72 f6 ec 66 73 d2 14 09 4a 1c 53 a4 96 a4 fc 18 59 ff 7d 6f 15 00 12 d4 23 49 cf ee d9 4f 6b 75 3b 34 1e 85 42 a1 1e 17 05 50 ad 75 21 ac a2 cc e3 a0 6c 4d da 85 48 22 ef 51 cc 56 7e 70 ff 66 b1 4e ef 1f ca cf eb f8 f3 d2 8f d3 e9 17 ea 5e 5e 3e 7e b2 bd d5 ba 58 b4 3f 7e bc b8 e8 76 cf 9c 8b b3 de a0 ff c9 d9 74 3b bd 6e 6f dc 16 4e ee 94 f6 Data Ascii: 0000000100000001000000010000000100000001000000010000000100010ff8\kw8x^$L:=9>vrfsJSY}o#IOku;4BPu!lMH"QV~pfN^^>~X?~vt;noN
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 99 53 65 99 51 b1 d3 d2 4b d2 72 1e b2 38 b4 3a b6 73 8c 82 64 62 8f 80 e6 e1 3d c4 fb 4f 93 90 32 fb 1f 13 a8 e5 56 93 9a 4f f5 84 82 75 51 66 4b e5 5f ec 36 69 84 3b 5b 97 25 dc 5d 8b c4 62 6f 1d 0e 38 46 d0 2a 3d 38 7d a8 a7 17 c2 3f 6e 6a d7 36 6e 23 a4 65 86 af db da 1c 80 28 c0 c9 f8 b5 75 ce 86 e7 fd e1 51 5a 3f bd 7e f7 fd cd eb 77 ef 3f df be fd e1 ed ed ed db 5b 26 79 63 d0 e9 f5 2e 46 3a 50 f6 87 e7 58 99 78 da 46 20 bc 18 75 c1 91 8a a3 2a 64 ca 40 9a 52 7d ff ac 37 44 f8 04 1f 14 80 e9 61 78 76 de 3d b7 55 18 1d e0 91 a3 a8 0a a8 01 38 1e 0e 86 d4 32 a1 d8 3a e8 0c f1 b8 ae e6 e1 ac f0 88 78 3b ec c8 88 1b 39 73 67 e1 3c 38 4b e7 d9 b9 77 1e 65 ec d5 21 cf 7a d2 71 cc 41 c8 45 18 da 94 f9 33 47 60 04 b2 8f f1 27 44 29 04 f3 d4 7b f0 93 b5 d8 Data Ascii: SeQKr8:sdb=O2VOuQfK_6i;[%]bo8F=8}?nj6n#e(uQZ?~w?[&yc.F:PXxF ud@R}7Daxv=U82:x;9sg<8Kwe!zqAE3G`'D){
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 0d 48 e7 c4 d8 ec 95 2b f6 20 70 37 c8 ee e4 2c 7e ed 6f 4d 86 7d ed 1c 7c 09 a7 ed 89 0c 60 fb d1 3e 56 88 59 03 d8 2a 54 36 c4 af 16 a8 74 38 bf 95 7b 5f f0 e7 8e 1c 29 f1 de 7d f0 d6 1c 50 c8 8b c8 20 81 25 6a c0 f5 0d e2 8d 3f 16 08 6e 48 e9 29 1c 51 4e b9 6b b0 46 9e 26 85 ce 8b dc 74 cb c8 a1 21 05 57 c6 af 39 ae da b4 83 a8 42 b3 28 3f ac fe 52 c6 77 8c 6f 10 77 aa 2d c4 81 e8 aa 47 cb be 38 1a 3b e4 6a 34 8a 08 0c bd e8 41 c7 7a 40 98 93 93 57 6c e3 39 90 c8 2f 7e b9 a0 a8 9e 97 c5 bf 21 3b d2 6e 2d ca 72 35 3e 3d e5 70 b5 c8 8a b2 65 5f 43 35 e3 30 14 e9 0f 59 be f4 94 05 d8 e3 af 03 08 6d 18 d5 52 21 ab a1 e2 92 de 8b 50 10 76 ea 2c d8 76 db 6e e2 8e d6 fb c7 ec 07 b8 92 2c 27 5f 01 f9 c2 93 50 20 bf 45 60 47 42 2c 64 83 69 31 34 21 cb be 6e 9b Data Ascii: H+ p7,~oM}\|`>VY*T6t8{_)}P %j?nH)QNkF&t!W9B(?Rwow-G8;j4Az@Wl9/~!;n-r5>=pe_C50YmR!Pv,vn,'_P E`GB,di14!n
2024-10-24 09:43:12 UTC	322	IN	Data Raw: f3 b1 aa 58 0b a5 ce df 23 c3 21 37 a2 ef 39 db e3 b1 98 45 a8 4f a5 55 56 a1 f2 a9 46 2c 90 5b 98 7d 4c fb 0c cf fa cc 98 d6 08 57 e6 1d 01 6b f9 4c c7 ee cd 75 33 e0 4a eb ea 67 c2 1b c6 19 7c b5 80 c6 a1 a5 55 c1 7f ba e3 c0 aa 40 45 32 3f bf 57 a0 77 17 55 5b 44 7f 83 98 5e 0c 2c 82 11 e1 cc 0c 2c f6 82 07 b2 ca e6 ce 5d 5c 8b bd 73 00 b9 42 9a 2b cd 04 f6 2b 5a a0 07 e3 e1 7e b4 ba 87 4c ef 8f 44 2b 82 5e f5 7e 1b 46 cc b1 5a 4b 40 d6 60 7e 66 88 91 85 2d 4b 7a 4a de d8 b4 ac 1d 67 7f bc bd de 76 f1 0e 6e b7 5b a5 cc 07 63 b5 de c2 71 6e 5c 43 1e 1e 5f 4b aa da d1 21 69 3b b9 e5 e3 7c 9f f2 0d d8 52 b5 71 4c 7d 67 9e de 1f 38 8f aa 4f be bf da b7 de b5 7f 73 27 0d ce be b9 43 85 b9 be b9 47 e3 84 ec 9b 7b 69 0d db ef c0 87 79 38 ee ff 9d c2 0d bb 32 Data Ascii: X#!79EOUVF,[}LWkLu3Jg\|U@E2?WwU[D^,,]\sB++Z~LD+^~FZK@`~f-KzJgvn[cqn\C_K!i;\|RqL}g8Os'CG{iy82
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a dd 0d 0a 30 30 30 30 30 30 30 31 0d 0a c8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 50 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 30 30 31 0d 0a e6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 16 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 74 0d 0a 30 30 30 30 30 30 30 31 0d 0a 25 0d 0a 30 30 30 30 30 30 30 31 0d 0a e3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a b8 0d 0a 30 30 30 30 30 30 30 31 0d 0a a7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 62 39 38 0d 0a e0 e9 dd d6 e1 9b 7f c6 95 0a ca 29 Data Ascii: 000000010000000100000001P00000001a0000000100000001!000000010000000100000001t00000001%00000001000000010000000100000001I000000010000000100000001F00000001I0000b98)
2024-10-24 09:43:12 UTC	1408	IN	Data Raw: 62 a4 fd b1 59 e5 02 63 a7 45 b2 a6 97 14 c6 d2 68 c9 1b c9 ff bc ee f9 b0 32 40 1e 87 1c c0 1a 11 bf e3 f5 cf 87 86 11 1a 95 6e b1 a4 fa de b1 ea 04 d6 d3 f1 8e d5 3e 01 9d 9a d6 6d 12 c6 31 de d8 ea 1d 19 b5 47 95 95 17 51 53 94 ec ba e8 78 68 1a ee 0a f7 ef c6 d6 b0 63 90 7c 72 8b 85 1f 12 94 ee 28 2e 99 9d 7d c9 d4 82 d1 5d e4 c4 d1 ab cb 73 d7 32 d8 eb da 31 84 5a f5 65 a9 c8 a1 fa 60 67 af 93 b9 12 55 a7 18 3b 18 ac 1a ff 03 7e a1 14 56 0f ff b3 57 36 56 b1 1e 90 6f 07 ba 74 a5 cf 55 8a d4 58 28 a3 1a d7 7a 02 9c ac c9 95 94 aa 66 d4 2a ad e2 81 0c dd 87 d6 60 dd 95 a8 39 ab 8a 04 4e 1c 56 86 60 42 63 a3 da d4 47 78 d6 bd 56 b1 bc d4 54 91 31 31 32 93 d1 0d 76 08 c9 76 db ef 9c ef c6 e3 99 40 4b 41 4f 08 97 22 df 20 6b eb 22 94 10 12 57 bd 50 b2 fd Data Ascii: bYcEh2@n>m1GQSxhc\|r(.}]s21Ze`gU;~VW6VotUX(zf*`9NV`BcGxVT112vv@KAO" k"WP
2024-10-24 09:43:12 UTC	397	IN	Data Raw: 56 38 43 16 d1 37 70 8c 21 74 81 bd ce d6 93 57 7e f6 a9 8d bb 56 97 6f 21 ee d2 86 ce e0 52 b9 22 df a4 55 d3 57 df f0 b1 a9 4b 14 0f d6 ab 78 49 af a5 e1 8b 2d b6 1e df 0a df e0 f7 98 93 5f 7b 75 7d ae a3 dc 57 a3 8a be 0f 64 c3 d0 4e ee 09 e4 06 a3 d1 84 31 56 fd 05 20 1b fe bb 5e ef ba a6 d1 8b b1 09 7d 71 09 1c b2 91 65 33 82 97 59 cc 39 b4 46 7f b2 f9 9d 2f 43 d9 f3 62 95 27 54 c7 44 06 b6 6f 3a 9d aa 21 51 65 43 35 9a 36 7c 5b dd 52 e6 dd f7 da 91 15 d7 8d 8e 92 fb c2 f8 35 28 91 87 15 a0 a1 9d 14 68 33 ea af 47 d0 07 60 12 ed 77 bc 33 cb 36 c4 54 6f d2 2a 1f a2 dc 50 c5 e2 be 68 aa a6 bf d5 21 ed d1 94 38 49 32 5f 2f 8e 9a cc 2e 23 ea 20 c3 10 a8 31 eb 8a b4 11 36 80 25 f6 04 d4 70 90 8d 4e 15 31 a3 d7 6e c8 57 ce 53 62 20 4a 16 d5 4c 1f 69 4a 6f Data Ascii: V8C7p!tW~Vo!R"UWKxI-_{u}WdN1V ^}qe3Y9F/Cb'TDo:!QeC56\|[R5(h3G`w36To*Ph!8I2_/.# 16%pN1nWSb JLiJo
2024-10-24 09:43:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.16	49792	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	554	OUT	GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:13 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: ba3b9a514ca5d55b2ee734db7e0ff58b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:03 GMT Expires: Sat, 18 Oct 2025 08:55:03 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521290 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:13 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff 94 5a 59 73 db 38 b6 7e bf bf 82 e6 74 a9 c8 09 c5 c8 4b 36 2a b4 db 93 4e dd 72 75 a6 3b d5 4e c6 0f 6e 5f 37 44 41 12 62 0a d0 80 90 14 b7 ac ff 7e bf 03 80 8b 25 a7 27 f3 90 0a 04 02 38 07 67 f9 ce 02 87 cb 8a 07 95 d1 a2 30 e1 30 aa 78 39 49 d7 7c b4 60 c5 dd bb d9 52 de ad cc ed 52 dc ce 99 90 f9 5f 7c 7b 78 b8 be 89 d3 c5 b2 9a 45 d7 d7 af 06 83 e3 97 37 c9 e6 68 f0 f2 cd 9b 2c 32 89 4c 78 9c 9f 6e 78 aa 23 19 27 3c 1d 47 32 d9 fc cb 7c 16 97 eb 0b 59 19 56 96 5c 67 11 96 7c d8 c6 43 1e bd 79 fd e6 30 1e ae 98 0e 74 ce a3 93 d7 af 06 27 71 22 30 3c 7c f9 f2 e4 45 3c 34 fa 7e 43 bc 5c 87 6b a5 ef 46 ea 6b b6 16 72 ac d6 d9 ab 74 90 0e c2 9b 5e Data Ascii: 0000000100010ffeZYs8~tK6*Nru;Nn_7DAb~%'8g00x9I\|`RR_\|{xE7h,2Lxnx#'<G2\|YV\g\|Cy0t'q"0<\|E<4~C\kFkrt^
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: b8 69 a3 5e 09 f5 3e 7b 46 dc 25 76 c1 ce 99 08 7a 86 17 08 2b 53 4e 67 96 30 2a fb df 23 85 90 71 4a 00 19 6e 0d 5b 4c 0d d3 53 c8 06 81 30 b5 db 13 95 73 a8 83 98 4f 58 be a9 d6 19 4f 44 f5 fe ab e1 5a b2 32 53 89 d2 62 2a 30 b4 b4 33 b3 1d 1e a8 5e 4f a7 73 09 05 b2 54 54 9f ed c5 72 42 3b 9d 8e 45 b5 a0 88 69 17 47 e4 29 93 48 24 0c d7 00 40 ba 18 3d 06 54 e7 e2 0c 40 e9 73 01 c0 db 27 31 e7 6a 69 3a 01 34 de ec 6c e8 f5 64 ba 66 08 4d 72 ea ac e7 69 62 a1 5f 13 12 51 18 d7 d1 60 10 67 21 43 e4 5e c1 bb 11 af 88 38 38 2f 4a ce 74 4d 96 78 89 13 f5 f0 40 b6 d5 08 9f e3 00 5c e9 be 63 43 4d a0 25 c5 41 9c 12 a1 51 b2 95 98 32 a3 60 2c 5c af 44 c1 af 90 4e 70 1b 27 8c 56 25 92 12 98 d7 53 72 09 11 49 ec 0a 62 2b d9 74 84 ce 77 85 9e 40 2d 12 6a 71 b2 ce Data Ascii: i^>{F%vz+SNg0#qJn[LS0sOXODZ2Sb03^OsTTrB;EiG)H$@=T@s'1ji:4ldfMrib_Q`g!C^88/JtMx@\cCM%AQ2`,\DNp'V%SrIb+tw@-jq
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: e0 6c 81 07 52 c9 be 1d a3 c9 16 d8 ca 90 2a ea df e5 05 da ab 7a cc 01 d7 2a 18 e1 0b 99 12 96 24 76 03 a3 46 53 a0 6c 4b ad 72 4d c3 19 5b f1 80 05 7b a6 17 c5 c1 9c 9b 99 1a 53 f7 d0 c5 08 f2 a6 94 04 82 5c e9 00 2d 2d 8e 58 9b d2 c5 86 71 34 80 77 d9 1b c5 90 23 b9 da 97 0e a0 b7 41 d8 c2 d1 47 74 88 50 09 91 4d d6 bf 51 c1 52 07 05 d5 2e 14 1e 27 f5 34 80 c9 1e 67 b6 20 95 cc 41 f1 f5 eb a3 e3 57 71 72 4f 5d e8 17 27 c7 87 71 32 c2 f0 e4 c5 d1 09 86 97 34 3c 19 bc 38 8a 93 8f 18 1e bf 7c fd e6 38 1e c2 8b 83 f7 c9 97 dc e4 a7 a6 ed 5c dd b9 8e 51 a2 13 91 28 00 99 0d cf a4 d3 0a 8d 37 75 13 01 da 8a bc 72 77 da 0b c1 36 7c a0 cf 1c 6f 2b 2b 00 f4 9a 8a fd e6 4e e1 53 34 90 e8 34 95 ce b1 6d e3 c3 4c c7 68 88 34 90 0e e1 0e c8 d1 14 67 b5 75 91 64 3e Data Ascii: lRz$vFSlKrM[{S\--Xq4w#AGtPMQR.'4g AWqrO]'q24<8\|8\Q(7urw6\|o++NS44mLh4gud>
2024-10-24 09:43:13 UTC	250	IN	Data Raw: 7a 26 be 40 14 62 72 df f7 93 59 80 77 9e 82 f7 47 dc ac 39 97 8e 50 89 d7 4d ca ea e7 15 48 95 fc 6b 1f c6 6b bf ac c5 d8 cc b2 e0 e5 60 b0 f8 6a 27 c0 27 de 94 fa 25 9f 98 2c 38 aa 67 9b 8b d2 e6 1d 26 c8 c8 36 74 1d b7 35 0b 0e b1 2b 70 3b bb cc 32 b7 aa 50 a5 d2 1d d9 8c d4 98 78 c7 a4 13 ca c8 56 19 fd 91 82 71 ce 71 18 ce 82 6f a2 56 d9 95 a6 5b 6e 60 b1 7d 9f 9d c1 6b 32 2a 47 f8 0e 87 0c 2a 83 57 39 fa df da 10 04 bb 9c 79 ad 11 1d 7b 8f da 83 dc 39 f8 03 10 3c 79 11 45 36 02 83 4b 43 54 03 54 47 8b 2c 18 d8 21 5e e7 66 10 62 23 09 64 51 48 9e 50 c2 9c e7 6c bb 45 1a f5 3f cf 9f ff 0d 97 a3 67 1e 54 a6 0b e4 41 78 da cc f7 4d 39 3d c6 1f c6 bc 7a 79 fc e2 68 c0 8e 46 47 6f de 70 7e 78 04 14 4e e7 6c f1 ff 00 00 00 ff ff 03 00 0d 0a Data Ascii: z&@brYwG9PMHkk`j''%,8g&6t5+p;2PxVqqoV[n`}k2GW9y{9<yE6KCTTG,!^fb#dQHPlE?gTAxM9=zyhFGop~xNl
2024-10-24 09:43:13 UTC	58	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 31 0d 0a d5 0d 0a 34 0d 0a de 23 00 00 0d 0a Data Ascii: 0000000100000001`00000001000014#
2024-10-24 09:43:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.16	49793	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:12 UTC	532	OUT	GET /gui/static/qrcode.min.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:13 UTC	339	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 5b54b76e8a5dcc1a24106a72221b197d Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:13 GMT Expires: Thu, 24 Oct 2024 09:44:13 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: text/javascript Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:13 UTC	1069	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a eb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 72 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 38 0d 0a 30 30 30 30 30 30 30 31 0d 0a b2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\0000000100000001r000000010000000180000000100000001~0000000100000001
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: 79 4a 66 19 dc cf 23 58 20 39 da 51 c1 5a fb 5e 2a c0 11 6b 90 e1 6a a4 32 6d c5 5d 16 e7 51 d9 1f a2 d0 42 8a c0 2d 58 39 2d 08 7b e3 fc 6c 1c f9 11 a9 7e 73 b5 c1 c2 51 ed 74 19 4d c4 c0 de 6e 45 64 62 17 4e 79 ad 28 e7 02 9b 49 ec 19 1b 1d e9 a4 34 43 6d fe 80 bc 5e 60 39 38 e4 28 b6 22 5e bf 08 b3 2f 25 30 76 51 e0 a2 33 ce 1f 1e 18 1f e9 7f d8 ba 4e 03 34 3a e3 e8 d0 97 68 8f db 79 bd 26 d8 75 98 ac 53 de ec 32 9f 80 ba ad 00 ab df b0 7f 63 f8 25 1a 55 7e 1b 28 6c c5 6d f8 c5 60 b4 5e 6a d1 78 71 bb 5a 5a 30 60 c6 1a 80 cf 61 a1 6f c2 f5 97 f7 61 9e 47 19 6c dc 96 83 a9 5f 39 53 2e 32 0d a3 44 24 e8 3c 65 28 a5 9b ae bb 7d 09 58 11 60 7a 38 b5 d6 c3 4b 33 15 a5 af 54 5e 6e e7 3b fb ba 22 42 20 df 4e 0e cf f0 98 3b fd 4b 78 30 3c 3f 3e dd 95 0a db 9e Data Ascii: yJf#X 9QZ^*kj2m]QB-X9-{l~sQtMnEdbNy(I4Cm^`98("^/%0vQ3N4:hy&uS2c%U~(lm`^jxqZZ0`aoaGl_9S.2D$<e(}X`z8K3T^n;"B N;Kx0<?>
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: 6f 5b 41 47 6e 4f 62 47 ef 32 ed 97 c1 d0 f9 77 14 37 10 39 84 58 1c b5 46 70 9b a9 12 86 df 43 9a 43 7e 4c 19 57 99 c8 e8 e2 01 c4 6c a4 37 65 ab 14 9a 7e f7 0d 5d 89 2a 82 13 b3 80 1b 90 9f ab ba 4f 63 e3 c7 01 fb e9 db f0 9b 15 8b 0d 42 fb f2 3d 11 33 54 57 00 c2 98 75 53 c6 10 73 e8 cc fc 94 75 43 0a d8 9f 43 4b e9 fd 72 8e 32 69 b7 7b 92 37 65 c9 e8 72 8e c8 17 51 73 b0 e1 10 73 2a 3d 38 d7 c7 54 a5 ee 7d ba fc 9e a4 b7 71 b8 b4 30 e7 0d 4f 98 59 04 4b 4c 4b c9 5a 76 c3 45 41 28 9d 5a 53 db 5f 57 11 db ed c6 fa 23 51 a4 9e 5a a3 09 45 36 a4 55 30 af df 54 40 9b dd e8 99 a8 58 21 26 7f c6 dd ac 95 3d 72 b6 6c 2c b7 ca 58 24 f4 82 ef 04 fa b6 0e 16 cf 27 28 16 69 16 33 c5 57 06 07 6f 6d f1 d5 00 10 8f e7 cc b7 d2 fa 0a 80 24 c8 0a 83 a1 a0 57 97 5f eb Data Ascii: o[AGnObG2w79XFpCC~LWl7e~]OcB=3TWuSsuCCKr2i{7erQss=8T}q0OYKLKZvEA(ZS_W#QZE6U0T@X!&=rl,X$'(i3Wom$W_
2024-10-24 09:43:13 UTC	469	IN	Data Raw: 1d 51 83 c0 ce 2a 55 1a d4 14 b3 e6 eb 77 bf c9 14 01 55 73 5a 47 be 99 db 18 d2 f4 7c 6c e8 fa 76 5e a7 fc 96 c9 c1 6a 81 e7 1e da 50 f5 42 5b 01 ec e5 bf de 1b c0 8a b7 51 99 d7 63 98 2d 8a 39 77 3e 60 7e 30 6c a0 d3 ba 66 01 80 d2 52 f7 f4 74 ae 12 dc 81 0f 30 87 7b cd cc 41 8d ce e4 cf 6a 43 77 b7 a1 b7 db 30 90 c7 a8 08 11 90 56 4c 52 a0 7c 59 01 38 99 04 73 3f 33 b7 d8 e1 9f 2a e2 50 bc e1 da 1a 4e b7 28 2e ab 8a 55 d9 b3 ba 69 8d 8e 2a 79 47 c9 52 ad c6 65 df 4a f9 bc 64 2d 4f 81 e9 e5 82 6c d9 75 76 96 fa 0d 55 04 76 93 38 39 43 d5 75 a3 1f af fb a4 95 a4 b1 64 52 d8 26 ae 7c a7 6d a7 08 e5 ff 78 f2 67 a0 22 01 fc 21 75 d2 a0 10 19 d8 75 dd 46 63 2d 54 28 0b 25 93 61 44 84 d0 01 d4 a4 d3 0a 21 d0 56 0d a4 c0 b4 32 fb a9 63 1b 2c 2c 52 f5 88 30 a9 Data Ascii: QUwUsZG\|lv^jPB[Qc-9w>`~0lfRt0{AjCw0VLR\|Y8s?3PN(.Ui*yGReJd-OluvUv89CudR&\|mxg"!uuFc-T(%aD!V2c,,R0
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 40 0d 0a 30 30 30 30 30 30 30 31 0d 0a 29 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a 53 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a eb 0d 0a 30 30 30 30 30 30 30 31 0d 0a b9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 28 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 65 38 39 0d 0a ea 81 82 01 26 ef b9 a2 4d 68 63 28 ba 51 4b c7 95 dc 95 2d a0 8b 5b e4 c4 c8 ae 91 d3 12 fa 6d aa 11 20 17 06 07 80 82 44 95 53 63 42 a1 2f 99 87 27 74 c7 78 6e 91 6c 60 12 31 6a d0 17 3d 39 6f 6f 48 d4 ba 28 80 48 e6 a3 1a 82 d7 21 cd 8b c9 65 05 82 5a 88 79 68 e1 d9 89 c1 a8 af 12 e5 f8 03 f9 61 2c 5e 45 97 5a 38 Data Ascii: 00000001@00000001)0000000100000001S00000001I00000001000000010000000100000001b00000001(000000010e89&Mhc(QK-[m DScB/'txnl`1j=9ooH(H!eZyha,^EZ8
2024-10-24 09:43:13 UTC	1408	IN	Data Raw: 14 f8 40 97 b4 80 2f b7 4a 98 a0 5d 9e 32 96 af b8 fc b0 55 a7 14 90 7d 92 b7 87 89 0a 5a 22 e0 3f e0 39 d9 25 e0 0d 4b 23 3c 06 b5 d1 c2 8d 1d 56 6c ca c2 c8 65 0e 8a e0 04 3b aa 48 0b 38 c1 94 29 22 7c 25 ec 98 23 27 98 35 85 dc 94 1d f1 aa 8f cc 84 7d 2a 36 44 07 d4 e0 61 4b d1 a5 3d 5a fc e5 8d 5c 0f 91 a9 47 8b 22 39 61 76 18 6d 2c 34 1e bd f5 81 22 67 64 6d 78 19 0f 89 80 e7 50 3f 0a 61 3a 58 65 db 58 f8 3d 0a 47 fb 44 42 87 73 1e e0 8c bf 2e 6f 19 77 41 4f 07 2b 83 47 d9 11 e7 5f 5d a0 d5 41 34 dd 06 86 9e dc 46 a5 65 c7 a1 fc 0e e1 05 e7 c4 7d 78 d8 2e 65 3d 43 b4 f2 be 71 1f e3 7b 70 a8 1d 62 0a ef df 0e 30 47 8f 12 10 6c 99 b6 79 23 7b 48 eb 36 85 8d c8 58 70 91 0d f8 20 c9 86 77 ee c3 c1 53 d6 c3 a9 29 d2 19 24 79 5d 44 bd e8 d9 e9 c9 4c 08 e4 Data Ascii: @/J]2U}Z"?9%K#<Vle;H8)"\|%#'5}*6DaK=Z\G"9avm,4"gdmxP?a:XeX=GDBs.owAO+G_]A4Fe}x.e=Cq{pb0Gly#{H6Xp wS)$y]DL
2024-10-24 09:43:13 UTC	1056	IN	Data Raw: c4 cb d3 cc e7 d3 1e a4 33 47 24 9e 0d e2 e5 b2 83 3b 79 8a e3 ee e5 bb b7 f3 de de 79 ef d0 bb ed f3 22 81 03 33 64 91 e5 68 38 49 5a 01 0d 33 32 02 8b eb 8b f5 fb 10 77 cd a2 29 d9 91 74 02 4a 72 01 ee 9b aa 96 32 e6 d8 f1 13 8f 9a ee 0d fb 36 c3 f7 28 bf c2 ab 2a 0e f7 f0 df 1d 60 4d b9 ca e2 ab 7c 80 6b 37 17 bd aa 87 d2 a8 19 91 51 aa 3c e8 ae 57 44 62 a4 be 58 35 6f 5a e0 74 88 74 e5 5b 1f 25 4b 7a 24 8d 89 f2 c3 07 5c 65 41 d9 41 0a 78 9c 26 60 c7 27 ca 3b af da 6f 19 19 e7 7e 64 27 d3 b5 0a 32 fa 9a f6 95 e6 45 11 56 69 11 1e 0c ae 50 27 48 75 4c 85 72 41 aa 04 d0 8a 71 2a 85 23 ac 0c b7 0f 38 ec 58 98 ef a1 ed 63 19 7a 94 7c 1d 7f e9 d8 82 4e 8e c4 e3 8d 8f e3 22 c5 f5 2f 2a 33 c4 aa cc c0 f9 e7 ac 3c b0 b2 11 4b 1b 5b f1 cb a7 89 98 06 1b 5c 1d Data Ascii: 3G$;yy"3dh8IZ32w)tJr26(`M\|k7Q<WDbX5oZtt[%Kz$\eAAx&`';o~d'2EViP'HuLrAq#8Xcz\|N"/*3<K[\
2024-10-24 09:43:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.16	49795	142.251.116.95	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	570	OUT	GET /css?family=Google+Sans HTTP/1.1 Host: fonts.googleapis.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:13 UTC	805	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin Strict-Transport-Security: max-age=31536000 Expires: Thu, 24 Oct 2024 09:43:13 GMT Date: Thu, 24 Oct 2024 09:43:13 GMT Cache-Control: private, max-age=86400, stale-while-revalidate=604800 Last-Modified: Thu, 24 Oct 2024 09:18:32 GMT Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:13 UTC	573	IN	Data Raw: 32 35 62 34 0d 0a 2f 2a 0a 20 2a 20 53 65 65 3a 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 67 6f 6f 67 6c 65 72 65 73 74 72 69 63 74 65 64 0a 20 2a 2f 0a 2f 2a 20 61 72 6d 65 6e 69 61 6e 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 47 6f 6f 67 6c 65 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 67 6f 6f 67 6c 65 73 61 6e 73 2f 76 36 31 2f 34 55 61 5f 72 45 4e 48 73 78 4a 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 Data Ascii: 25b4/* * See: https://fonts.google.com/license/googlerestricted // armenian */@font-face { font-family: 'Google Sans'; font-style: normal; font-weight: 400; src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24r
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 6c 43 4b 31 59 6f 5f 49 71 63 73 69 68 33 53 41 79 48 36 63 41 77 68 58 39 52 46 44 34 38 54 45 36 33 4f 4f 59 4b 74 72 77 45 49 4a 6c 33 70 79 6e 53 45 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 39 35 31 2d 30 39 35 32 2c 20 55 2b 30 39 36 34 2d 30 39 36 35 2c 20 55 2b 30 39 38 30 2d 30 39 46 45 2c 20 55 2b 31 43 44 30 2c 20 55 2b 31 43 44 32 2c 20 55 2b 31 43 44 35 2d 31 43 44 36 2c 20 55 2b 31 43 44 38 2c 20 55 2b 31 43 45 31 2c 20 55 2b 31 43 45 41 2c 20 55 2b 31 43 45 44 2c 20 55 2b 31 43 46 32 2c 20 55 2b 31 43 46 35 2d 31 43 46 37 2c 20 55 2b 32 30 30 43 2d 32 30 30 44 2c 20 55 2b 32 30 42 39 2c 20 Data Ascii: lGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl3pynSEg.woff2) format('woff2'); unicode-range: U+0951-0952, U+0964-0965, U+0980-09FE, U+1CD0, U+1CD2, U+1CD5-1CD6, U+1CD8, U+1CE1, U+1CEA, U+1CED, U+1CF2, U+1CF5-1CF7, U+200C-200D, U+20B9,
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 47 6f 6f 67 6c 65 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 67 6f 6f 67 6c 65 73 61 6e 73 2f 76 36 31 2f 34 55 61 5f 72 45 4e 48 73 78 4a 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 6c 43 4b 31 59 6f 5f 49 71 63 73 69 68 33 53 41 79 48 36 63 41 77 68 58 39 52 46 44 34 38 54 45 36 33 4f 4f 59 4b 74 72 77 45 49 4a 6c 30 70 79 6e 53 45 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e Data Ascii: t-face { font-family: 'Google Sans'; font-style: normal; font-weight: 400; src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl0pynSEg.woff2) format('woff2'); unicode-ran
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 55 2b 30 41 38 30 2d 30 41 46 46 2c 20 55 2b 32 30 30 43 2d 32 30 30 44 2c 20 55 2b 32 30 42 39 2c 20 55 2b 32 35 43 43 2c 20 55 2b 41 38 33 30 2d 41 38 33 39 3b 0a 7d 0a 2f 2a 20 67 75 72 6d 75 6b 68 69 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 47 6f 6f 67 6c 65 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 67 6f 6f 67 6c 65 73 61 6e 73 2f 76 36 31 2f 34 55 61 5f 72 45 4e 48 73 78 4a 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 6c 43 4b 31 59 6f 5f 49 71 63 73 69 68 33 Data Ascii: U+0A80-0AFF, U+200C-200D, U+20B9, U+25CC, U+A830-A839;}/* gurmukhi */@font-face { font-family: 'Google Sans'; font-style: normal; font-weight: 400; src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 44 46 2c 20 55 2b 32 30 30 43 2d 32 30 30 44 2c 20 55 2b 32 35 43 43 3b 0a 7d 0a 2f 2a 20 6f 72 69 79 61 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 47 6f 6f 67 6c 65 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 67 6f 6f 67 6c 65 73 61 6e 73 2f 76 36 31 2f 34 55 61 5f 72 45 4e 48 73 78 4a 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 6c 43 4b 31 59 6f 5f 49 71 63 73 69 68 33 53 41 79 48 36 63 41 77 68 58 39 52 46 44 34 38 54 45 36 33 4f 4f 59 4b 74 72 77 45 49 4a 6c 38 70 Data Ascii: DF, U+200C-200D, U+25CC;}/* oriya */@font-face { font-family: 'Google Sans'; font-style: normal; font-weight: 400; src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl8p
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 20 55 2b 31 30 32 45 30 2d 31 30 32 46 42 2c 20 55 2b 31 30 45 36 30 2d 31 30 45 37 45 2c 20 55 2b 31 44 32 43 30 2d 31 44 32 44 33 2c 20 55 2b 31 44 32 45 30 2d 31 44 33 37 46 2c 20 55 2b 31 46 30 30 30 2d 31 46 30 46 46 2c 20 55 2b 31 46 31 30 30 2d 31 46 31 41 44 2c 20 55 2b 31 46 31 45 36 2d 31 46 31 46 46 2c 20 55 2b 31 46 33 30 44 2d 31 46 33 30 46 2c 20 55 2b 31 46 33 31 35 2c 20 55 2b 31 46 33 31 43 2c 20 55 2b 31 46 33 31 45 2c 20 55 2b 31 46 33 32 30 2d 31 46 33 32 43 2c 20 55 2b 31 46 33 33 36 2c 20 55 2b 31 46 33 37 38 2c 20 55 2b 31 46 33 37 44 2c 20 55 2b 31 46 33 38 32 2c 20 55 2b 31 46 33 39 33 2d 31 46 33 39 46 2c 20 55 2b 31 46 33 41 37 2d 31 46 33 41 38 2c 20 55 2b 31 46 33 41 43 2d 31 46 33 41 46 2c 20 55 2b 31 46 33 43 32 2c 20 55 2b Data Ascii: U+102E0-102FB, U+10E60-10E7E, U+1D2C0-1D2D3, U+1D2E0-1D37F, U+1F000-1F0FF, U+1F100-1F1AD, U+1F1E6-1F1FF, U+1F30D-1F30F, U+1F315, U+1F31C, U+1F31E, U+1F320-1F32C, U+1F336, U+1F378, U+1F37D, U+1F382, U+1F393-1F39F, U+1F3A7-1F3A8, U+1F3AC-1F3AF, U+1F3C2, U+
2024-10-24 09:43:13 UTC	1378	IN	Data Raw: 31 59 6f 5f 49 71 63 73 69 68 33 53 41 79 48 36 63 41 77 68 58 39 52 46 44 34 38 54 45 36 33 4f 4f 59 4b 74 72 77 45 49 4a 6c 7a 70 79 6e 53 45 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 39 36 34 2d 30 39 36 35 2c 20 55 2b 30 42 38 32 2d 30 42 46 41 2c 20 55 2b 32 30 30 43 2d 32 30 30 44 2c 20 55 2b 32 30 42 39 2c 20 55 2b 32 35 43 43 3b 0a 7d 0a 2f 2a 20 74 65 6c 75 67 75 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 47 6f 6f 67 6c 65 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 Data Ascii: 1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJlzpynSEg.woff2) format('woff2'); unicode-range: U+0964-0965, U+0B82-0BFA, U+200C-200D, U+20B9, U+25CC;}/* telugu */@font-face { font-family: 'Google Sans'; font-style: normal; font-weight: 400; src: ur
2024-10-24 09:43:13 UTC	819	IN	Data Raw: 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 67 6f 6f 67 6c 65 73 61 6e 73 2f 76 36 31 2f 34 55 61 5f 72 45 4e 48 73 78 4a 6c 47 44 75 47 6f 31 4f 49 6c 4a 66 43 36 6c 5f 32 34 72 6c 43 4b 31 59 6f 5f 49 71 63 73 69 68 33 53 41 79 48 36 63 41 77 68 58 39 52 46 44 34 38 54 45 36 33 4f 4f 59 4b 74 72 77 45 49 4a 6c 72 70 79 6e 53 45 67 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 42 41 2c 20 55 2b 30 32 42 44 2d 30 32 43 35 2c 20 55 2b 30 32 43 37 2d 30 32 43 43 2c 20 55 2b 30 32 43 45 2d 30 32 44 37 2c 20 55 2b 30 32 44 44 2d 30 32 46 46 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 Data Ascii: : url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJlrpynSEg.woff2) format('woff2'); unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U
2024-10-24 09:43:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.16	49794	142.251.116.95	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	574	OUT	GET /icon?family=Material+Icons HTTP/1.1 Host: fonts.googleapis.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 X-Client-Data: CPTfygE= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:13 UTC	805	IN	HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin Strict-Transport-Security: max-age=31536000 Expires: Thu, 24 Oct 2024 09:43:13 GMT Date: Thu, 24 Oct 2024 09:43:13 GMT Cache-Control: private, max-age=86400, stale-while-revalidate=604800 Last-Modified: Thu, 24 Oct 2024 09:43:13 GMT Cross-Origin-Opener-Policy: same-origin-allow-popups Cross-Origin-Resource-Policy: cross-origin Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:13 UTC	573	IN	Data Raw: 32 33 39 0d 0a 2f 2a 20 66 61 6c 6c 62 61 63 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4d 61 74 65 72 69 61 6c 20 49 63 6f 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6d 61 74 65 72 69 61 6c 69 63 6f 6e 73 2f 76 31 34 32 2f 66 6c 55 68 52 71 36 74 7a 5a 63 6c 51 45 4a 2d 56 64 67 2d 49 75 69 61 44 73 4e 63 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 7d 0a 0a 2e 6d 61 74 65 72 69 61 6c 2d 69 63 6f 6e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 Data Ascii: 239/* fallback */@font-face { font-family: 'Material Icons'; font-style: normal; font-weight: 400; src: url(https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2) format('woff2');}.material-icons { font-family:
2024-10-24 09:43:13 UTC	3	IN	Data Raw: 0a 0d 0a Data Ascii:
2024-10-24 09:43:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.16	49800	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	467	OUT	GET /gui/5978.4206cee10d7d4c2afd11.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d9b83d064b63470734dd6d91f7bb3e2f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:54 GMT Expires: Sat, 18 Oct 2025 08:57:54 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521120 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 02 0d 0a 30 66 66 37 0d 0a ff ec 5d 79 97 db c6 91 ff 7f 3f 05 4c db 13 c2 0b 40 24 67 38 07 29 4a b6 65 39 d1 da 4a b4 3a 36 9b 55 f4 14 90 6c 0e 91 01 01 06 00 e7 30 cd ef be bf aa 3e d0 38 c8 99 28 89 37 2f 6f 35 f6 88 ec b3 ba ee aa 2e 40 9d 4d 2e 9c bc c8 a2 59 d1 19 77 73 11 2f 82 1b 31 5d 87 b3 ab 67 cb 4d 72 75 5d 7c dc 44 1f 57 61 94 4c 0e f4 fd fc f3 fb 0f 6e b0 de e4 cb ee fb f7 c3 8b b3 f3 0f de 96 fe 1a 75 33 4f 78 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000010ff7]y?L@$g8)Je9J:6Ul0>8(7/o5.@M.Yws/1]gMru]\|DWaLnu3Ox
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: b8 65 b1 8a dd ee f5 cf 3f 77 af 27 af fe f4 78 ca 43 9c 79 58 84 7e 21 f2 62 d2 01 ad 69 ae 2f 01 ee 38 cc 0d 93 ce b4 48 1c fc ef a7 9b 22 06 f3 f8 80 73 15 66 77 ce fa d6 1f 76 1c 12 85 49 27 df 4c 81 f7 8e 13 cd cd 32 12 66 09 48 e7 89 a3 00 d3 d8 78 fc 48 ee ff e4 4f 90 63 09 7a 1b b4 77 80 f6 8e a0 9d 47 d7 1a 9e 6b 30 c8 ec ca b9 0c d7 fe 89 13 c6 d1 65 e2 83 e4 ab dc 9f 81 5e 22 c3 5e 5f 6c 7b 3b e7 31 b0 bc 72 be 96 90 4d 3a d4 66 8e 74 ff 12 8f a3 64 bd 29 d4 e9 16 a0 74 c7 59 46 f3 b9 48 f8 88 d4 f0 46 90 ec a7 59 c7 f9 7a b6 0c 93 4b 60 81 f7 50 db 33 0c b5 5f f6 29 6e fc f3 9e b3 f2 c3 4d 91 3a 38 08 a0 7e 7c 5d f8 9b c8 2f 52 9c 04 52 87 c3 54 b6 7f aa c8 03 ee d2 3b 3d 7e d4 98 82 65 1e 01 57 f4 17 9d df 7c fd 13 2c 53 f0 56 09 2b 13 eb 7b Data Ascii: e?w'xCyX~!bi/8H"sfwvI'L2fHxHOczwGk0e^"^_l{;1rM:ftd)tYFHFYzK`P3_)nM:8~\|]/RRT;=~eW\|,SV+{
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 59 ba 92 df d9 17 f6 65 00 82 98 b4 e3 6d e7 a2 08 a3 78 b4 25 35 35 e2 ee 8e 17 cd 47 62 47 fb 42 3f 51 f8 25 19 ed 81 84 a2 14 11 e6 41 79 16 93 3b 52 9a 0c e4 7f be 94 40 8e 91 9a 48 49 8b 7d 0a 90 05 c3 a4 d3 4c 48 7f 7c d6 ad d0 90 91 86 5c 43 a5 31 0f 7e 83 6c c8 6b 31 0b d7 40 4b a8 03 7b 1e 8b dc 08 32 1b b3 74 2e 5c 95 43 6a 52 60 dc e0 89 92 85 08 49 a0 0c fb cf e0 51 29 28 5a 72 aa a9 07 77 87 34 4e c5 0d c4 04 ca ad 64 63 89 2d 99 ab 78 49 0e b2 a2 15 3b fa 20 d1 75 24 6e 46 37 51 32 4f 6f bc e9 66 0a 77 2e 1f 7d d6 f3 60 d6 66 22 26 27 17 df 76 ee 58 25 90 20 0e 0d e9 03 4e 64 ba 80 ce 0b fc d4 08 20 00 5c 3d e0 22 c1 27 f0 c4 38 0b d6 19 99 cc e2 3b b1 08 37 71 d1 d5 f1 85 e0 f8 ac ab f7 95 89 39 0e 38 b4 26 e0 2f b9 bd bb 78 2a 01 19 89 f7 Data Ascii: Yemx%55GbGB?Q%Ay;R@HI}LH\|\C1~lk1@K{2t.\CjR`IQ)(Zrw4Ndc-xI; u$nF7Q2Oofw.}`f"&'vX% Nd \="'8;7q98&/x*
2024-10-24 09:43:14 UTC	335	IN	Data Raw: 33 99 ee 3c aa f4 fb 3b f2 d8 af 1e 7d f5 19 58 e5 2b 07 e2 56 e0 fa 32 5c 3b ce f5 30 38 0e 06 4e 77 59 14 eb 7c f4 e8 11 ae 5c a7 ba 17 79 d5 d5 23 97 67 3c 4b d7 77 19 f1 91 33 e8 f5 fb fe a0 37 38 76 e8 7a ae 5c e9 9b 4d b1 4c b3 9c 47 ff 88 f8 0f 81 2c 2e 86 a9 7c c8 79 f9 e2 ad b5 01 2e 2d 37 53 5e ba b8 99 e6 8f cc 6e 8f 70 b5 3c 7d 44 99 a4 47 3f be 78 f6 fc b7 6f 9e f3 d6 8f 46 19 e0 d9 4a de 04 31 47 ce e7 bd e9 c9 7c 1e 8e b9 09 49 d5 e8 32 45 e3 e9 69 bf b7 18 c8 c6 f5 26 83 5f 4a 8d 8b 93 c1 ac af 1a 11 60 d3 64 fe 23 9b c0 44 68 99 a1 36 73 d0 93 2d 28 ab 03 fb a0 51 0c cf 8e 7b aa f1 4e c4 71 7a 83 c6 c5 4c 5c 9c 9e c9 91 14 cd 43 1a 3e 3f be 08 67 27 33 d9 86 ca aa 18 4d 83 de ec e2 42 0d 9b dd 85 34 6a 70 7e 36 9d 0e e5 28 dc 86 cf 14 24 Data Ascii: 3<;}X+V2\;08NwY\|\y#g<Kw378vz\MLG,.\|y.-7S^np<}DG?xoFJ1G\|I2Ei&_J`d#Dh6s-(Q{NqzL\C>?g'3MB4jp~6($
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 31 32 34 30 0d 0a 5a c9 17 e0 b3 89 9c 6f 38 c8 a5 a3 5b d8 a6 08 9f 06 f6 ce a6 fa 20 37 08 c2 a1 f9 e9 78 16 fd a4 4a 40 a3 4d 69 b5 93 9f 5d 4e a1 1b fb 9e 73 76 e6 39 a8 b7 95 70 a8 1d 65 ef 10 3d fd b3 01 86 28 7c d1 ce b2 ab 87 9e c1 31 26 1e 2b 5e 51 10 c8 de c1 e0 02 fd fd a1 e7 a8 5e 09 89 da f3 02 cb 1e 9f e2 7f cd b5 52 57 Data Ascii: 00000001000000010000000100000001p00000001_00000001p00000001s00000001?00000001000000010000000191240Zo8[ 7xJ@Mi]Nsv9pe=(\|1&+^Q^RW
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 8b 45 19 15 3d 8c b4 c5 f3 0e 97 51 32 ea c9 a3 a9 f3 6b 6c 95 c7 d5 2d 60 03 e1 ab 84 98 86 55 ad c4 a8 65 7d 4d 5c 0f 18 40 f4 f7 fc e0 86 1c f0 61 ab f2 5d 2a dd a5 40 f6 de 73 c5 83 1a a3 be 71 39 d9 07 f5 85 6f c7 8a 0f 5b 1f 4f b0 5e 45 85 4f 55 0a 21 ec 02 dc 44 39 4b 1f 9e 98 64 a4 cb 83 dd ea c2 12 27 f5 4e b9 4f 7b 9f da b6 d6 59 3f c4 68 04 f9 fb 09 35 3b a4 ba 22 94 61 67 db 35 aa c3 49 72 7b 63 45 24 7e 60 4e 22 04 c3 d5 29 50 e1 00 8f 78 25 7c c8 74 81 67 0e 50 26 98 33 6f 20 af eb ed 1b 46 38 de db b9 8a 92 4d 21 f6 76 2f e1 aa cb 7d f6 0e 99 87 f4 f4 03 20 d9 3b 02 3e 78 b1 bc 67 cc 1d 39 e3 bc 4c 89 8a 5d 79 22 46 92 9f af 51 f0 a4 38 47 f1 13 3d 75 65 8d 53 b7 0e a5 1e 69 63 00 e6 b2 72 6d a9 52 f2 1b 2a 90 d4 c8 6c 05 82 2f 29 65 59 b0 Data Ascii: E=Q2kl-`Ue}M\@a]@sq9o[O^EOU!D9Kd'NO{Y?h5;"ag5Ir{cE$~`N")Px%\|tgP&3o F8M!v/} ;>xg9L]y"FQ8G=ueSicrmRl/)eY
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: ac 94 1b 98 2e b9 28 5e e0 38 55 05 01 e5 ac fa d2 17 c7 22 54 75 44 34 a8 6e 00 47 ce 09 df da a3 76 60 30 50 77 f3 34 ce 66 d8 3a 0c 86 41 09 f4 da fa ba cf c2 2a 8d 3a 3f 0e c3 e6 ea 7f ed 7d 2b e0 32 b4 68 45 b6 e9 6d c5 7a d9 5b 83 8e d1 cf 2a ab fe ca b7 26 71 eb b4 aa e3 fb d3 48 d9 3a eb 9e a5 9b a4 b4 ee 63 4b 27 e9 c1 94 ac c1 b0 87 92 ed a3 fe 1e 94 ac 63 b6 24 d7 3e ff b7 1c d1 46 50 89 02 5d b8 24 4b c3 41 64 7a e3 9a 22 2b 7d 2c 3d 37 ba f0 3e a5 4b 46 29 d0 95 4e 8e 0e 8e 6b 9d c6 57 1b f5 02 be 9d b4 26 da e9 75 a7 ac 4b e2 45 15 eb 96 3a 86 ea ac 49 5d 59 f3 15 ed ef f3 c4 81 81 87 38 ae d5 b3 d8 ae 6b a5 e7 b6 dd 2d e5 31 e6 b0 fb 1c d3 72 54 9b 6b da 6f b8 a0 3c 5e 99 7e be de ac 38 a1 b2 86 4e d6 ab e1 a5 24 b8 d6 1d d7 fc 52 7d ab a3 Data Ascii: .(^8U"TuD4nGv`0Pw4f:A:?}+2hEmz[&qH:cK'c$>FP]$KAdz"+},=7>KF)NkW&uKE:I]Y8k-1rTko<^~8N$R}
2024-10-24 09:43:14 UTC	599	IN	Data Raw: 4a 71 ea d8 6c d2 d8 cc f6 3e 6c 9a 95 e0 94 e9 a4 b2 4d 27 e9 c8 6a 95 4b 9a 24 5a 83 03 5a 4e 60 06 df 4f 88 f2 51 17 ac 53 ce db 4f 8c 72 0c 0c 34 d9 b2 7b 93 b1 06 d9 0a 7d 16 e9 0f 60 a8 4e 95 3d 3c 58 4d ca 01 1a cd 2c 35 84 b7 2f 77 60 7f bd 8e 05 ed df ce 18 06 79 75 2a 36 51 63 86 12 0d 1b 79 22 c2 7b 39 a2 9d 5a 7a 4d a6 52 f3 fe ab ce ef 75 90 9a aa c5 3a bf a1 29 01 72 00 55 ed 90 d1 24 b3 98 85 e0 fa 1d 9f c9 06 eb 5b ca 52 11 ee 1b 2a d3 22 f5 ac 0a e1 d0 80 7c 20 4d 52 c7 c1 7d d9 97 f6 e3 b5 cd 52 9c 26 43 10 59 ff a0 6a 5c 54 8f 0a c5 64 23 d7 47 c8 8f 76 a2 c8 51 49 23 ca cb d4 ef e5 da 36 65 e3 59 3e 3d 30 e2 57 69 60 b2 a8 d5 fe 68 4e 92 e8 6d 94 b3 36 ac 8e 1e af 54 67 75 b5 b2 94 79 db f0 8f d9 0a 5b b5 c8 d5 99 e6 c1 10 f2 99 50 69 Data Ascii: Jql>lM'jK$ZZN`OQSOr4{}`N=<XM,5/w`yu6Qcy"{9ZzMRu:)rU$[R"\| MR}R&CYj\Td#GvQI#6eY>=0Wi`hNm6Tguy[Pi
2024-10-24 09:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.16	49803	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	481	OUT	GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: a743eaf56c594e72391c2b836c4b72b3 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:53:53 GMT Expires: Sat, 18 Oct 2025 09:53:53 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517761 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7b 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 66 66 31 0d 0a c8 b1 e6 f7 fd 15 34 e3 d5 00 26 44 89 be 9b 14 cc 71 1c db f1 39 13 db c7 f2 e4 5c 28 59 0b 51 90 84 0c 05 30 00 68 8f 23 71 7f fb be 6f 55 77 a3 c1 8b ed 49 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001k00000001{0000000100ff14&Dq9\(YQ0h#qoUwI
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: d1 40 97 12 a8 b0 11 57 1a 6a a8 7d a2 de 38 98 a2 59 ed 8c 88 e8 2d 78 b6 b6 e0 19 18 c2 f6 05 17 be da ac 35 64 84 a1 ee 36 b7 c6 52 a6 55 95 5c 78 3c 8c ec 41 96 a9 79 e7 33 8e 59 9a 5f d4 97 4f fd 66 5a 8c 45 df 8f 57 38 fc 13 30 e0 a1 f9 66 f5 dd 60 c0 97 2b 1f 0c f6 51 68 90 57 e6 f2 a4 99 0c d8 cf 39 f8 b7 b2 87 bd 9f 1c fa f4 ef 54 d3 32 9b d7 1d 2c 5a 96 77 28 d2 0e 7b e1 5e a6 ab 67 e6 e9 cd 05 0b 39 39 c6 ba dd 8d aa b8 ec eb c0 47 d9 41 35 ca 7a f1 5d 15 aa 09 b8 86 70 e8 72 92 1d 87 a3 64 67 a7 50 89 4f 31 42 62 b5 d4 99 70 35 bc f5 4a b8 5e 86 1c f9 ed 32 0c 97 86 1d 17 fe b4 06 fb 7f ef bc 28 46 3a af f3 8e e5 17 20 21 cc 96 62 5b 27 dc 08 65 7f 7d ec 9c f7 ff 81 39 1b e5 46 b8 52 e2 49 a2 06 7b ff 6e 68 0c 1a 68 40 6d 32 00 ab ff 4e f9 95 Data Ascii: @Wj}8Y-x5d6RU\x<Ay3Y_OfZEW80f`+QhW9T2,Zw({^g99GA5z]prdgPO1Bbp5J^2(F: !b['e}9FRI{nhh@m2N
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 1d fc 0f 0e 9c 6e 54 4f 8a e3 3e 24 9d 15 69 b4 0e 44 0f 6e 14 df a7 dd a8 db 09 bc aa c6 78 0a 42 98 f4 4d 31 0d 3a 75 6a ac bc 78 ee f9 3b f8 2a 84 63 e5 2f 45 96 07 9e b3 ac 53 9a 22 9a b1 70 82 34 0e 2e 10 90 42 62 d2 15 20 74 8c 57 07 2b 05 0f 2c 94 b2 8e 78 30 87 98 4b 1e d1 49 06 36 de 40 41 4b 64 ba 98 41 4a ff 59 2a a3 4e fb b4 fa cc a3 7a 64 da 23 a3 e5 07 c5 a2 58 03 b9 b3 c9 3b f0 4c a9 75 1a a7 51 35 ae e0 f1 6c 54 4d 59 42 55 36 49 b5 ff f1 a7 9f fe d8 10 91 5d f0 ba 0f 57 2b e0 f0 ee ed e1 07 8c 0e 7c 05 2c 11 14 5b 1b 62 fb 63 9a 00 39 e1 f1 a4 ec ca eb dd 0f d0 5c b0 18 54 ac 33 25 aa bd bf 80 4b 8d 3a d3 4b ba 7a eb f8 e7 0f 2f 77 1f c3 e4 61 97 86 bd 78 c8 92 46 25 68 09 1c 1c cc ed ec 0b 80 57 a7 f8 30 bf 48 1b 86 25 dc ea 3e ed 07 72 Data Ascii: nTO>$iDnxBM1:ujx;c/ES"p4.Bb tW+,x0KI6@AKdAJYNzd#X;LuQ5lTMYBU6I]W+\|,[bc9\T3%K:Kz/waxF%hW0H%>r
2024-10-24 09:43:14 UTC	411	IN	Data Raw: 4b fd 9e 26 a9 aa ab 2c 77 03 c4 3a 58 ff 82 2b 03 dd 40 78 b7 13 2d 7e e8 fe 00 61 f1 43 b7 93 69 80 01 b1 39 58 9f 1d 00 bd ff c3 ca 80 12 4f c5 34 e2 fa 69 0c eb 20 3d f0 c1 a5 98 d1 ee 5b d0 90 59 17 ab bd 77 e1 37 4d 67 29 e3 1b 90 fc 48 d4 40 f0 e7 f4 4b 07 f2 6b a5 ef ba 58 c1 4e 87 3f 7e df 15 2c 26 28 a6 cb 28 ef 3f 8f 33 c4 1e f6 1f 3d 79 bc 81 a4 1e 0f 1e 3c 7e 08 47 4a 3f cd 99 9c b0 0e 62 88 30 c4 88 3c cf 72 43 fa e9 c1 fe 78 d0 0b 76 d3 83 83 41 38 dc ef 05 f2 00 2b 32 1c 9d 15 d7 79 7c 6f b0 53 44 b0 9c 9e 3e 8d 1f 84 4f 01 9e 20 bf 89 ef dd 85 54 ec 01 17 b4 43 32 89 cf 97 d0 15 50 6f df a7 97 bc 7f 96 ae 8c a8 49 52 32 8a 28 a4 16 c4 ab 44 7a a3 29 c8 91 82 04 3d 03 07 f2 a7 f1 c2 e3 a5 46 8d 83 7b 1f 6e 25 00 f6 aa 28 d3 ce 19 14 5c c4 Data Ascii: K&,w:X+@x-~aCi9XO4i =[Yw7Mg)H@KkXN?~,&((?3=y<~GJ?b0<rCxvA8+2y\|oSD>O TC2PoIR2(Dz)=F{n%(\
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ef 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 66 66 61 0d 0a fc fc e7 7f ff 8f ff fc af e4 74 7a 96 9e 5f 5c 66 7f f9 65 76 95 17 f3 bf 96 55 bd f8 f4 f9 d7 2f 7f db 1f dc bd 77 ff c1 c3 47 8f 9f f4 f6 ba 56 0b 81 c0 d9 88 24 00 f6 fe 41 8c 30 11 70 df ac 85 c3 f8 36 9e 37 02 ad fb 27 a3 4a c3 d3 f4 39 45 3e d3 3e 94 ea b3 ce c3 7b 02 26 41 da b5 c5 77 58 fe f0 81 e9 2e 7e b2 3f 4e 77 1f 3e 18 3e 79 64 4b 06 77 ef a2 e8 c9 a3 de dd 87 c3 fb 8f 6d e9 83 47 28 bc ff b8 f7 e0 ee f0 fe 3d 24 42 8d 1f e2 e1 91 3c dc 1b ee 0e 00 ba 87 8f 1e 3d 72 90 b3 42 ae 03 Data Ascii: 00000001}0000000100000001o000000010000000100000001?00000ffatz_\fevU/wGV$A0p67'J9E>>{&AwX.~?Nw>>ydKwmG(=$B<=rB
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 7b ed e2 13 47 51 68 58 d8 9c 92 8b 71 b4 c0 fc 01 bc ad d3 28 f0 5a 8c ba eb 9f 76 09 88 da 77 78 1b 18 29 3a ad 7f 60 7d 27 22 98 ec 00 8c 32 84 f9 cb 78 94 a0 1b fe 62 59 d7 7a 6b 80 d5 ca e4 2c 1b b0 4d 7f ff dc 56 bf fc d6 d4 56 eb ff 43 33 5b 6d 6c 6d 62 b4 92 5f 57 66 56 87 29 c0 c7 64 0b 0f 2f e8 8d 23 49 49 fa 93 06 e4 9c ab ad 3b 92 6c 50 c4 0e 22 79 58 41 94 d6 5a ac 34 b9 26 d1 0e 17 a7 53 28 b6 55 6a a8 c6 51 75 e7 a4 d5 0e 77 e0 2c fa af 5e bc 79 f1 1e b6 d6 1f 4e de be ff c3 8b f7 54 bc fa 6f df bf 7e f5 fa cd b3 9f 4c d1 5d 56 db 6c 90 2d 36 1a 64 1e 4a f6 53 18 0f 06 28 ad 81 43 11 17 68 40 c5 64 36 0c d9 fe a8 fa 9c c9 96 a4 9b 9b b5 71 85 d7 53 7a 3b d6 ca 87 26 6d 78 1d f3 46 92 cc 38 32 9f b5 a7 e4 be 5a 5d 55 f3 11 48 2c 59 cc 6a a4 Data Ascii: {GQhXq(Zvwx):`}'"2xbYzk,MVVC3[mlmb_WfV)d/#II;lP"yXAZ4&S(UjQuw,^yNTo~L]Vl-6dJS(Ch@d6qSz;&mxF82Z]UH,Yj
2024-10-24 09:43:14 UTC	1364	IN	Data Raw: 04 cf 98 6b 82 60 5a 63 62 79 6d ea 02 7d bb d5 fd a6 d5 12 ad 1a e6 55 98 78 a0 38 fd 39 87 f6 9c a9 c1 c2 2d ab 7d 1c ce 13 ec 00 b2 0e 74 f8 39 2d 4f 4a c9 2c 4c 5e 84 e3 01 16 8c 96 70 7b 48 73 10 59 67 63 5d 6b 35 19 4b 06 07 48 7b 83 6f b4 a5 ed 98 a4 c2 75 31 3c 41 0b d2 d2 4a 08 0d c4 ea 91 18 d7 82 a7 47 6c d0 4b fd 6a 3a 75 04 72 a0 3b 21 9d 7b 91 2e 97 9b bf 19 ec 21 6e d8 e2 e7 16 a1 2c be be dc 68 7d ad b8 da 9c ca 0c 17 1a b9 05 ac 2d 07 28 1d 4b a3 55 a3 ca d4 70 23 e4 6b 6e b0 5d 10 c3 12 1b c2 b5 60 17 65 4d c9 6f 94 7e ed a4 65 be bc b2 7c dd ce a4 b2 94 07 ca 6a 3c 7e a7 59 02 a9 ba d9 ff 81 6c 08 2c 6d ed ac 9b ad ae 08 a0 3c 6b 16 2b c2 84 51 74 37 0b 5d 3a fa 87 98 b8 61 06 50 58 c9 6e 43 1a 2a 97 63 24 39 41 a8 28 1c ac 50 87 ab 20 Data Ascii: k`Zcbym}Ux89-}t9-OJ,L^p{HsYgc]k5KH{ou1<AJGlKj:ur;!{.!n,h}-(KUp#kn]`eMo~e\|j<~Yl,m<k+Qt7]:aPXnC*c$9A(P
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 07 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 32 0d 0a 30 30 30 30 30 30 30 31 0d 0a 19 0d 0a 30 30 30 30 30 30 30 31 0d 0a bb 0d 0a 30 30 30 30 30 30 30 31 0d 0a a0 0d 0a 30 30 30 30 30 30 30 31 0d 0a a2 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a c6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4b 0d 0a 30 30 30 30 30 30 30 31 0d 0a ea 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 31 38 61 38 0d 0a cc fc b0 ff ae c9 e4 e5 c9 b9 d7 38 ec 24 48 11 69 b0 46 b0 e4 46 72 bd 24 2f 16 bc 91 05 d6 a7 e1 a3 35 69 04 88 dc 54 Data Ascii: 000000010000000100000001N000000010000000120000000100000001000000010000000100000001000000010000000100000001[00000001K0000000100000001018a88$HiFFr$/5iT
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 68 85 7f 8b 44 dd ee 1b de a3 b0 92 76 cf 55 dc 28 c6 ad 33 8f 1c d4 f0 7a 90 19 50 c9 e3 27 39 f2 dc 54 74 51 33 da 7c 24 88 d1 27 1a c9 0c 8f a9 77 28 4a eb 84 8f b6 a2 01 c5 40 4f ee b7 8e 18 ab 81 c0 1f 29 aa a1 65 b5 6d 88 d4 05 c9 b6 01 80 0a 3d d8 ab 76 2b a3 4e d7 fc 32 a6 58 d5 56 a1 9a 5c 50 a1 69 fb 56 17 ad 21 39 4b 85 f6 e3 55 32 87 9f d6 da 76 2a 88 b4 6b 2a 09 04 a5 26 a5 36 65 96 6f fb eb 61 34 4f 6b 04 89 05 bd fa 7e 45 d6 58 30 49 17 46 fe 98 32 c3 3d 36 e3 8c db 56 51 39 e9 c4 ee 80 7f 38 12 cd e7 67 f6 c8 30 1f c6 06 3b 57 38 a6 8c 54 17 04 47 76 b7 32 9c 9d d2 16 27 38 b5 e1 c9 93 fb 0f 36 ec 3b 16 df 45 d8 a4 45 bb 8f 64 2b b2 73 5b ec 05 47 e5 f8 28 c7 b5 19 55 dc bd 7d fb 76 56 29 35 bc c1 f1 1e f8 d9 6d f9 2f 84 cd e2 54 03 7b ba Data Ascii: hDvU(3zP'9TtQ3\|$'w(J@O)em=v+N2XV\PiV!9KU2vk&6eoa4Ok~EX0IF2=6VQ98g0;W8TGv2'86;EEd+s[G(U}vV)5m/T{
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: ef c4 52 73 c7 f2 d1 a5 c3 50 b1 c7 9f d4 6c 81 fc c9 79 02 4b 6a 9d 0f 72 22 17 4a b9 01 0b 87 73 eb 9d 61 86 19 db 3a 35 fc e4 ed 23 09 98 01 9c 9b e3 3f 13 eb fa c7 5e 2f d3 00 13 80 85 4f f1 be 5a dc 37 c5 cb a6 7a 47 bb 7d dc 37 35 0c c7 cc 9a 66 21 ca 86 bc 2b 8d 17 d5 a2 42 1f 37 34 f2 02 3c 7b a5 ea d1 e1 9d 10 77 9c f1 3e 5b 04 a9 93 21 ae f7 8c fa 3d dc 60 6b 3d 7b 9d 02 d4 2e 21 25 ea 49 f6 62 59 cb 80 f2 f1 b5 e6 61 0f e5 ae d5 64 51 5f e2 09 9b b6 2e 8b 0a 31 61 ee c1 e2 01 4c 78 c2 fe 2a e6 52 e3 e9 c1 f1 52 dd 1e ae 0b de 32 6b ba 68 78 1b f4 63 93 e1 8d 73 2d a9 5f cb 2f 1e 9a 0d 41 0d b7 db de 1e af 93 60 8f d4 ed 59 83 cf bd 2e 2f 9c 4b fb ec df 96 f3 99 65 1c 89 96 f1 fc 6d fd 2d e5 18 97 ad 2b f9 de 51 be 74 63 ab ec d8 78 cc 1d 02 1e Data Ascii: RsPlyKjr"Jsa:5#?^/OZ7zG}75f!+B74<{w>[!=`k={.!%IbYadQ_.1aLx*RR2khxcs-_/A`Y./Kem-+Qtcx

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.16	49804	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	468	OUT	GET /gui/88220.7a7bbdb48b5a17981431.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: fc3f30a9a761ded06a0fed949ebc5863 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:10:04 GMT Expires: Sat, 18 Oct 2025 10:10:04 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 516790 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 66 66 66 0d 0a 8b 08 00 00 00 00 00 02 ff ec bd 7b 63 23 c7 71 ee fd ff f9 14 63 38 56 08 1b c0 62 06 18 5c b8 e2 ca 32 2d 7b 15 ef da 8e 25 af 13 2b 3a 36 48 82 4b 44 20 c0 00 e0 de b8 fc ee ef ef a9 ea 9e 0b 00 ae 28 59 76 92 f3 32 8a 97 e8 e9 9e be d4 bd aa ab 7b 0e d6 d3 f9 79 e7 f5 f4 e4 6a 72 fa cd f1 c5 f5 e2 9b 57 9b bf 5c cf fe 72 39 99 2d 8e 3e 50 f7 fe fd 57 5f 37 3b 57 d7 eb 8b 83 af be 1a 8d b2 ac db ca bb a3 bc df 1a 8f c6 dd ee d7 ad 1b 7b 76 78 b0 6a 4d 5b 9b e6 d1 93 9b c6 f5 7a 9a ac 37 ab d9 e9 a6 f1 78 d3 59 1d 4c 9b ad 4d e7 ec 60 da ba 39 9b 9e 4f ae e7 9b c3 03 da 5d af 6e 9b 8f 37 07 f4 92 36 1f bf 9a ac 92 e5 d1 e6 a0 3f 1a 76 fb cd d6 84 9f e9 60 d0 cf 9b ad 35 3f 07 d9 a8 97 35 5b 0b 7e Data Ascii: 000000010fff{c#qc8Vb\2-{%+:6HKD (Yv2{yjrW\r9->PW_7;W{vxjM[z7xYLM`9O]n76?v`5?5[~
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: d7 9b 39 4c d9 be 02 51 93 d5 db 64 03 f3 c5 99 d3 5b 5b f3 48 fe e9 a6 7b db 48 24 77 8e 1a de 4d 23 f9 f9 e9 7c 76 fa cd 51 c3 ea 9e 24 0e d3 44 70 4b 3e 7e e4 8d 18 f4 11 40 b9 6b 6c 1b 3f 8e 7b 8f 21 9c e1 76 7a ff 6b b3 05 3a d6 1d 03 fd f3 c9 55 f3 e0 06 8a 9a 40 18 67 87 db 0c 77 1b a4 44 95 06 be d3 db 07 52 4e d6 6b e4 23 28 ea b6 75 dd 31 34 ac 8f 8c 30 ae 17 eb c9 f9 f4 f8 8b 2f 9a 07 57 9d 4f 9b ad eb e6 e3 97 07 5f 51 35 a1 99 a4 f1 41 f3 eb d6 79 e7 6a b5 dc 2c 05 d4 56 c3 28 b5 d1 72 b6 69 b6 be a5 75 45 aa ed be 63 5d 35 0f 1a 3f de 25 98 ed 51 77 5b 14 33 38 3f 8a 73 40 e8 88 17 5d 0a d3 af 98 c4 d7 de 3e 99 ac 1a ea d3 35 f4 5b e9 cc f1 00 95 79 2c 9d 9a 8e d3 21 bf 51 ae 69 0f 45 db 6c bd 3e da 74 16 07 c7 cd d6 37 34 1c 8e 87 dd dc 35 Data Ascii: 9LQd[[H{H$wM#\|vQ$DpK>~@kl?{!vzk:U@gwDRNk#(u140/WO_Q5Ayj,V(riuEc]5?%Qw[38?s@]>5[y,!QiEl>t745
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 84 e1 e2 22 a7 1f 5c 24 21 90 69 47 62 75 fa 2a 2c 71 2f 70 9d a7 9f 01 e2 35 4a 6b 8a 95 3c 5b 9e 22 01 8b 51 1b cd c3 7b be 58 7b 09 ec 94 65 e1 86 b0 62 67 b1 44 6d 2c 5e ee 57 01 11 cd 81 32 0c c1 98 7f 7f 5a cd 36 48 63 eb 02 cf f7 cd 5d 9e ef 37 f2 7c df 34 1f 7f 1a 3c 5f bc 5d 0b 6e 22 05 e4 f3 1e 7e 41 68 68 f1 f2 16 ff f1 9f aa 9e 70 30 45 4b bf f6 3b bf 5f 37 d5 0b 8f 36 f6 53 f8 c7 35 3b 65 7b 1a 45 a5 59 94 e5 6c fe e9 28 f6 b3 cf 2f 76 7b 97 15 29 76 9d 8f 87 84 9a 89 44 f7 88 3a db 8f 6c 40 f8 da c2 c6 9f cb 05 ee e6 43 9e ff 41 f1 e5 ee 60 48 2c fa 19 3f f3 c1 30 1d 36 5b ff c9 cf 7e 9e f5 d3 66 eb 57 fa d9 cf f1 a5 7f a1 7a 45 d7 9b ad cf f8 39 cc ba 23 9a fe de fc ea cf 9a ad bf a8 61 b7 3b 18 37 5b bf b4 67 7f 69 b6 7e c7 33 0b c5 bb af Data Ascii: "\$!iGbu*,q/p5Jk<["Q{X{ebgDm,^W2Z6Hc]7\|4<_]n"~Ahhp0EK;_76S5;e{EYl(/v{)vD:l@CA`H,?06[~fWzE9#a;7[gi~3
2024-10-24 09:43:14 UTC	242	IN	Data Raw: 6b 64 eb 0a e7 6c aa 8d f9 5f 7a 76 4e 0c 25 ba fc a6 91 39 48 2f 64 ed 82 a0 33 76 fc cd c8 72 b6 17 04 6a 4d 2a 2c b1 53 77 f4 d7 8b cd e6 ea f0 d1 a3 7f 8a 5b 1f 3b 4d 6e f1 b6 4d a2 7c ff 94 81 7a 6e 40 10 4f bb 03 d5 f2 09 ca 34 03 8b 57 85 84 04 97 51 85 6e 2d 75 65 a5 53 d0 5f 43 a3 e4 17 a1 5d 74 a4 21 d0 81 48 f8 b6 02 f4 12 9e c7 17 93 05 14 2b 2c 54 ba ac c1 53 56 b4 c7 54 be b4 20 b6 bb 1d 21 eb e2 56 14 fd 9c 8c aa 99 8f 13 b6 44 42 6f 97 65 c5 97 78 40 ec d3 c1 de 4e ed 7b aa bc 63 f2 6a 42 40 78 15 32 56 c2 1e 4f 34 49 1e 55 5e 6d b4 70 76 6c 0e c7 45 f4 a2 98 82 85 30 ee ea a4 c2 9e 45 1f 5b 9c 29 ca fc e8 a3 ca ee cc 0f 91 c1 e3 76 44 44 e4 34 2a 2f 51 c7 16 22 65 63 07 44 4e 8f 9e 14 49 3e e0 0d 0a Data Ascii: kdl_zvN%9H/d3vrjM,Sw[;MnM\|zn@O4WQn-ueS_C]t!H+,TSVT !VDBoex@N{cjB@x2VO4IU^mpvlE0E[)vDD4/Q"ecDNI>
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 04 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a be 0d 0a 30 30 30 30 30 30 30 31 0d 0a d0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 82 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 31 0d 0a 4f 0d 0a 34 66 66 33 0d 0a 79 63 32 c2 9d f6 1e 37 d4 c0 04 4f 47 91 90 8f 3e da 02 86 55 b7 a6 9d d9 19 1e d1 04 c7 f0 ed 7a b6 fe 96 f6 9f c6 66 fe de 2d 96 d4 53 34 3c 32 6f 59 50 68 45 de 48 d6 df 23 26 57 6a 21 cc 30 db 6b f8 3d c4 aa 8c 1a 2b fc 92 42 99 19 b3 23 d4 Data Ascii: 00000001Q0000000100000001:0000000100000001000000010000000100000001.0000000100000001~0000000100000001a000001O4ff3yc27OG>Uzf-S4<2oYPhEH#&Wj!0k=+B#
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 95 f8 6f 50 d6 bf ed 67 0a 07 41 01 4c 2f de 97 94 5c 2e 16 76 2e 49 3e 5d 0c c7 b9 2c e4 91 5b c7 4e 7a a5 02 90 25 e9 00 f2 91 94 8f 5c 21 74 d9 93 49 47 82 5d 29 9f 91 32 3e 89 b9 e1 f1 41 a0 fb 90 7e 1f 41 5e f6 c8 20 81 62 42 cb ef 49 23 3f af e7 cb 7f e1 89 69 25 71 d8 fa 83 72 30 d6 81 f3 7f 81 8f 23 b4 3d 25 65 57 98 fc 5e ea a2 22 de 57 c4 f4 0f 56 2b c3 5e 98 00 54 04 0b 29 27 38 ba 03 f2 06 62 1a 6f 4b cc 25 56 43 af d7 75 72 00 86 f4 79 91 24 b7 a5 ea e6 cb e5 37 09 27 1b cc 98 b9 62 53 8c fc 09 92 95 90 cd df b3 c3 53 65 1b b3 37 b6 50 4f 22 0e f9 7f 64 62 b8 55 19 25 e5 de a8 47 60 82 3d 9a d1 dc d9 e8 ff 4d 05 20 84 8c 3c c0 ef 06 a0 97 28 00 41 cd d2 c2 26 d8 8a b2 40 df 6c cc ab f2 9c 8e 84 ec 42 4f ea 48 5e cd d6 33 4b 47 7c eb de d2 fe Data Ascii: oPgAL/\.v.I>],[Nz%\!tIG])2>A~A^ bBI#?i%qr0#=%eW^"WV+^T)'8boK%VCury$7'bSSe7PO"dbU%G`=M <(A&@lBOH^3KG\|
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 4f 47 17 0c d6 9f e4 bd 4e 7f 30 4c c2 1f 87 17 23 83 1c c0 d5 1d 3c 1f 77 7a 3d c8 23 17 a6 98 d9 28 33 e8 83 15 80 d5 03 26 7d 2a 98 20 e3 0d 47 5a 76 36 1c 4e c0 6b 6f 24 ec f2 af f5 08 0a f3 61 cf 28 e8 f9 a8 33 1c f7 0c db 7d a7 31 48 a2 d3 1f 43 1c 60 80 29 81 bf 74 98 d0 6d 36 12 4c 52 87 49 67 d4 e5 25 e8 b6 dd 21 5f 99 fe 46 e3 76 af 93 8f 8d 9e 7a fd 74 1f 40 f2 91 d0 a6 a1 c8 6b 9e 64 0c cc aa ec df 80 d4 7c 90 0b a8 bd 81 88 14 98 00 fc e3 5c b4 20 fc 0c 07 49 1f 92 1c 83 94 51 9e 09 1c 83 6e 9a 64 92 4a 9f d2 4b de b5 ce f4 c7 7a 13 68 f3 4c 33 4b d3 4b a6 d6 ef 53 df 19 67 d9 31 cf 91 9f 80 26 1f f5 c1 20 80 61 4c 56 43 57 74 d8 cb 59 94 88 2a 85 29 84 fd 4e 77 c4 db e0 2c 1d e6 9d 11 34 9e 31 6d c8 20 2b d6 c8 c6 62 90 a4 9c cf 5a 4d 16 6b Data Ascii: OGN0L#<wz=#(3&}* GZv6Nko$a(3}1HC`)tm6LRIg%!_Fvzt@kd\|\ IQndJKzhL3KKSg1& aLVCWtY*)Nw,41m +bZMk
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 07 63 3f 03 9a 20 10 d2 13 2c 1d 3c 78 1e 89 19 03 20 4d 48 05 98 30 8a f1 0f 10 95 b8 d7 fc 80 39 80 32 d8 1b 68 c0 84 e3 0a 48 e5 a8 65 16 81 2a 13 9a 1c 9b b2 60 00 bb b0 de 16 d6 81 16 fa 49 5e 91 81 db 94 a0 80 45 bf e2 5b a3 14 fe 81 95 35 bc ad 45 7a c8 e1 03 92 59 b9 c0 e8 42 f4 43 c2 a2 26 f0 e5 85 a7 39 2f 02 cd 21 64 85 94 00 26 1a 12 9e 06 a6 d2 df 43 61 37 bf b0 e9 41 1e 40 41 06 19 02 42 eb c4 f9 4a ac da e4 08 53 f3 0e 20 52 7f 3f ed da db c2 f3 0b 86 b8 e8 75 5f 85 ee 44 1b 18 71 b2 75 46 b2 32 d4 1f 8b ed 56 ba 83 23 51 c4 68 52 28 21 55 7f c0 41 24 54 4c 07 1c fb fb b2 4c d4 81 4f b8 e8 02 9a d0 db 84 68 a0 7c 0c c7 f6 58 13 1b e2 80 82 8d ec 18 bb 49 6f 48 46 f4 89 ed c8 4f ea 11 27 e8 7e 91 31 16 36 a6 09 8f 71 17 a9 82 64 52 41 ff b4 Data Ascii: c? ,<x MH092hHe*`I^E[5EzYBC&9/!d&Ca7A@ABJS R?u_DquF2V#QhR(!UA$TLLOh\|XIoHFO'~16qdRA
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: e1 08 2f 2c 05 54 f0 76 85 23 a7 87 48 95 00 ec f7 2b f5 27 92 de 85 26 34 37 02 f6 30 29 5d 83 85 bf 12 c5 a4 ef 07 4a 58 c6 09 d6 6b f6 50 43 29 35 e2 5c 7b 83 de 69 3f 8a d0 82 ad ac d6 df e7 1a f5 64 00 3d 0d 83 26 2c bb f0 59 8f cf 27 e7 27 3e b1 6a 55 98 7d 1f 65 90 e5 bc 9e e5 c1 24 29 22 2a 71 06 03 b6 1b 47 01 1a f5 4a ef 63 3c 42 9f 74 f5 4f 54 1a 45 2b 9b c1 f4 74 3a 3d df 7e bf 00 9f 60 8d cf c1 3f 11 e2 3a ce 84 be 8c d0 9b 2d c8 7a 9a 6d 7c 05 96 13 13 27 56 45 63 59 e1 93 da 46 a3 d5 87 8b ce c9 18 3a d4 bd 1a 41 ce 5a d5 85 32 aa e2 90 35 3d bf 5d ed fd ef 28 e7 53 98 aa 7c bf 62 cf 5d a0 6b 5c ba ec 9b 77 59 eb d8 9a 9e 9f 4c 03 22 82 e8 8c b7 2f 92 98 1c 38 c9 25 aa 6e 40 38 4c d6 4b 2e 1b a9 55 c4 51 a6 f9 74 1c e5 71 e8 ca aa da be 15 Data Ascii: /,Tv#H+'&470)]JXkPC)5\{i?d=&,Y''>jU}e$)"*qGJc<BtOTE+t:=~`?:-zm\|'VEcYF:AZ25=](S\|b]k\wYL"/8%n@8LK.UQtq
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 5b 25 9b 12 82 36 38 01 23 37 23 42 2b a3 a2 dd 36 7a 1c 5a 04 7a da 6d e3 15 e4 af 57 ac 8e 5a ab 4a 85 2e 8e aa 19 a6 5a 89 3d 0a 76 9f db 4f 7e 00 f3 f1 5e ab ea 71 dd 40 79 1c 35 03 79 35 c4 08 ed a6 16 b3 0c 1e 9b 19 b1 e7 e9 ba bd f3 70 e7 81 13 52 1d e0 35 62 76 a7 b9 0e f9 2a f5 71 05 6b cd ea ab 01 a4 56 45 4b b6 4d f4 69 a6 c5 59 70 56 ea 8d 49 4c 37 16 b1 03 7f 87 06 ac 84 68 19 5f 2f e3 7c 1e 16 92 be ac d4 da ee 63 4f 0b 9f cf 5d ef cb b3 31 d2 dd 79 33 ea 8e bb fc 1b f7 77 50 0a 92 74 95 99 9a 29 60 f2 af 66 4b d7 16 57 09 99 7c 1b 1c 02 87 03 8d 2a 9c eb 28 da 95 02 4d 9f 80 f3 67 30 b0 83 87 f2 0f 9e 48 b4 ae cc 8a 8d c0 ae 4f 7f 5b 8a 34 6f cd 56 16 60 db 76 5f 4b f3 67 fa 7d e8 57 4e b4 ec f7 f9 6c b5 e6 83 05 17 b3 f9 59 f5 79 c7 db ec Data Ascii: [%68#7#B+6zZzmWZJ.Z=vO~^q@y5y5pR5bvqkVEKMiYpVIL7h_/\|cO]1y3wPt)`fKW\|(Mg0HO[4oV`v_Kg}WNlYy

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.16	49801	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	485	OUT	GET /gui/vt-ui-shell-extra-deps.2f0832bf9cf1fc541ba6.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 35013278d91824e9aef28a7fe8449547 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:50:02 GMT Expires: Sat, 18 Oct 2025 08:50:02 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521592 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 31 0d 0a 69 0d 0a 30 66 66 33 0d 0a 77 db 46 b2 f6 f7 fc 0a 18 49 7c 80 09 00 91 d4 4e 19 56 bc de 68 e2 6d bc 24 93 28 7a 65 88 6c 92 88 48 80 01 40 c9 b2 cc fb db ef 53 d5 dd 40 03 04 65 c5 93 39 ef 97 9c 93 d8 20 d0 4b 75 75 ed 55 dd b6 17 b9 b0 f2 22 8b 07 85 7d e0 e4 62 3a 0a Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}000001i0ff3wFI\|NVhm$(zelH@S@e9 KuuU"}b:
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 7b 6f dd 00 0f d3 14 7b 99 ac 8c a0 08 f0 8b fb 2b c1 50 01 30 08 35 08 83 45 5e a4 33 25 89 dc 1a 42 6c 5a 88 bb f4 36 7b 9b 3b bd 9a 86 01 d1 bb 9e 52 34 83 74 46 42 ec 08 8c cd 2a 07 eb 3f c0 73 5e b0 d2 e9 6e a3 b7 1b cc 44 9e 47 63 41 8d 96 de fe fe 66 6f 6b ed 78 17 71 b6 c8 df a6 45 34 7d 13 25 c3 b3 f4 43 39 72 8e 91 49 4f 65 6a fc 3c c4 2e 68 bd 16 e4 17 63 d7 c9 c0 d6 59 e8 90 0e 73 df 7f 65 81 bb 2f c6 d6 25 91 6a 68 77 c5 cc b6 26 22 1e 4f 0a f5 e3 22 16 97 0f d3 0f a1 dd b1 3a 56 6f 0b ff d9 d6 28 86 02 b3 93 34 11 b6 f5 61 36 4d f2 d0 9e 14 c5 bc bf b1 71 79 79 19 5c 6e 06 69 36 de e8 75 3a 9d 0d 0c 6d df ff ea de 1c 04 c2 bd fc 6c 31 15 a1 2d 20 14 d3 e1 d0 b6 06 d3 78 de 7c 37 0c ed e7 3d 6b 33 d8 7e d6 ed 04 7b 3b db 5d ab db 0b 36 f1 f7 Data Ascii: {o{+P05E^3%BlZ6{;R4tFB*?s^nDGcAfokxqE4}%C9rIOej<.hcYse/%jhw&"O":Vo(4a6Mqyy\ni6u:ml1- x\|7=k3~{;]6
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 8b f3 1c b1 b1 dc 59 04 3f ba cb 1b be c3 6c 92 56 d1 31 42 6c a2 64 55 58 25 08 22 45 08 53 0d 0f 2b 15 ad a2 25 86 69 82 18 89 f1 59 8e 51 2a 74 f0 57 81 88 10 d9 07 b0 c4 f4 78 ae 7b 02 2b 00 38 0b d6 7e 6f 09 3a 95 88 29 e3 4e 18 0f ce e6 60 c2 31 32 27 11 97 d6 23 e9 bc 93 15 02 eb 7a 12 25 63 e1 73 3f 7f 06 2b dc f6 ae 87 a2 80 aa 52 c1 0f 6d 9d 7b 67 8b 33 ac 33 ef df e9 78 20 ed 39 62 53 43 3c c3 16 56 6c ac 65 60 28 f7 82 da 2c 0a f1 54 49 46 29 4d 48 32 ea f6 e5 66 d5 da 83 97 59 b1 1b ed 97 2d 36 b8 0e 69 7d 66 75 44 38 ac 31 7c 36 fa 04 cc 7f 77 79 aa 40 2b a7 2a 37 f7 8e 23 23 d1 82 6d 62 08 fb b2 6d b9 0c 65 3f af 48 76 ec 94 24 10 65 c2 bc ff 06 ae c5 28 ce f2 82 f4 c2 12 da 9a 2c 56 f5 eb fd a7 4f b0 ef 86 cb d3 86 c4 85 fe d0 74 66 01 86 Data Ascii: Y?lV1BldUX%"ES+%iYQtWx{+8~o:)N`12'#z%cs?+Rm{g33x 9bSC<Vle`(,TIF)MH2fY-6i}fuD81\|6wy@+7##mbme?Hv$e(,VOtf
2024-10-24 09:43:14 UTC	384	IN	Data Raw: d2 ec ae f5 e6 2d aa 3a bf 0b 75 f7 16 83 10 05 1b 4a f6 fb a3 e8 8c ec c1 77 d2 1e 3c 25 7b 6f b7 8b ec bf f7 3b 3d 6e 6f 6e ef b8 de 63 3c ee 75 7b db c8 44 33 55 5a cf ae 55 ac 86 1c 4e 29 59 13 2f 3b c8 a1 b0 91 d8 2b 82 c1 6c e8 5e 0f a2 5c c0 df 8d b2 c1 c4 ee 2b cf 3e 74 12 38 9d 50 fa b9 49 4c 89 26 a6 44 95 7a b9 f7 3b 77 ef b2 11 61 78 99 72 24 e9 7c 2e b2 e9 e3 74 81 78 c8 93 64 80 a0 09 a6 a4 31 8f 3b 27 c8 b0 9f 65 22 3a 3f 50 b3 43 30 73 be c7 80 20 6b 81 20 d3 10 64 26 04 08 1a 91 9a 79 2d 90 ce cc 11 ac 91 23 79 d5 64 ab 89 50 11 40 29 fc 9c 41 51 50 49 17 c2 33 9c a7 04 61 2c a9 08 e2 b9 f7 b6 b2 9e 1f 7a 2f fe b6 9f ff 22 fb f9 8f f0 61 c3 82 8e cd 5a 3d f2 d5 50 58 07 a7 f0 55 96 8e 33 04 21 a9 50 ec a1 0e e1 eb 97 aa a0 06 d1 c2 75 9f Data Ascii: -:uJw<%{o;=nonc<u{D3UZUN)Y/;+l^\+>t8PIL&Dz;waxr$\|.txd1;'e":?PC0s k d&y-#ydP@)AQPI3a,z/"aZ=PXU3!Pu
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 48 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 30 30 30 30 31 0d 0a d1 0d 0a 30 30 30 30 30 30 30 31 0d 0a d5 0d 0a 30 30 30 30 30 30 30 31 0d 0a a5 0d 0a 30 30 30 30 30 30 30 31 0d 0a d6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 30 30 30 30 30 30 31 0d 0a 64 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 75 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 00000001?00000001{00000001?00000001z00000001?00000001H000000010000000100000001000000010000000100000001/0000000100000001d0000000100000001C00000001u00000001+00000001J00000001
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 9c 25 d9 43 4f f1 66 31 a3 c8 f8 6a 87 88 22 b0 80 81 c5 a9 9c 34 3f 8f e7 4f 29 f1 4e 21 fc 97 88 91 e0 6f 80 cf 21 5a d2 a0 ec 78 70 66 fe 0d 56 86 78 ea 11 8a 74 62 d8 13 1f 0d 40 10 40 78 f2 41 0c 16 b0 37 43 32 3e 9e c9 6e aa e4 ea 5f 54 5d fc 2a ca a2 59 0e f3 50 ad 55 8e 42 48 84 5b 86 53 29 38 b6 c7 41 3b fb e6 63 55 b5 1a ea 8f 94 48 31 8e 12 c9 73 4a d5 0b ef d8 a6 70 3b 95 14 20 89 11 a3 94 c5 dc 1b fb 24 c8 11 25 74 20 17 a1 bf e9 10 12 98 5b 9f 3f d2 fd d4 71 a4 66 5f f5 5a 4e f5 1c 05 20 54 e3 08 db 01 ea 18 05 55 24 0d 1f a0 0e b1 38 1a 56 46 1e 23 b2 4e 36 87 f6 5e b4 b9 d5 19 74 77 fc d1 d6 ee c8 df da 3d db f2 f7 77 87 91 bf bd 19 89 bd c1 60 6b 6b b0 d7 b1 65 69 09 aa bc 69 40 b5 de 6a 4e 49 c8 16 ea c1 a9 7c 0e 00 bc 42 cb b7 71 41 87 Data Ascii: %COf1j"4?O)N!o!ZxpfVxtb@@xA7C2>n_T]*YPUBH[S)8A;cUH1sJp; $%t [?qf_ZN TU$8VF#N6^tw=w`kkeii@jNI\|BqA
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 88 7e 5b d3 d8 fa e5 23 90 a1 d2 b1 fa 55 53 1b c8 f7 72 ed d2 e6 22 99 5c 5f 7a 5d 00 91 3c 30 25 8f cc ee f0 71 7e ed c2 69 9c 95 3b 10 80 fc b2 e2 85 b8 6c 18 3f 4d 17 44 42 63 74 6b cb 88 92 d9 1a 9b 1e 98 bb 6c 13 ec 55 b6 98 4d 59 1d a4 6c 88 70 9c b1 d3 92 98 14 46 a5 19 56 ad da d2 98 47 50 68 c5 6a a6 fa 7d 9c 3e 27 6b e1 2a 16 a8 b9 41 98 b7 52 ce e4 ae a3 84 26 10 1c d3 ae a9 e9 5b 4f df 36 2b 84 33 14 0a 66 5a 4b bc 3a 4a cf 34 89 5c 89 f2 a1 95 1f 6f 96 42 ff 0c 59 fe 33 c9 72 9c fe c3 7d 20 f7 bf 8f 51 f8 0f 16 44 fa db d9 d8 18 c1 d9 c9 83 71 9a 42 6b 47 73 ec 00 4a 11 36 e8 4c e1 e1 28 9a c5 d3 2b ba 06 41 64 70 ad bf a3 52 8f dc 3d c0 c1 2b 1e c6 ba c7 f2 ce a2 a4 43 68 b3 9e b7 48 29 d0 13 b3 19 8a 2c 98 e7 50 51 c1 52 56 4b 44 5d 47 22 Data Ascii: ~[#USr"\_z]<0%q~i;l?MDBctklUMYlpFVGPhj}>'k*AR&[O6+3fZK:J4\oBY3r} QDqBkGsJ6L(+AdpR=+ChH),PQRVKD]G"
2024-10-24 09:43:14 UTC	120	IN	Data Raw: 8b ab d9 40 f8 fc 45 a8 29 5c 26 ce f0 ff 89 7c 7c 2c 28 21 2f 65 72 5b ac 3b 85 73 e2 a4 22 8c 04 42 24 d2 94 a7 ab 4c a7 d1 95 4f 71 ea 21 2a ab 38 b0 a1 7f d8 f0 2b 10 1b c6 dd 09 3e ea 14 8b 68 de 3c 32 c2 47 a0 28 14 22 8f cb f2 79 26 f3 aa d1 f2 b0 4f fb 64 55 e4 92 27 a9 d5 12 fc 97 af 25 95 e8 ad dd 0c aa ee eb d4 8b e7 d3 77 b0 18 a1 78 5a ae 0d 0a Data Ascii: @E)\&\|\|,(!/er[;s"B$LOq!*8+>h<2G("y&OdU'%wxZ
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 94 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a c6 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 20 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 23 0d 0a 30 30 30 30 30 30 30 31 0d 0a ab 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2e 0d 0a 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 94 0d 0a 30 30 30 30 30 30 30 31 0d 0a a3 0d 0a 30 30 30 30 30 30 30 31 0d 0a c2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 0d 0a 83 0d 0a 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a d0 0d 0a 31 0d 0a 97 0d 0a 38 61 30 0d 0a 19 af 95 86 fa 56 4e dd 76 cd Data Ascii: 000000010000000100000001000000010000000100000001 0000000100000001#0000000100000001.00000001000000010000000100000001000000010000000100000001Q0000000118a0VNv
2024-10-24 09:43:14 UTC	1047	IN	Data Raw: bf c4 7f 9a ac e5 bf 12 b1 4a cb 86 f1 05 cb da d0 32 f5 8e 4d a5 61 88 55 c3 b5 d1 3c dd 4e 99 eb 26 97 8c df 0e a0 dc b4 da ec 66 73 03 5e 32 e6 b5 26 dc d2 06 ba 61 e1 f7 f6 f4 cb 52 66 74 77 40 64 3d ed 17 dd 20 a8 f9 13 5f 45 03 01 6a c1 44 66 d5 88 3b 54 1a 82 a0 87 f0 18 f1 a5 12 d9 19 fe 79 99 05 5c 13 6d 53 b3 71 da f0 c6 50 3b 93 93 bd a8 4e 53 71 77 18 b0 67 e7 71 e1 9b c4 5e 7b a7 88 7e 33 f7 2c 25 c5 40 d4 9b 06 0b 30 49 d7 39 a4 b5 71 29 03 25 3b af 4c 62 b0 d1 2f 8e cf e2 55 ae b0 8d c0 1b 2d c8 c8 df d6 c2 cf 10 3f f8 b7 20 94 12 92 3e 67 60 6e 28 79 f9 ca f9 2c 61 53 f2 d9 44 0a 21 a0 06 9b 62 2d ab 12 0a 6d 9f c1 c0 75 ce e3 a3 ee 5f c6 79 38 f7 8a c0 c0 de de ce 3e 9d 75 4f b5 ff 3f 0d 62 27 42 e8 cc 9b ae 06 02 ae b5 a4 88 13 18 99 a8 Data Ascii: J2MaU<N&fs^2&aRftw@d= _EjDf;Ty\mSqP;NSqwgq^{~3,%@0I9q)%;Lb/U-? >g`n(y,aSD!b-mu_y8>uO?b'B

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.16	49799	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	455	OUT	GET /ui/cookie_disclaimer HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	879	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: f1309e39aaad512b0add62739ce524d9 Date: Thu, 24 Oct 2024 09:43:14 GMT Server: Google Frontend Content-Length: 25 Expires: Thu, 24 Oct 2024 09:43:14 GMT Cache-Control: private Connection: close
2024-10-24 09:43:14 UTC	25	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 7b 22 73 68 6f 77 22 3a 20 66 61 6c 73 65 7d 7d Data Ascii: {"data": {"show": false}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.16	49802	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:13 UTC	468	OUT	GET /gui/25076.f1d5707846ec1ba9ed7f.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 1b15eb550e5f1d2b69700de4f20c2fad Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:30:59 GMT Expires: Sat, 18 Oct 2025 09:30:59 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519135 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 00 0d 0a 34 30 63 0d 0a 02 ff 7c 94 dd 6e e3 36 10 85 ef fb 14 ac da 1a 64 21 2b b2 e3 bf 48 a1 53 20 6d 81 00 db 6e b1 c0 de 34 30 76 29 69 24 73 43 93 2a 49 29 f1 da 7a f7 8e 64 3b 6d 11 a0 57 1a 49 43 ce 99 c3 6f 18 34 0e 88 f3 56 e6 3e 48 a9 03 55 46 cf 90 d5 22 7f ba df 36 fa a9 f5 9f 1a f9 69 27 a4 e6 ff f3 ef 78 7c dc b0 a8 6e dc 96 3e 3e 4e e7 f1 72 b1 09 0f d3 c5 cd 3c a1 10 fa 50 33 be 3e e8 c8 52 cf 52 4d 6f 56 37 13 96 b6 c2 12 cb 35 9d ad 96 f1 8c 85 06 Data Ascii: 000000010000000100000001000000010000000100000001000000010000140c\|n6d!+HS mn40v)i$sC*I)zd;mWICo4V>HUF"6i'x\|n>>Nr<P3>RRMoV75
2024-10-24 09:43:14 UTC	86	IN	Data Raw: 4f 8c 06 ca 54 3d d4 ad 84 e7 80 6d c2 96 85 1e ef 89 52 34 ca f3 b6 eb 36 2c fd e6 ea ea 3b e2 70 bb 1c 7e 43 f8 b0 f4 c7 0f ef f8 70 eb 47 e5 a4 98 2f e3 e5 6a b6 80 7c 92 89 1b 28 96 65 f4 c5 45 3b 51 ff 0d 00 00 ff ff 03 00 83 b8 5d ba 69 06 00 00 0d 0a Data Ascii: OT=mR46,;p~CpG/j\|(eE;Q]i
2024-10-24 09:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.16	49808	142.251.116.97	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:14 UTC	395	OUT	GET /gtag/js?id=G-BLNDV9X2JR&cx=c&_slc=1 HTTP/1.1 Host: www.googletagmanager.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:14 UTC	1001	IN	HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Cache-Control Vary: Accept-Encoding Date: Thu, 24 Oct 2024 09:43:14 GMT Expires: Thu, 24 Oct 2024 09:43:14 GMT Cache-Control: private, max-age=900 Strict-Transport-Security: max-age=31536000; includeSubDomains Cross-Origin-Resource-Policy: cross-origin Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} Server: Google Tag Manager X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	377	IN	Data Raw: 38 30 30 30 0d 0a 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 32 20 47 6f 6f 67 6c 65 20 49 6e 63 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 20 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 0a 76 61 72 20 64 61 74 61 20 3d 20 7b 0a 22 72 65 73 6f 75 72 63 65 22 3a 20 7b 0a 20 20 22 76 65 72 73 69 6f 6e 22 3a 22 32 22 2c 0a 20 20 0a 20 20 22 6d 61 63 72 6f 73 22 3a 5b 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 65 22 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 63 22 2c 22 76 74 70 5f 76 61 6c 75 65 22 3a 22 22 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 63 22 2c 22 76 74 70 5f 76 61 6c 75 65 22 3a 30 7d 5d 2c 0a 20 20 22 74 61 67 73 22 3a 5b 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 6f 67 74 5f 64 6d 61 22 2c Data Ascii: 8000// Copyright 2012 Google Inc. All rights reserved. (function(){var data = {"resource": { "version":"2", "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}], "tags":[{"function":"__ogt_dma",
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 2c 22 76 74 70 5f 69 73 41 75 74 6f 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 61 75 74 6f 43 6f 6c 6c 65 63 74 45 78 63 6c 75 73 69 6f 6e 53 65 6c 65 63 74 6f 72 73 22 3a 5b 22 6c 69 73 74 22 2c 5b 22 6d 61 70 22 2c 22 65 78 63 6c 75 73 69 6f 6e 53 65 6c 65 63 74 6f 72 22 2c 22 22 5d 5d 2c 22 76 74 70 5f 69 73 45 6e 61 62 6c 65 64 22 3a 74 72 75 65 2c 22 76 74 70 5f 63 69 74 79 54 79 70 65 22 3a 22 43 53 53 5f 53 45 4c 45 43 54 4f 52 22 2c 22 76 74 70 5f 6d 61 6e 75 61 6c 45 6d 61 69 6c 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 66 69 72 73 74 4e 61 6d 65 54 79 70 65 22 3a 22 43 53 53 5f 53 45 4c 45 43 54 4f 52 22 2c 22 76 74 70 5f 63 6f 75 6e 74 72 79 54 79 70 65 22 3a 22 43 53 53 5f 53 45 4c 45 43 54 4f 52 22 2c 22 76 74 Data Ascii: ,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vt
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 47 4e 41 4c 53 22 2c 22 64 69 73 61 6c 6c 6f 77 41 6c 6c 52 65 67 69 6f 6e 73 22 2c 74 72 75 65 2c 22 64 69 73 61 6c 6c 6f 77 65 64 52 65 67 69 6f 6e 73 22 2c 22 22 5d 5d 2c 22 76 74 70 5f 69 6e 73 74 61 6e 63 65 44 65 73 74 69 6e 61 74 69 6f 6e 49 64 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 74 61 67 5f 69 64 22 3a 31 38 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 63 63 64 5f 63 6f 6e 76 65 72 73 69 6f 6e 5f 6d 61 72 6b 69 6e 67 22 2c 22 70 72 69 6f 72 69 74 79 22 3a 35 2c 22 76 74 70 5f 63 6f 6e 76 65 72 73 69 6f 6e 52 75 6c 65 73 22 3a 5b 22 6c 69 73 74 22 2c 5b 22 6d 61 70 22 2c 22 6d 61 74 63 68 69 6e 67 52 75 6c 65 73 22 2c 22 7b 5c 22 74 79 70 65 5c 22 3a 35 2c 5c 22 61 72 67 73 5c 22 3a 5b 7b 5c 22 73 74 72 69 6e 67 56 61 6c 75 Data Ascii: GNALS","disallowAllRegions",true,"disallowedRegions",""]],"vtp_instanceDestinationId":"G-BLNDV9X2JR","tag_id":18},{"function":"__ccd_conversion_marking","priority":5,"vtp_conversionRules":["list",["map","matchingRules","{\"type\":5,\"args\":[{\"stringValu
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 65 22 2c 22 70 61 67 65 5f 70 61 74 68 22 5d 5d 2c 5b 22 6d 61 70 22 2c 22 74 79 70 65 22 2c 22 63 6f 6e 73 74 22 2c 22 63 6f 6e 73 74 5f 76 61 6c 75 65 22 2c 22 5c 2f 73 75 62 73 63 72 69 70 74 69 6f 6e 5c 2f 22 5d 5d 2c 22 74 79 70 65 22 2c 22 65 71 69 22 5d 5d 5d 5d 5d 2c 22 74 61 67 5f 69 64 22 3a 31 36 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 6f 67 74 5f 65 76 65 6e 74 5f 63 72 65 61 74 65 22 2c 22 70 72 69 6f 72 69 74 79 22 3a 33 2c 22 76 74 70 5f 65 76 65 6e 74 4e 61 6d 65 22 3a 22 76 69 73 69 74 5f 67 72 61 70 68 22 2c 22 76 74 70 5f 69 73 43 6f 70 79 22 3a 74 72 75 65 2c 22 76 74 70 5f 69 6e 73 74 61 6e 63 65 44 65 73 74 69 6e 61 74 69 6f 6e 49 64 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 76 74 70 5f 70 72 65 63 6f 6d 70 69 Data Ascii: e","page_path"]],["map","type","const","const_value","\/subscription\/"]],"type","eqi"]]]]],"tag_id":16},{"function":"__ogt_event_create","priority":3,"vtp_eventName":"visit_graph","vtp_isCopy":true,"vtp_instanceDestinationId":"G-BLNDV9X2JR","vtp_precompi
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 22 2c 22 70 72 69 6f 72 69 74 79 22 3a 31 2c 22 76 74 70 5f 72 65 64 61 63 74 45 6d 61 69 6c 22 3a 66 61 6c 73 65 2c 22 76 74 70 5f 69 6e 73 74 61 6e 63 65 44 65 73 74 69 6e 61 74 69 6f 6e 49 64 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 74 61 67 5f 69 64 22 3a 31 33 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 67 63 74 22 2c 22 76 74 70 5f 74 72 61 63 6b 69 6e 67 49 64 22 3a 22 47 2d 42 4c 4e 44 56 39 58 32 4a 52 22 2c 22 76 74 70 5f 73 65 73 73 69 6f 6e 44 75 72 61 74 69 6f 6e 22 3a 30 2c 22 74 61 67 5f 69 64 22 3a 35 7d 2c 7b 22 66 75 6e 63 74 69 6f 6e 22 3a 22 5f 5f 63 63 64 5f 67 61 5f 6c 61 73 74 22 2c 22 70 72 69 6f 72 69 74 79 22 3a 30 2c 22 76 74 70 5f 69 6e 73 74 61 6e 63 65 44 65 73 74 69 6e 61 74 69 6f 6e 49 64 22 3a 22 47 2d Data Ascii: ","priority":1,"vtp_redactEmail":false,"vtp_instanceDestinationId":"G-BLNDV9X2JR","tag_id":13},{"function":"__gct","vtp_trackingId":"G-BLNDV9X2JR","vtp_sessionDuration":0,"tag_id":5},{"function":"__ccd_ga_last","priority":0,"vtp_instanceDestinationId":"G-
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 5d 5d 2c 5b 34 36 2c 5b 32 2c 5b 31 35 2c 22 62 6d 22 5d 2c 22 70 75 73 68 22 2c 5b 37 2c 5b 31 36 2c 5b 31 35 2c 22 62 6f 22 5d 2c 30 5d 5d 5d 5d 5d 5d 5d 5d 2c 5b 33 36 2c 5b 32 2c 5b 31 35 2c 22 62 6d 22 5d 2c 22 6a 6f 69 6e 22 2c 5b 37 2c 22 22 5d 5d 5d 5d 2c 5b 35 30 2c 22 78 22 2c 5b 34 36 2c 22 62 6b 22 2c 22 62 6c 22 2c 22 62 6d 22 5d 2c 5b 35 32 2c 22 62 6e 22 2c 5b 22 7a 22 2c 5b 31 35 2c 22 62 6b 22 5d 2c 5b 31 35 2c 22 62 6d 22 5d 5d 5d 2c 5b 32 32 2c 5b 32 38 2c 5b 31 35 2c 22 62 6e 22 5d 5d 2c 5b 34 36 2c 5b 33 36 2c 5b 31 35 2c 22 62 6b 22 5d 5d 5d 5d 2c 5b 32 32 2c 5b 32 38 2c 5b 31 37 2c 5b 31 35 2c 22 62 6e 22 5d 2c 22 73 65 61 72 63 68 22 5d 5d 2c 5b 34 36 2c 5b 33 36 2c 5b 31 35 2c 22 62 6b 22 5d 5d 5d 5d 2c 5b 34 31 2c 22 62 6f 22 5d Data Ascii: ]],[46,[2,[15,"bm"],"push",[7,[16,[15,"bo"],0]]]]]]]],[36,[2,[15,"bm"],"join",[7,""]]]],[50,"x",[46,"bk","bl","bm"],[52,"bn",["z",[15,"bk"],[15,"bm"]]],[22,[28,[15,"bn"]],[46,[36,[15,"bk"]]]],[22,[28,[17,[15,"bn"],"search"]],[46,[36,[15,"bk"]]]],[41,"bo"]
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 5b 31 37 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 68 6f 73 74 22 5d 5d 5d 5d 5d 5d 2c 5b 33 36 2c 5b 30 2c 5b 30 2c 5b 30 2c 5b 31 35 2c 22 62 6d 22 5d 2c 5b 31 37 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 70 61 74 68 6e 61 6d 65 22 5d 5d 2c 5b 31 37 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 73 65 61 72 63 68 22 5d 5d 2c 5b 31 37 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 68 61 73 68 22 5d 5d 5d 5d 2c 5b 35 30 2c 22 62 62 22 2c 5b 34 36 2c 22 62 6b 22 2c 22 62 6c 22 5d 2c 5b 34 31 2c 22 62 6d 22 5d 2c 5b 33 2c 22 62 6d 22 2c 5b 32 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 72 65 70 6c 61 63 65 22 2c 5b 37 2c 5b 31 35 2c 22 6e 22 5d 2c 5b 31 35 2c 22 72 22 5d 5d 5d 5d 2c 5b 32 32 2c 5b 33 30 2c 5b 32 30 2c 5b 31 35 2c 22 62 6c 22 5d 2c 5b 31 37 2c 5b 31 35 2c 22 73 22 5d 2c 22 55 52 4c Data Ascii: [17,[15,"bk"],"host"]]]]]],[36,[0,[0,[0,[15,"bm"],[17,[15,"bk"],"pathname"]],[17,[15,"bk"],"search"]],[17,[15,"bk"],"hash"]]]],[50,"bb",[46,"bk","bl"],[41,"bm"],[3,"bm",[2,[15,"bk"],"replace",[7,[15,"n"],[15,"r"]]]],[22,[30,[20,[15,"bl"],[17,[15,"s"],"URL
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 2c 22 62 6b 22 5d 2c 5b 31 35 2c 22 62 70 22 5d 5d 2c 5b 31 37 2c 5b 31 35 2c 22 73 22 5d 2c 22 54 45 58 54 22 5d 5d 5d 2c 5b 32 32 2c 5b 32 31 2c 5b 31 35 2c 22 62 71 22 5d 2c 5b 34 34 5d 5d 2c 5b 34 36 2c 5b 34 33 2c 5b 31 35 2c 22 62 6b 22 5d 2c 5b 31 35 2c 22 62 70 22 5d 2c 5b 31 35 2c 22 62 71 22 5d 5d 2c 5b 33 2c 22 62 6d 22 2c 74 72 75 65 5d 5d 5d 5d 5d 5d 2c 5b 34 5d 5d 5d 5d 5d 2c 5b 33 36 2c 5b 33 39 2c 5b 31 35 2c 22 62 6d 22 5d 2c 5b 31 35 2c 22 62 6b 22 5d 2c 5b 34 34 5d 5d 5d 5d 2c 5b 35 30 2c 22 62 6a 22 2c 5b 34 36 2c 22 62 6b 22 2c 22 62 6c 22 5d 2c 5b 35 32 2c 22 62 6d 22 2c 5b 33 30 2c 5b 32 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 67 65 74 4d 65 74 61 64 61 74 61 22 2c 5b 37 2c 5b 31 35 2c 22 62 69 22 5d 5d 5d 2c 5b 37 5d 5d 5d 2c 5b 32 32 Data Ascii: ,"bk"],[15,"bp"]],[17,[15,"s"],"TEXT"]]],[22,[21,[15,"bq"],[44]],[46,[43,[15,"bk"],[15,"bp"],[15,"bq"]],[3,"bm",true]]]]]],[4]]]]],[36,[39,[15,"bm"],[15,"bk"],[44]]]],[50,"bj",[46,"bk","bl"],[52,"bm",[30,[2,[15,"bk"],"getMetadata",[7,[15,"bi"]]],[7]]],[22
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 29 7b 7d 5d 7c 5c 5c 5b 7c 5c 5c 5b 29 22 2c 22 67 22 5d 5d 2c 5b 35 32 2c 22 79 22 2c 22 68 74 74 70 3a 2f 2f 2e 22 5d 2c 5b 35 32 2c 22 62 65 22 2c 31 35 5d 2c 5b 35 32 2c 22 62 66 22 2c 31 36 5d 2c 5b 35 32 2c 22 62 67 22 2c 32 33 5d 2c 5b 35 32 2c 22 62 68 22 2c 32 34 5d 2c 5b 35 32 2c 22 62 69 22 2c 22 65 76 65 6e 74 5f 75 73 61 67 65 22 5d 2c 5b 22 68 22 2c 5b 31 35 2c 22 69 22 5d 2c 5b 35 31 2c 22 22 2c 5b 37 2c 22 62 6b 22 5d 2c 5b 32 32 2c 5b 31 35 2c 22 6a 22 5d 2c 5b 34 36 2c 5b 35 33 2c 5b 35 32 2c 22 62 6c 22 2c 5b 32 2c 5b 31 35 2c 22 62 6b 22 5d 2c 22 67 65 74 48 69 74 4b 65 79 73 22 2c 5b 37 5d 5d 5d 2c 5b 36 35 2c 22 62 6d 22 2c 5b 31 35 2c 22 62 6c 22 5d 2c 5b 34 36 2c 5b 35 33 2c 5b 32 32 2c 5b 32 30 2c 5b 31 35 2c 22 62 6d 22 5d 2c 22 Data Ascii: ){}]\|\\[\|\\[)","g"]],[52,"y","http://."],[52,"be",15],[52,"bf",16],[52,"bg",23],[52,"bh",24],[52,"bi","event_usage"],["h",[15,"i"],[51,"",[7,"bk"],[22,[15,"j"],[46,[53,[52,"bl",[2,[15,"bk"],"getHitKeys",[7]]],[65,"bm",[15,"bl"],[46,[53,[22,[20,[15,"bm"],"
2024-10-24 09:43:14 UTC	1378	IN	Data Raw: 6e 61 6c 2e 72 65 67 69 73 74 65 72 43 63 64 43 61 6c 6c 62 61 63 6b 22 5d 5d 2c 5b 35 32 2c 22 65 22 2c 22 69 73 5f 63 6f 6e 76 65 72 73 69 6f 6e 22 5d 2c 5b 35 32 2c 22 66 22 2c 22 69 73 5f 66 69 72 73 74 5f 76 69 73 69 74 22 5d 2c 5b 35 32 2c 22 67 22 2c 22 69 73 5f 66 69 72 73 74 5f 76 69 73 69 74 5f 63 6f 6e 76 65 72 73 69 6f 6e 22 5d 2c 5b 35 32 2c 22 68 22 2c 22 69 73 5f 73 65 73 73 69 6f 6e 5f 73 74 61 72 74 22 5d 2c 5b 35 32 2c 22 69 22 2c 22 69 73 5f 73 65 73 73 69 6f 6e 5f 73 74 61 72 74 5f 63 6f 6e 76 65 72 73 69 6f 6e 22 5d 2c 5b 35 32 2c 22 6a 22 2c 22 66 69 72 73 74 5f 76 69 73 69 74 22 5d 2c 5b 35 32 2c 22 6b 22 2c 22 73 65 73 73 69 6f 6e 5f 73 74 61 72 74 22 5d 2c 5b 34 31 2c 22 6c 22 5d 2c 5b 34 31 2c 22 6d 22 5d 2c 5b 22 64 22 2c 5b 31 Data Ascii: nal.registerCcdCallback"]],[52,"e","is_conversion"],[52,"f","is_first_visit"],[52,"g","is_first_visit_conversion"],[52,"h","is_session_start"],[52,"i","is_session_start_conversion"],[52,"j","first_visit"],[52,"k","session_start"],[41,"l"],[41,"m"],["d",[1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.16	49811	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:14 UTC	468	OUT	GET /gui/88116.be3428c199d3d7ca9393.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 21b2be3438e29f8858997551496e1fc0 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:04 GMT Expires: Sat, 18 Oct 2025 08:45:04 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521890 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 66 66 38 0d 0a 02 ff ec 5c 6b 77 db 38 92 fd be bf 82 d1 cc 78 c4 5e 92 d6 d3 b6 24 cb 9e 4c 3a 3d e3 39 dd e9 3e 76 72 f6 ec 66 73 d2 14 09 4a 1c 53 a4 96 a4 fc 18 59 ff 7d 6f 15 00 12 d4 23 49 cf ee d9 4f 6b 75 3b 34 1e 85 42 a1 1e 17 05 50 ad 75 21 ac a2 cc e3 a0 6c 4d da 85 48 22 ef 51 cc 56 7e 70 ff 66 b1 4e ef 1f ca cf eb f8 f3 d2 8f d3 e9 17 ea 5e 5e 3e 7e b2 bd d5 ba 58 b4 3f 7e bc b8 e8 76 cf 9c 8b b3 de a0 ff c9 d9 74 3b bd 6e 6f dc Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100ff8\kw8x^$L:=9>vrfsJSY}o#IOku;4BPu!lMH"QV~pfN^^>~X?~vt;no
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: f0 d3 ad fd c9 99 53 65 99 51 b1 d3 d2 4b d2 72 1e b2 38 b4 3a b6 73 8c 82 64 62 8f 80 e6 e1 3d c4 fb 4f 93 90 32 fb 1f 13 a8 e5 56 93 9a 4f f5 84 82 75 51 66 4b e5 5f ec 36 69 84 3b 5b 97 25 dc 5d 8b c4 62 6f 1d 0e 38 46 d0 2a 3d 38 7d a8 a7 17 c2 3f 6e 6a d7 36 6e 23 a4 65 86 af db da 1c 80 28 c0 c9 f8 b5 75 ce 86 e7 fd e1 51 5a 3f bd 7e f7 fd cd eb 77 ef 3f df be fd e1 ed ed ed db 5b 26 79 63 d0 e9 f5 2e 46 3a 50 f6 87 e7 58 99 78 da 46 20 bc 18 75 c1 91 8a a3 2a 64 ca 40 9a 52 7d ff ac 37 44 f8 04 1f 14 80 e9 61 78 76 de 3d b7 55 18 1d e0 91 a3 a8 0a a8 01 38 1e 0e 86 d4 32 a1 d8 3a e8 0c f1 b8 ae e6 e1 ac f0 88 78 3b ec c8 88 1b 39 73 67 e1 3c 38 4b e7 d9 b9 77 1e 65 ec d5 21 cf 7a d2 71 cc 41 c8 45 18 da 94 f9 33 47 60 04 b2 8f f1 27 44 29 04 f3 d4 Data Ascii: SeQKr8:sdb=O2VOuQfK_6i;[%]bo8F=8}?nj6n#e(uQZ?~w?[&yc.F:PXxF ud@R}7Daxv=U82:x;9sg<8Kwe!zqAE3G`'D)
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: ea 4f a8 b2 06 0d 48 e7 c4 d8 ec 95 2b f6 20 70 37 c8 ee e4 2c 7e ed 6f 4d 86 7d ed 1c 7c 09 a7 ed 89 0c 60 fb d1 3e 56 88 59 03 d8 2a 54 36 c4 af 16 a8 74 38 bf 95 7b 5f f0 e7 8e 1c 29 f1 de 7d f0 d6 1c 50 c8 8b c8 20 81 25 6a c0 f5 0d e2 8d 3f 16 08 6e 48 e9 29 1c 51 4e b9 6b b0 46 9e 26 85 ce 8b dc 74 cb c8 a1 21 05 57 c6 af 39 ae da b4 83 a8 42 b3 28 3f ac fe 52 c6 77 8c 6f 10 77 aa 2d c4 81 e8 aa 47 cb be 38 1a 3b e4 6a 34 8a 08 0c bd e8 41 c7 7a 40 98 93 93 57 6c e3 39 90 c8 2f 7e b9 a0 a8 9e 97 c5 bf 21 3b d2 6e 2d ca 72 35 3e 3d e5 70 b5 c8 8a b2 65 5f 43 35 e3 30 14 e9 0f 59 be f4 94 05 d8 e3 af 03 08 6d 18 d5 52 21 ab a1 e2 92 de 8b 50 10 76 ea 2c d8 76 db 6e e2 8e d6 fb c7 ec 07 b8 92 2c 27 5f 01 f9 c2 93 50 20 bf 45 60 47 42 2c 64 83 69 31 34 Data Ascii: OH+ p7,~oM}\|`>VY*T6t8{_)}P %j?nH)QNkF&t!W9B(?Rwow-G8;j4Az@Wl9/~!;n-r5>=pe_C50YmR!Pv,vn,'_P E`GB,di14
2024-10-24 09:43:14 UTC	327	IN	Data Raw: 57 4c a3 d1 8f f3 b1 aa 58 0b a5 ce df 23 c3 21 37 a2 ef 39 db e3 b1 98 45 a8 4f a5 55 56 a1 f2 a9 46 2c 90 5b 98 7d 4c fb 0c cf fa cc 98 d6 08 57 e6 1d 01 6b f9 4c c7 ee cd 75 33 e0 4a eb ea 67 c2 1b c6 19 7c b5 80 c6 a1 a5 55 c1 7f ba e3 c0 aa 40 45 32 3f bf 57 a0 77 17 55 5b 44 7f 83 98 5e 0c 2c 82 11 e1 cc 0c 2c f6 82 07 b2 ca e6 ce 5d 5c 8b bd 73 00 b9 42 9a 2b cd 04 f6 2b 5a a0 07 e3 e1 7e b4 ba 87 4c ef 8f 44 2b 82 5e f5 7e 1b 46 cc b1 5a 4b 40 d6 60 7e 66 88 91 85 2d 4b 7a 4a de d8 b4 ac 1d 67 7f bc bd de 76 f1 0e 6e b7 5b a5 cc 07 63 b5 de c2 71 6e 5c 43 1e 1e 5f 4b aa da d1 21 69 3b b9 e5 e3 7c 9f f2 0d d8 52 b5 71 4c 7d 67 9e de 1f 38 8f aa 4f be bf da b7 de b5 7f 73 27 0d ce be b9 43 85 b9 be b9 47 e3 84 ec 9b 7b 69 0d db ef c0 87 79 38 ee ff Data Ascii: WLX#!79EOUVF,[}LWkLu3Jg\|U@E2?WwU[D^,,]\sB++Z~LD+^~FZK@`~f-KzJgvn[cqn\C_K!i;\|RqL}g8Os'CG{iy8
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a dd 0d 0a 30 30 30 30 30 30 30 31 0d 0a c8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 50 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 30 30 31 0d 0a e6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 16 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 74 0d 0a 30 30 30 30 30 30 30 31 0d 0a 25 0d 0a 30 30 30 30 30 30 30 31 0d 0a e3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8e 0d 0a 30 30 62 39 65 0d 0a 12 49 b8 a7 46 49 e0 e9 dd d6 e1 9b 7f c6 95 0a ca 29 d0 95 8b 8b d1 70 80 6b 0d b8 53 e8 e1 62 80 bc 51 d8 bf c0 3d 42 be 1e 81 b2 18 a6 d3 c6 41 95 3d f1 3d 79 5b 51 78 71 e8 fc f1 f4 bb 57 ff 99 5a df 59 b8 1d 53 e2 30 c3 5f 59 d6 c3 d0 eb 7b 3d ab 4d 59 bd 02 69 3d b8 bd Data Ascii: 000000010000000100000001P00000001a0000000100000001!000000010000000100000001t00000001%000000010000000100b9eIFI)pkSbQ=BA==y[QxqWZYS0_Y{=MYi=
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 51 53 94 ec ba e8 78 68 1a ee 0a f7 ef c6 d6 b0 63 90 7c 72 8b 85 1f 12 94 ee 28 2e 99 9d 7d c9 d4 82 d1 5d e4 c4 d1 ab cb 73 d7 32 d8 eb da 31 84 5a f5 65 a9 c8 a1 fa 60 67 af 93 b9 12 55 a7 18 3b 18 ac 1a ff 03 7e a1 14 56 0f ff b3 57 36 56 b1 1e 90 6f 07 ba 74 a5 cf 55 8a d4 58 28 a3 1a d7 7a 02 9c ac c9 95 94 aa 66 d4 2a ad e2 81 0c dd 87 d6 60 dd 95 a8 39 ab 8a 04 4e 1c 56 86 60 42 63 a3 da d4 47 78 d6 bd 56 b1 bc d4 54 91 31 31 32 93 d1 0d 76 08 c9 76 db ef 9c ef c6 e3 99 40 4b 41 4f 08 97 22 df 20 6b eb 22 94 10 12 57 bd 50 b2 fd d3 12 c7 f7 7e 1b 97 9d 90 b3 2b 70 55 33 84 61 84 ee 32 a3 a3 26 f2 12 38 40 a5 2a 91 06 b8 9d 23 b7 7d 78 17 0d d7 e2 dc 99 c0 3d bb 18 01 a5 58 62 33 b8 d8 6e 7d dc 69 a6 00 c3 42 aa 14 b3 e9 99 10 27 9b 35 4a ec f0 9e Data Ascii: QSxhc\|r(.}]s21Ze`gU;~VW6VotUX(zf`9NV`BcGxVT112vv@KAO" k"WP~+pU3a2&8@#}x=Xb3n}iB'5J
2024-10-24 09:43:14 UTC	323	IN	Data Raw: 0f 64 c3 d0 4e ee 09 e4 06 a3 d1 84 31 56 fd 05 20 1b fe bb 5e ef ba a6 d1 8b b1 09 7d 71 09 1c b2 91 65 33 82 97 59 cc 39 b4 46 7f b2 f9 9d 2f 43 d9 f3 62 95 27 54 c7 44 06 b6 6f 3a 9d aa 21 51 65 43 35 9a 36 7c 5b dd 52 e6 dd f7 da 91 15 d7 8d 8e 92 fb c2 f8 35 28 91 87 15 a0 a1 9d 14 68 33 ea af 47 d0 07 60 12 ed 77 bc 33 cb 36 c4 54 6f d2 2a 1f a2 dc 50 c5 e2 be 68 aa a6 bf d5 21 ed d1 94 38 49 32 5f 2f 8e 9a cc 2e 23 ea 20 c3 10 a8 31 eb 8a b4 11 36 80 25 f6 04 d4 70 90 8d 4e 15 31 a3 d7 6e c8 57 ce 53 62 20 4a 16 d5 4c 1f 69 4a 6f c5 6e 64 0a 8e dc ab 9c 53 35 2e 5f 18 6b 84 4e 63 5f 65 9c 4b d8 db 3f 3a ad 16 d2 60 b9 f7 7a ea e3 9b 42 e8 eb 35 fe b9 6b 2d fc 35 59 17 17 17 67 23 fa 66 0d 5f df 72 99 79 71 3b a5 bb f9 33 f3 ba 0b de d1 af 86 9d 6d Data Ascii: dN1V ^}qe3Y9F/Cb'TDo:!QeC56\|[R5(h3G`w36To*Ph!8I2_/.# 16%pN1nWSb JLiJondS5._kNc_eK?:`zB5k-5Yg#f_ryq;3m
2024-10-24 09:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.16	49812	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:14 UTC	468	OUT	GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b43af9670551986e70f78eb708686275 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:03 GMT Expires: Sat, 18 Oct 2025 08:55:03 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521291 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 31 0d 0a ec 0d 0a 30 66 66 35 0d 0a bd 09 77 dd c7 71 b7 f9 55 ae 39 b1 43 24 00 74 f7 05 34 ec e8 45 32 43 9f a1 12 1f 3b d1 3b af 3c 3e 09 96 4b 12 11 08 60 b0 90 a2 69 7e f7 79 7e d5 5d cb 05 40 6a b5 e5 99 23 cb 12 aa eb 56 6f d5 d5 d5 d5 d5 d5 fd 7f 7c bd 3e 7b be fb 66 7d 74 79 78 fc e5 c1 cb db f3 2f 5f df fc e7 ed e9 7f be 3a 3c 3d df ff c8 6f 7f fe f3 Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000010ff5wqU9C$t4E2C;;<>K`i~y~]@j#Vo\|>{f}tyx/_:<=o
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 5b e1 a7 9d 64 bf 37 f3 7a 8d d0 b5 5c 8f 1f 3f 96 2a 37 26 1e c3 b5 17 6b 1b f1 56 74 48 e7 d6 fb aa 06 b6 b6 de 5f 6f d4 e2 ad f3 86 3c ee f5 1c 9f ad 0f af a2 26 ab c3 9b d2 cb f3 e4 7e 9b 4b 5b ef 6f 6d 5c 0f 5e 9e 9e 9d 5c ad cf e1 6c 9b b7 5f 3f 1b ff fc e7 83 5d 94 ed bf 1c 1e bf 7c cc a4 fd d5 bb 83 dd 9b 8b 9b c3 b3 df dc ac 5f 5d d7 39 ec ab c6 c1 ee e6 9c 6f 72 b4 31 43 e9 68 13 a4 df 77 f4 e3 83 ad a6 30 07 6b 34 d4 c9 fa e6 f0 f4 6c 17 51 5e 7f f5 a4 75 e0 67 fb fb eb 3e 10 95 9b eb ad f7 35 49 29 f7 6b db 3f 68 83 75 97 03 ef 8b 52 fb fa 71 72 b5 d0 46 b1 d7 53 eb b6 8a 9d ca 94 c7 d6 7b 38 7d 62 93 c4 16 83 c1 c1 fe 7f dd 5c 1d 9e 5f 9f 31 c3 fe af c7 3b 7f f7 6e 34 1c fe c3 fd 06 bf ff f9 d6 7f 75 85 fa 98 15 60 f7 e5 cd ab b3 ad c7 47 c8 Data Ascii: [d7z\?*7&kVtH_o<&~K[om\^\l_?]\|_]9or1Chw0k4lQ^ug>5I)k?huRqrFS{8}b\_1;n4u`G
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 32 31 5e 6c 3d f9 b2 9b 18 98 15 e6 a6 62 32 ca b8 d8 fb d7 db 57 47 eb ab f7 2c f4 6f aa c9 91 2a 2b 6d 86 6f 59 c4 c6 b2 f2 f5 a5 34 37 d3 bd 86 58 97 bf 3e f7 ff b8 c0 42 3f 3c bf 97 bd 0d 64 e6 7f b3 ef bd f8 98 dd d3 d6 1e f1 a4 19 3f 9f 61 e6 8c 26 a3 19 2e c7 67 fb 57 bb e7 8f 3f db da fe 0a dc 6c 35 1d 8d b6 b6 bf 30 dc 57 5b db 4f c1 ad a6 43 19 49 9f 1b ee e9 d6 f6 6f 84 5b 4e c7 8b ad ed ff 36 dc 6f 9a 2f f2 f7 db 7f da fe 34 ed a4 df fd 64 27 fd 00 76 52 b3 49 fe 6e ff 0f ef 6c b6 ee 3d fa 67 fc 68 6f 2f 6e 07 5f b2 b5 c1 e1 f8 68 bb 4f 5a fc 7b c7 c7 2c 84 37 d7 83 17 ec f2 8c e6 f0 f8 18 8f 22 1b b7 c1 ff c1 2e e8 e5 a3 ed 32 9b a1 1f 1c 5c bc 7a 75 7b 7e 7a f3 76 00 a5 f2 b2 51 62 eb 78 6d 99 c9 25 47 b5 e5 dc 1e 1c 52 ca c5 99 8a 5a 7f 75 Data Ascii: 21^l=b2WG,o*+moY47X>B?<d?a&.gW?l50W[OCIo[N6o/4d'vRInl=gho/n_hOZ{,7".2\zu{~zvQbxm%GRZu
2024-10-24 09:43:14 UTC	359	IN	Data Raw: 02 cc ac 1e ec 9a 49 9f fe de 5a 9e 51 c8 9d 70 60 5b fb f7 4f 7e bb ff bb be 71 b9 6b af bb e9 b4 53 f3 cb 61 f9 5b ac 04 f3 49 7e 5d 10 c1 72 35 9b 62 95 13 44 80 45 7f d3 42 08 26 4b 02 07 2c 84 00 9c fc a8 8f f1 11 6d 3d b9 e8 51 0a 07 bb a7 27 db 7f ff c9 3f fc ec ff 3e 1f fc c3 80 4d c7 0d fa 0e 8f f9 e0 f5 6c 77 b2 3b 1e 3c f6 e1 c5 d0 41 f7 b5 5f 6d 7c b7 2c c7 c1 c5 e5 db 2b 9b e8 e3 e1 68 b4 33 1e 8e 27 83 7f 47 68 b2 a4 4f 6f 6f 5e b2 76 1a f5 33 54 d5 b9 d4 b4 59 72 83 cf 7e f3 ef a5 02 16 87 db 23 2b fa e6 cd d1 f5 27 51 db 27 b8 73 8e 3e d1 b2 f5 c9 b3 df 1c fc cb bf fe fe 5f ac ea 4f f6 ae 68 cf bb 1d f9 8c 8e ce 6e d7 7b 83 ff 6d 78 34 3d 39 39 7c 62 28 59 97 2f 2e 40 ce e7 a3 e1 f3 71 43 5e de 5e b1 12 09 f9 7c 3a 3e 1e 75 e4 e9 f9 97 ca Data Ascii: IZQp`[O~qkSa[I~]r5bDEB&K,m=Q'?>Mlw;<A_m\|,+h3'GhOoo^v3TYr~#+'Q's>_Ohn{mx4=99\|b(Y/.@qC^^\|:>u
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9c 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1e 0d 0a 30 30 30 30 31 0d 0a e7 0d 0a 33 66 66 61 0d 0a 8c b2 af f4 4f 41 8f 1b 7a fc 9c 7f 0a 9a 7e 41 bd 9e eb 9f 82 9e 1a fa d8 fe 57 d0 33 43 1f 4d f4 4f 41 cf 0d 7d af 85 0b 43 4f 4f f4 4f a1 5e 1a fa 5e bb 57 86 1e 1d ea 9f 46 dd 3d 67 b4 af 0e 32 8b 9e 76 38 ea 7a e1 b6 6c 39 11 0e 17 47 de 11 d4 da 39 ab b8 ba 57 c6 ef 44 63 7a 05 b2 8e 74 af 69 e7 ea c5 d1 de 60 34 da 1e 2c 16 db 83 f1 68 d9 da d1 6b 6c bf ce f8 65 b4 18 43 d2 f9 a5 9a db 4f 43 7e 19 4f c8 38 e9 b2 d2 5b d0 7e 1d 8f 57 fc 3e 9a 6d 0f fa af ad 25 bd ce 15 c5 4e e6 fc eb 52 db bc 86 b8 18 f1 7f ad Data Ascii: 0000000100000001000000010000000100000001000013ffaOAz~AW3CMOA}COOO^^WF=g2v8zl9G9WDczti`4,hkleCOC~O8[~W>m%NR
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 3f c5 42 13 da e0 a3 e9 73 fb 41 9a 1c bb 65 f3 97 3e 0d 58 cd 30 5d 6c 0f 51 56 0d 2d 1a ef 0f f7 6c b1 78 67 5a 72 b3 b4 a2 8f 1e 5a 36 b6 c8 8b 77 fb f1 1f 74 86 f3 47 ee 09 08 36 97 f5 1f b9 5d f1 c1 9f 7a 7d ad 33 be 1c 3e d8 b4 eb d7 2f de b1 8e d9 e9 c7 8e 05 56 ec bd 22 14 f3 6c fd be 9d 1e 31 09 8a 7a 25 6c bc 1f 2a d9 44 b7 fa f7 da 9c e7 50 ed 94 50 a0 ad 77 9c 46 48 2e 83 b4 0f 05 22 6d e2 d1 8d 39 6f 54 8a 8c 63 94 d9 ad b1 8e f3 b6 58 0f 32 04 d2 78 fb 07 8b 6d 68 ad fa e3 3b 5c 86 d7 8c df 25 e7 61 cc e0 9e 6f fb 0f 3a 6a df 77 9a 1d 6e ca 7c 79 7a b3 83 b3 0f 83 55 67 2b 7b ed 27 ef 9b 98 bc 87 7f eb 90 fe 9c 6c 6d e6 6e 5d 8e 1f ef 56 b8 b7 87 22 f8 13 66 ab 74 e8 29 21 f1 57 2e 9e f4 bf b3 d2 02 8a 28 07 c1 80 bc 37 46 81 ee 37 1c 6a ec Data Ascii: ?BsAe>X0]lQV-lxgZrZ6wtG6]z}3>/V"l1z%l*DPPwFH."m9oTcX2xmh;\%ao:jwn\|yzUg+{'lmn]V"ft)!W.(7F7j
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 52 dc 2f 82 bb 26 4e f0 c1 6a b8 d2 72 97 e6 7e 55 ba 88 75 67 3f 5a ba f2 7e 57 b7 6b 36 7f 67 7f b3 d9 df f7 bb 76 b1 eb 1d ff 6d 8e ce 8d 02 cc fe b4 6d 4f 1c 46 35 dd 6a 3f b8 d4 0f 46 77 4d d8 a0 ee 8b c6 07 0a f5 93 a7 6f 54 a6 13 3f 54 24 e7 53 fd a0 bb ab fe 17 b9 29 19 dd 37 a2 36 5d 8c 7e 44 7e c7 bf 48 99 be b8 6c 6d b4 9f 1f 36 ee 71 7d 87 2a a3 2f ed 60 ad ba 35 3f 58 ed e6 dd 35 56 f8 ea 1b 44 95 6c b4 51 77 80 de fd 09 4b 98 9b f3 7b 5c ab aa 02 aa b5 64 93 5b 20 ba ee ce 45 56 27 b0 5a af 63 9f 2c fd fd 31 c6 8d 2a ed 86 36 cf 42 a9 68 a3 cc 8d 55 75 83 cc da 53 4a 74 53 f7 e3 6d 18 ee 2e ef e7 f9 70 5b bc d0 92 e7 fe 62 1c cd aa 72 92 6c d9 5c 95 83 58 4c be db 07 5f 88 9d 91 b9 55 aa 45 eb 90 66 3e a8 22 77 af b2 4d 83 62 a3 ce a8 a3 f4 Data Ascii: R/&Njr~Uug?Z~Wk6gvmmOF5j?FwMoT?T$S)76]~D~Hlm6q}/`5?X5VDlQwK{\d[ EV'Zc,16BhUuSJtSm.p[brl\XL_UEf>"wMb
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 2c 24 ab d5 e7 5c 3f 62 61 9a 73 b1 1d be 4e b4 18 b5 bf 33 16 25 9e a0 1a f0 f7 e9 62 72 30 9f ee 8e e6 93 a9 92 dc 12 0b 6a 03 87 9f 53 d0 f7 95 6f 97 af ae b2 b4 ea dc 51 67 0f 2e 3a 93 29 eb df 7c fc 4c 7f 79 08 ea fb b6 c2 05 ad b4 e2 ee da f7 8d b4 ea 26 af 59 fc 77 17 2b 5b ec 0f 46 b3 d5 ee 6c a9 05 7f bc bb 58 6a c9 44 23 4f 16 bb d3 e9 b8 c3 93 03 e1 56 53 96 d1 21 bf 8d 57 5c 57 1b cc 27 83 d5 88 ff 1e cc c6 0d 0f 02 6b c6 a9 00 47 93 c9 81 fe 60 15 2c e7 53 44 19 f5 34 99 f0 d0 d3 6a 97 f1 9a ec 4a 25 8f 91 72 9f eb 3f f6 c2 b3 c9 a2 d9 98 67 db 86 33 e4 4b 33 71 49 37 c7 bb d3 11 f2 36 e6 5e 3a 36 0e 7f f9 97 9b 7b 0b e4 4f f0 64 d4 e9 80 e7 74 11 eb 61 66 bc c1 00 b0 9f 06 33 31 ac c1 48 78 e3 62 ff 89 c7 d5 22 97 c1 bd 34 83 87 73 2e 85 4d Data Ascii: ,$\?basN3%br0jSoQg.:)\|Ly&Yw+[FlXjD#OVS!W\W'kG`,SD4jJ%r?g3K3qI76^:6{Odtaf31Hxb"4s.M
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: d3 9a 09 33 ce e8 27 1a 7c 4d 30 2d 26 94 37 56 f7 10 96 11 dd e7 39 51 ac a5 36 d8 0b 64 79 a3 6f df 57 59 c8 40 98 88 c7 f3 c9 53 1a fb 0c a1 fd 3e 36 51 77 7c de b1 7c be 95 ab c7 0d 32 db 56 7b 42 3b 6a 87 1f d8 4c 8f f4 6a c2 80 4d 97 8c f3 e9 f2 ce 56 f9 2f e1 d7 f9 90 67 c0 1b f9 9d 5a cf e0 8f 56 7f bd c6 e7 92 21 29 98 c1 3b 9c 64 9f cf 35 87 87 d3 67 53 26 f3 72 b5 1a 4c a6 4f a7 73 f7 06 7c 7b 2b f9 61 89 78 c8 7f fb 1d 36 18 78 a2 97 9a d8 d3 19 db 4c f6 0b 23 56 a4 29 ee 5b 19 20 cd 7b 20 2b 40 e0 54 1b d8 66 8d a0 59 4c 2f e3 aa 9d 33 ed cc d9 6d ab 36 ea 89 df 84 1b b3 71 33 cb 85 b4 60 65 b7 bf 13 8c 51 a6 e6 d8 f4 25 b3 06 83 80 2f fa 90 e6 2f c9 d1 e2 6f 72 1f 36 c1 08 6e cd 3b 98 60 ca b0 84 46 cb 27 f2 a6 f4 5e 19 4c 4f f5 37 7a 0f 8b Data Ascii: 3'\|M0-&7V9Q6dyoWY@S>6Qw\|\|2V{B;jLjMV/gZV!);d5gS&rLOs\|{+ax6xL#V)[ { +@TfYL/3m6q3`eQ%//or6n;`F'^LO7z
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 20 7b 8a 67 65 f3 6c 69 0e 32 39 64 d0 41 25 22 a5 a3 11 8e c5 67 5a 2b 90 17 1d 3e 68 24 22 cd 84 99 32 71 82 9e 72 38 42 e4 a8 9b 13 22 98 84 68 eb 38 5c e1 21 e6 87 8b b4 4e 88 f4 bb c8 91 70 92 4c 6a ad 40 1c 90 99 7c 48 f0 c4 f3 95 fa a6 56 b0 db 57 7a c9 de 4d e9 32 26 cc 08 a4 bd b1 c4 20 1a ab 70 89 e9 8c 49 af 79 61 3a c3 86 06 ad 31 99 b1 5d d2 b9 06 d8 89 2a e9 d4 06 f7 a1 d1 22 49 bc 10 54 4e 8d e3 c7 87 66 8c be e8 25 1b 56 0a ab 53 47 3b be ef 41 c5 77 93 55 f9 a9 38 9d 56 d8 07 e7 53 9c cc f6 24 83 41 b4 0d e3 89 41 a5 9f b5 5f 64 8f 88 04 1b b5 25 ed 1c 57 a7 7a f9 b3 f8 44 d2 73 f7 a4 95 fd f9 6c 32 24 47 43 29 72 87 83 2a 1d fc 5a 01 d8 19 5e 36 da 2e aa 35 74 6b 51 e4 e8 c9 e1 e7 bd cd 9c 7c f7 46 eb 20 da 41 c9 bd ca ef ed e7 08 d2 cb Data Ascii: {geli29dA%"gZ+>h$"2qr8B"h8\!NpLj@\|HVWzM2& pIya:1]"ITNf%VSG;AwU8VS$AA_d%WzDsl2$GC)rZ^6.5tkQ\|F A

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.16	49813	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:14 UTC	481	OUT	GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: c553a744580c0f0a8cf7b81b346f75b5;o=1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:52:05 GMT Expires: Sat, 18 Oct 2025 09:52:05 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517869 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a 94 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 31 0d 0a db 0d 0a 30 66 66 31 0d 0a 38 b6 7e bf bf 82 e6 74 a9 c8 09 c5 c8 4b 36 2a b4 db 93 4e dd 72 75 a6 3b d5 4e c6 0f 6e 5f 37 44 41 12 62 0a d0 80 90 14 b7 ac ff 7e bf 03 80 8b 25 a7 27 f3 90 0a 04 02 38 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001Z00000001Y00000001s00010ff18~tK6*Nru;Nn_7DAb~%'8
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 81 3a 44 81 14 39 ec 8a e7 9b 6d 9c 44 1a e6 e5 50 05 92 89 1f 1e 48 40 71 2a 25 be c2 df 8c cc 07 f8 4f 4b 2b f8 12 43 de 0e 55 3b 5c ba 75 cc cd 5c 72 43 be da 81 c4 da 8a 74 3a 91 09 59 b4 70 41 03 20 06 9f 37 f2 74 00 07 5f 45 32 ad 0a 2d 16 06 5a c7 01 95 04 26 7a d8 89 c1 1a fc 17 0e 30 67 b2 e0 a9 54 eb 28 3e d5 e9 52 3e 7b c9 4f ce e0 d1 2b d0 b6 c6 36 57 2b fe 7e c5 a5 f9 20 2a c3 25 07 e2 2d 17 40 75 3e 51 4b 39 0e 2d 67 71 9c 61 cb 8c b6 e8 94 c9 94 8d 11 d0 00 08 b8 69 a3 5e 09 f5 3e 7b 46 dc 25 76 c1 ce 99 08 7a 86 17 08 2b 53 4e 67 96 30 2a fb df 23 85 90 71 4a 00 19 6e 0d 5b 4c 0d d3 53 c8 06 81 30 b5 db 13 95 73 a8 83 98 4f 58 be a9 d6 19 4f 44 f5 fe ab e1 5a b2 32 53 89 d2 62 2a 30 b4 b4 33 b3 1d 1e a8 5e 4f a7 73 09 05 b2 54 54 9f ed c5 Data Ascii: :D9mDPH@q%OK+CU;\u\rCt:YpA 7t_E2-Z&z0gT(>R>{O+6W+~ %-@u>QK9-gqai^>{F%vz+SNg0#qJn[LS0sOXODZ2Sb03^OsTT
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 98 49 e5 54 67 26 95 6c ce 51 e8 40 f3 76 c3 c3 43 88 2a d4 0e cf dc 7d 26 00 59 30 9d 85 e7 75 62 eb 17 3e ff bf e8 2c fb 2c 1e 2e 62 69 30 7a fd 70 f8 f2 e1 f8 28 c6 f0 5d c9 e6 0b 3e 8e dd 09 3f 3c 4f 0d af 0c da 8b 67 ee 6e 35 06 51 43 0c 42 42 e8 04 76 85 e8 5f 8d b8 c6 d9 54 f6 53 d3 af ee e5 6c 70 0b 74 11 20 63 97 d7 0d 6a 83 6c 44 db b8 9e 3e c5 ed 5c 8b ec 6c 33 56 d2 a6 19 99 1f 1d 26 b6 e9 95 99 6b fd ec d9 cd 76 bb 7d b2 c9 77 21 b1 0a 0d 44 66 0c 9f 2f 4c 60 54 e0 6c 81 07 52 c9 be 1d a3 c9 16 d8 ca 90 2a ea df e5 05 da ab 7a cc 01 d7 2a 18 e1 0b 99 12 96 24 76 03 a3 46 53 a0 6c 4b ad 72 4d c3 19 5b f1 80 05 7b a6 17 c5 c1 9c 9b 99 1a 53 f7 d0 c5 08 f2 a6 94 04 82 5c e9 00 2d 2d 8e 58 9b d2 c5 86 71 34 80 77 d9 1b c5 90 23 b9 da 97 0e a0 b7 Data Ascii: ITg&lQ@vC}&Y0ub>,,.bi0zp(]>?<Ogn5QCBBv_TSlpt cjlD>\l3V&kv}w!Df/L`TlRz*$vFSlKrM[{S\--Xq4w#
2024-10-24 09:43:14 UTC	410	IN	Data Raw: a3 e6 3e dc c4 51 e8 38 a9 d6 fd fa 2d 43 87 74 1e 32 46 9b ac 75 fe 48 c1 a5 d7 48 f8 de bc 38 41 c2 47 af 2d 32 d2 78 63 a0 c4 ee f5 0b e4 f6 48 2f 68 4e 81 a5 48 00 96 86 cc ff e1 03 1e a6 c6 49 98 91 d3 06 9b df 65 10 50 bb ad 64 f7 59 30 82 6b de 0d 69 8a 22 d1 54 d3 5b 52 86 47 72 1d f5 fb a3 aa 4f ef e6 70 cb fe 68 da af 96 23 53 22 95 a2 b5 08 b1 73 0b 99 59 30 01 60 5c c8 4b e4 e4 fc f3 22 18 a4 47 08 ac f0 3c 5c a7 8f d7 17 4a 2a d6 4c 8f 2b 6c db fe 2e 29 c2 21 e8 7a 26 be 40 14 62 72 df f7 93 59 80 77 9e 82 f7 47 dc ac 39 97 8e 50 89 d7 4d ca ea e7 15 48 95 fc 6b 1f c6 6b bf ac c5 d8 cc b2 e0 e5 60 b0 f8 6a 27 c0 27 de 94 fa 25 9f 98 2c 38 aa 67 9b 8b d2 e6 1d 26 c8 c8 36 74 1d b7 35 0b 0e b1 2b 70 3b bb cc 32 b7 aa 50 a5 d2 1d d9 8c d4 98 78 Data Ascii: >Q8-Ct2FuHH8AG-2xcH/hNHIePdY0ki"T[RGrOph#S"sY0`\K"G<\J*L+l.)!z&@brYwG9PMHkk`j''%,8g&6t5+p;2Px
2024-10-24 09:43:14 UTC	35	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 31 0d 0a 60 0d 0a 36 0d 0a b3 d5 de 23 00 00 0d 0a Data Ascii: 00000001000001`6#
2024-10-24 09:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.16	49814	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:14 UTC	459	OUT	GET /gui/static/qrcode.min.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1
2024-10-24 09:43:14 UTC	339	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: c9a1b27918c5749c322ae6e4b5c2bf97 Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:14 GMT Expires: Thu, 24 Oct 2024 09:44:14 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: text/javascript Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:14 UTC	1069	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 31 0d 0a 00 0d 0a 30 66 66 62 0d 0a 00 00 00 02 ff b4 5c eb 72 db 38 b2 7e 15 5b 5b f1 90 11 24 91 d4 5d 34 95 b5 93 cc c4 3b b9 4d 2e 7b 76 cb ab 71 d1 16 25 71 23 93 2a 8a 8a 93 b2 f5 ee e7 eb 06 40 82 92 9c c9 f9 71 a6 76 63 12 04 1a 7d 47 77 03 d0 d7 30 3b fa e3 c3 f3 74 1a f9 c7 b3 4d 72 93 c7 69 62 d9 f7 fa f1 28 b7 72 fb 3e 5f c4 eb e6 2d fa 04 eb e6 9b 77 2f 5e 5e 0d ce 2f 3e 5d 9d ff fb d3 4b c1 9f a6 61 1e 06 b9 7c 5e 85 d9 3a 9a be a0 96 cb 89 3f 4b 33 eb 2b a6 88 f0 22 b2 c0 11 69 50 8c 68 2e a3 64 9e 2f fc 74 9c f9 59 bd 6e df 53 c7 d8 f8 7e b3 08 33 c2 ec 2c b7 32 db 8f c7 bd 6e Data Ascii: 0000000100000001000000010000000100010ffb\r8~[[$]4;M.{vq%q#*@qvc}Gw0;tMrib(r>_-w/^^/>]Ka\|^:?K3+"iPh.d/tYnS~3,2n
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 5f 39 53 2e 32 0d a3 44 24 e8 3c 65 28 a5 9b ae bb 7d 09 58 11 60 7a 38 b5 d6 c3 4b 33 15 a5 af 54 5e 6e e7 3b fb ba 22 42 20 df 4e 0e cf f0 98 3b fd 4b 78 30 3c 3f 3e dd 95 0a db 9e d1 48 e0 60 6b bc 12 c8 05 70 0d e7 b5 7a 9f ae 63 8a 55 de 67 e9 75 a4 79 e2 08 47 29 c6 e3 7d 0c d0 4c 5f a3 ff 13 83 d4 ba 64 48 ae a1 57 ca ca 4c 67 d3 ff 6e d6 b9 46 c7 c4 e5 53 7c 0b 47 7a f0 0b ac f4 22 99 d1 92 a0 d5 ba 14 d4 38 e8 9f 9c 30 ca 3c cf a7 62 a1 25 cf a5 d6 3c 62 30 2f 19 b4 62 ea a5 bf 68 80 1b bf 81 8f ca a3 17 70 12 d2 26 4b f0 52 09 f6 16 eb d2 b8 68 c5 25 a7 cd 42 0c 57 25 8c 02 3e 90 de 8a 0a 13 4c 91 98 9a 09 cb d6 5e 24 0b 1a ae df 1f 07 32 f0 83 81 1e 5b 0d 77 1c e4 f5 ec 90 31 a2 d9 b6 f5 d0 54 0d 4d 59 f1 68 54 54 4f 0f 8d e2 66 49 b0 d2 f2 4b Data Ascii: _9S.2D$<e(}X`z8K3T^n;"B N;Kx0<?>H`kpzcUguyG)}L_dHWLgnFS\|Gz"80<b%<b0/bhp&KRh%BW%>L^$2[w1TMYhTTOfIK
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: a8 58 21 26 7f c6 dd ac 95 3d 72 b6 6c 2c b7 ca 58 24 f4 82 ef 04 fa b6 0e 16 cf 27 28 16 69 16 33 c5 57 06 07 6f 6d f1 d5 00 10 8f e7 cc b7 d2 fa 0a 80 24 c8 0a 83 a1 a0 57 97 5f eb f5 09 5b 24 e6 91 c2 20 3c 92 bf 02 63 50 57 82 51 64 16 9a 7b b5 65 b6 91 47 58 07 f7 5c 70 7f fb f9 cd f9 cb 0f 23 57 f0 db d9 eb f7 af ce ae d0 36 f2 64 43 51 8f 1f 75 64 c3 ef 67 6f ff 71 31 1a 6c e1 c1 ee 5f d3 b0 91 23 fe 18 b5 c5 ab 91 b7 15 9b e0 fe fd d9 a7 4f 2f 3f bc 75 1c 07 1f 8a 17 17 3d f5 8b eb 00 78 f1 e2 62 ac 7a 41 44 8e 59 8a 17 77 d4 2d 5e 30 a6 57 be b8 a3 fe 56 2c 8b b9 ae de bf fb 78 f1 e9 e2 dd db ab 4f 67 e7 af 5f 8e 2e 51 c1 bc ec 09 77 c0 7f 3c 4f fe e9 f1 9f b6 23 ff 74 d4 37 d1 56 bd 3a a2 a3 3b 8a 8e ec eb 0d 44 57 75 77 44 57 8e 68 7b a2 2b 47 Data Ascii: X!&=rl,X$'(i3Wom$W_[$ <cPWQd{eGX\p#W6dCQudgoq1l_#O/?u=xbzADYw-^0WV,xOg_.Qw<O#t7V:;DWuwDWh{+G
2024-10-24 09:43:14 UTC	275	IN	Data Raw: 26 ae 7c a7 6d a7 08 e5 ff 78 f2 67 a0 22 01 fc 21 75 d2 a0 10 19 d8 75 dd 46 63 2d 54 28 0b 25 93 61 44 84 d0 01 d4 a4 d3 0a 21 d0 56 0d a4 c0 b4 32 fb a9 63 1b 2c 2c 52 f5 88 30 a9 a0 80 c0 a4 a1 db 18 05 34 80 e2 c7 f9 23 0b e8 6a 4f dc e4 07 d1 9b d2 2e b8 c6 0c d4 14 66 7c 88 39 d4 79 8f 35 9a 0d b4 04 2b 0a 24 23 52 30 82 0b 3a 1c b9 a5 cd 0f 1f af ce 5f bf 7b fe bb b4 9c e0 f2 d2 15 c8 91 dd 21 b2 71 f9 44 f9 9e 7c 6a eb 27 f9 b1 d3 11 9c 4b ba 02 4f 1e 25 90 f2 89 d2 5e 7e 72 e5 d0 3e 52 c5 2e b7 e1 a9 43 d9 a7 27 90 a4 b9 fd e2 49 02 86 87 41 9a cc 8d c8 b0 db 04 06 99 a1 23 3c 1a 82 19 ba 42 ce 8b 0c 96 32 59 fe dc eb 8b 0e 8d 06 c4 36 12 4a 81 bf f8 48 f3 ca 16 20 ce 2d 12 18 52 ec 1e 8d 43 65 a1 2d 3c 9a 9f 9f 98 58 f9 44 78 22 b5 47 b9 40 f5 Data Ascii: &\|mxg"!uuFc-T(%aD!V2c,,R04#jO.f\|9y5+$#R0:_{!qD\|j'KO%^~r>R.C'IA#<B2Y6JH -RCe-<XDx"G@
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 40 0d 0a 30 30 30 30 30 30 30 31 0d 0a 29 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a 53 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 65 38 66 0d 0a 95 eb b9 62 28 c9 ea 81 82 01 26 ef b9 a2 4d 68 63 28 ba 51 4b c7 95 dc 95 2d a0 8b 5b e4 c4 c8 ae 91 d3 12 fa 6d aa 11 20 17 06 07 80 82 44 95 53 63 42 a1 2f 99 87 27 74 c7 78 6e 91 6c 60 12 31 6a d0 17 3d 39 6f 6f 48 d4 ba 28 80 48 e6 a3 1a 82 d7 21 cd 8b c9 65 05 82 5a 88 79 68 e1 d9 89 c1 a8 af 12 e5 f8 03 f9 61 2c 5e 45 97 5a 38 c1 47 36 8d bf 60 2f 4d db 56 88 00 63 a0 26 11 01 19 62 e8 01 a6 8b ea fc 90 da 50 c3 d8 23 09 f4 7a 8e 00 4a 7d e1 11 6c 88 53 f1 99 51 e2 d9 90 d2 03 1d 62 01 2a 08 c4 0c 10 c3 ec e5 16 26 02 b8 74 80 3f e3 Data Ascii: 00000001@00000001)0000000100000001S00000001I000e8fb(&Mhc(QK-[m DScB/'txnl`1j=9ooH(H!eZyha,^EZ8G6`/MVc&bP#zJ}lSQb*&t?
2024-10-24 09:43:14 UTC	1408	IN	Data Raw: 98 23 27 98 35 85 dc 94 1d f1 aa 8f cc 84 7d 2a 36 44 07 d4 e0 61 4b d1 a5 3d 5a fc e5 8d 5c 0f 91 a9 47 8b 22 39 61 76 18 6d 2c 34 1e bd f5 81 22 67 64 6d 78 19 0f 89 80 e7 50 3f 0a 61 3a 58 65 db 58 f8 3d 0a 47 fb 44 42 87 73 1e e0 8c bf 2e 6f 19 77 41 4f 07 2b 83 47 d9 11 e7 5f 5d a0 d5 41 34 dd 06 86 9e dc 46 a5 65 c7 a1 fc 0e e1 05 e7 c4 7d 78 d8 2e 65 3d 43 b4 f2 be 71 1f e3 7b 70 a8 1d 62 0a ef df 0e 30 47 8f 12 10 6c 99 b6 79 23 7b 48 eb 36 85 8d c8 58 70 91 0d f8 20 c9 86 77 ee c3 c1 53 d6 c3 a9 29 d2 19 24 79 5d 44 bd e8 d9 e9 c9 4c 08 e4 0f f1 da 43 fe da 75 b9 c9 43 b0 32 1c c2 ff 52 48 d1 e6 80 8d 18 e0 3a 58 0f fb e0 4b 97 93 3c ac a6 14 45 80 0f 03 07 d9 90 cc 7c ba b4 0d ec 62 07 79 80 c0 ba 27 25 d2 a3 36 0f f4 0d 21 83 1e f3 dc ed 53 92 Data Ascii: #'5}*6DaK=Z\G"9avm,4"gdmxP?a:XeX=GDBs.owAO+G_]A4Fe}x.e=Cq{pb0Gly#{H6Xp wS)$y]DLCuC2RH:XK<E\|by'%6!S
2024-10-24 09:43:14 UTC	986	IN	Data Raw: 96 32 e6 d8 f1 13 8f 9a ee 0d fb 36 c3 f7 28 bf c2 ab 2a 0e f7 f0 df 1d 60 4d b9 ca e2 ab 7c 80 6b 37 17 bd aa 87 d2 a8 19 91 51 aa 3c e8 ae 57 44 62 a4 be 58 35 6f 5a e0 74 88 74 e5 5b 1f 25 4b 7a 24 8d 89 f2 c3 07 5c 65 41 d9 41 0a 78 9c 26 60 c7 27 ca 3b af da 6f 19 19 e7 7e 64 27 d3 b5 0a 32 fa 9a f6 95 e6 45 11 56 69 11 1e 0c ae 50 27 48 75 4c 85 72 41 aa 04 d0 8a 71 2a 85 23 ac 0c b7 0f 38 ec 58 98 ef a1 ed 63 19 7a 94 7c 1d 7f e9 d8 82 4e 8e c4 e3 8d 8f e3 22 c5 f5 2f 2a 33 c4 aa cc c0 f9 e7 ac 3c b0 b2 11 4b 1b 5b f1 cb a7 89 98 06 1b 5c 1d 44 5c 99 67 e9 97 e8 23 4d 19 cc 9e a5 32 04 e3 eb df ea 99 c3 31 38 6b ba 2d f8 3f 14 24 e2 f7 05 b2 26 05 45 3f 31 88 ba 7d 40 18 65 cd c5 94 fc 02 4e f5 a8 19 b9 d5 88 35 e7 76 bd d9 35 83 cf 29 37 c0 8f 1c Data Ascii: 26(`M\|k7Q<WDbX5oZtt[%Kz$\eAAx&`';o~d'2EViP'HuLrAq#8Xcz\|N"/*3<K[\D\g#M218k-?$&E?1}@eN5v5)7
2024-10-24 09:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.16	49821	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:15 UTC	725	OUT	GET /gui/images/favicon.svg HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
2024-10-24 09:43:15 UTC	338	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 317af0ab1103b3a15f26cf39e550d940 Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:42:19 GMT Expires: Thu, 24 Oct 2024 09:43:19 GMT Cache-Control: public, max-age=60 Age: 56 ETag: "gp--tA" Content-Type: image/svg+xml Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:15 UTC	213	IN	Data Raw: 30 30 31 0d 0a 1f 0d 0a 63 37 0d 0a 8b 08 00 00 00 00 00 02 ff 4c 8e 3b 0f 82 30 14 85 77 7e c5 cd 75 a6 bd 54 50 6a 28 83 13 83 ae ee 9a 56 4a 52 1e d1 4a 0d bf de 62 1c 9c 4e be 9c 9c 47 f5 9c 5b 08 9d f6 56 61 66 7a 04 6b ba d6 fa 1f bc 7b 37 3c 15 5a ef a7 03 e7 21 04 16 b6 6c 7c b4 5c 10 11 8f 51 84 b9 33 e1 38 be 15 12 10 64 44 50 4a ac 13 80 6a ba 7a 0b f7 ce 39 85 1b ba e5 5a 5f f1 8b e9 e3 e5 8c 42 33 9b 61 d4 1a 41 2b 3c e7 05 13 52 40 9e b3 22 b6 94 d2 c6 a2 0b 35 e4 fe 8c e5 2c a3 45 8d 10 6e 5b 30 59 ee d3 28 e2 24 04 48 bb 2b e7 7d b6 60 5d f1 75 b5 4e aa f5 5b 9d 7c 00 00 00 ff ff 03 00 f8 f6 6b 3f dd 00 00 00 0d 0a Data Ascii: 001c7L;0w~uTPj(VJRJbNG[Vafzk{7<Z!l\|\Q38dDPJjz9Z_B3aA+<R@"5,En[0Y($H+}`]uN[\|k?
2024-10-24 09:43:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.16	49820	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:15 UTC	376	OUT	GET /gui/static/opensearch.xml HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:15 UTC	339	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 08079f9d7a109b7c2e17f892895f0197 Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:15 GMT Expires: Thu, 24 Oct 2024 09:44:15 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: application/xml Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:15 UTC	466	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 30 30 30 30 30 30 31 0d 0a 90 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4f 0d 0a 30 30 30 30 30 30 30 31 0d 0a c4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 30 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0c 0d 0a 30 31 0d 0a c7 0d 0a 65 38 0d 0a 67 fa 29 a2 ec 57 ab 0b 12 28 cd c4 72 0b 0c f7 d8 a3 60 9a 48 cd 43 Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001;00000001O000000010000000100000000101e8g)W(r`HC
2024-10-24 09:43:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.16	49822	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:15 UTC	620	OUT	GET /gui/service-worker.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://www.virustotal.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
2024-10-24 09:43:15 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 03911319c56d679d41e41a893177a495 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:44:53 GMT Expires: Sat, 18 Oct 2025 08:44:53 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521902 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:15 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 09 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7b 0d 0a 30 30 30 30 30 30 30 31 0d 0a e4 0d 0a 30 30 30 30 30 30 30 31 0d 0a c6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 30 30 30 30 30 31 0d 0a fd 0d 0a 30 30 31 0d 0a 55 0d 0a Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001{0000000100000001000000010000000100000001001U
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: 0f 79 a2 9b 1b b7 18 56 c9 fe a9 9b cd fe 70 d9 b0 ef b7 5b c9 7d d5 4c e7 a7 93 ed a7 ff 36 ce fd 9c 25 1a b5 f2 66 0d bc 57 1b 95 3d 2e 9a 77 df fa cd 8f 5e cc 4f e6 eb d9 ec 66 3a 4e cf 64 77 64 3c 73 23 38 e3 cd 45 78 87 f7 9d 4c 36 57 c9 9b da 57 2a 19 4f 79 79 39 bb b2 1b 68 ab 9a 58 ee a3 eb 6e 52 da 69 5f 4e eb e9 e1 9c 8d 78 38 65 26 c7 9b 1c d4 77 be b3 3a 5f f4 6f ec 97 96 83 26 3b ba 39 e2 7f e3 60 c6 4b e5 c2 61 85 e6 e3 e3 d9 b9 d3 cd e8 8f 6e 6e 26 a3 98 dd 99 1b ab 85 7a ee b1 23 25 76 bc c6 2d a3 53 75 f2 60 b7 e5 6b 56 62 8a ac 7d b4 da 11 c4 83 0e 15 58 ce 6b d3 b7 07 ab a3 a3 e7 a2 fe d6 d3 d9 a0 1a 5b fb 8c 3f 99 f2 fb 2f ca cb e9 f9 de 6f cd de 6f 57 7b bf 5d ee fe 66 ef f9 fa f4 5a 44 dd ca 30 33 da 4e cc ee 93 3f ff f4 57 df 2c ca Data Ascii: yVp[}L6%fW=.w^Of:Ndwd<s#8ExL6WW*Oyy9hXnRi_Nx8e&w:_o&;9`Kann&z#%v-Su`kVb}Xk[?/ooW{]fZD03N?W,
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: c6 38 37 e0 b0 9e 99 72 c1 17 3e b1 4e 05 71 cd 36 da fb 5c 5e cd 0a db b3 3b 5e cb 68 27 8f 46 ef db fa e4 76 fd 36 12 39 5a 35 91 a1 4f 9c 2b 39 7a 32 07 e3 ef 83 4b 33 3f 5d 61 73 1c b0 f2 8b 5f 13 88 5b 63 fb b3 5f 08 86 82 03 bb 42 3d cf 71 36 3e db 7a c3 73 2b 9a cf 26 73 0c c6 64 f1 62 b4 cf 27 fc e0 36 a9 b5 db 47 5b bf 9c 91 3e eb 3f f8 e0 d9 ef 77 ef b1 ef 58 75 db 8d e7 76 05 ef 4f 94 b8 f9 d4 c6 eb a3 f9 b0 60 c6 4e 08 c1 64 f5 2f 0e 17 40 2e 22 32 e6 f0 c4 fe dc cf 67 57 ec 22 89 23 01 e9 00 68 88 b4 36 60 5a b9 55 93 a3 33 0b 26 c5 5e 72 be 7b 09 98 56 3a 30 ad 06 4c ab 7f 59 3e af d1 b3 cb 97 f5 3e 98 56 6f bc f8 05 56 a2 3b ed 78 43 5c 95 c9 d2 5b 9e 77 ed 6a 22 8a 7e 72 d5 99 59 33 c6 fc 9e 78 bc 2f bb 97 f3 6f 27 78 bb 4b c0 3a e0 1a 0b Data Ascii: 87r>Nq6\^;^h'Fv69Z5O+9z2K3?]as_[c_B=q6>zs+&sdb'6G[>?wXuvO`Nd/@."2gW"#h6`ZU3&^r{V:0LY>>VoV;xC\[wj"~rY3x/o'xK:
2024-10-24 09:43:15 UTC	465	IN	Data Raw: 5d 90 be 8b c2 23 7e fc 64 86 2f 61 9a 23 77 87 9f fd 82 8d b3 5c 61 4c 5f b8 b7 39 71 36 9e 24 1c 12 67 f5 1a ca ee 10 40 89 10 9d 7b 8f 53 30 e8 a7 a3 6b de 02 d1 21 50 73 00 83 cf 26 dd 28 00 68 26 c3 6b 5f 2f 4f fa e9 7c 37 bb 30 28 90 c5 47 bc b2 e3 18 bc b8 16 83 26 21 f8 c9 f0 53 30 75 e1 3b f4 86 9f ff fc 5b 28 2b 66 7b 07 eb b7 09 2c 61 88 63 4e fa 9b 9b 7b 41 8a cf e7 dc 01 5a 45 b9 5a 99 8b 4b fc 9a fe c0 c9 83 39 98 f7 f3 63 fb 33 71 ff 06 8f f4 fe ff f9 e7 f0 2e 16 64 d4 e5 bb 15 7f 11 71 e2 2b 53 7b 41 29 04 88 83 de 26 e2 96 0e f4 38 2f 5f 9b 83 f2 e0 8e f8 4d 8e 0e 2e cc ea bc 6f 04 fd 90 c9 21 83 7d 0a d6 b0 3c 7d 16 6c 67 65 67 ae 40 d5 46 c1 b9 d9 9f 2b b9 9a 39 46 cb bc 25 d0 1b 2e 3e 90 fc ad cc 18 40 c5 ad 89 e1 11 3e 0a d2 ce cc ce Data Ascii: ]#~d/a#w\aL_9q6$g@{S0k!Ps&(h&k_/O\|70(G&!S0u;[(+f{,acN{AZEZK9c3q.dq+S{A)&8/_M.o!}<}lgeg@F+9F%.>@>
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 4f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 30 30 31 0d 0a d1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a ef 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 30 30 30 30 31 0d 0a ca 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 30 30 30 30 30 31 0d 0a f4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a b7 0d 0a 30 30 30 30 30 30 30 31 0d 0a e6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 31 0d 0a 5f 0d 0a 33 66 65 64 0d 0a 94 be f7 6a f3 be a3 Data Ascii: 00000001O0000000100000001a00000001000000010000000100000001Y000000010000000100000001}00000001W0000000100000001>00000001000000010000000100000001}00000001001_3fedj
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: 2b 7f 27 a0 9e bc c5 c9 7c f0 ff ef 0a 80 f5 ee f6 81 fe bd 1d 37 18 05 1e b7 15 7c a1 8b 38 9f f3 ef e0 66 be 0f 8f c5 2b f9 09 82 fc 09 82 3c b0 10 e4 06 cb d8 51 8a 5b 14 63 3e a0 18 b0 02 ee 41 31 cc e9 cf 08 c5 2d 96 3c 0d d1 1f e0 8e fe b7 58 67 43 c2 7a 30 09 bb d0 c9 10 2c c3 59 bc 05 7a ec 62 1c f3 7d 8c 63 3e 62 1c b7 15 9f dd a7 28 ee 21 b1 31 9f 50 fe e8 f2 9a 7f dd 06 83 ff eb 9f e5 09 fe d7 08 09 8c f6 6d 8f 07 85 b6 b5 1e 0d 39 38 f1 47 24 3c 10 37 81 d0 c9 d1 f1 2d fb c2 3a 0e 9e 2b 88 03 8a 22 7c b2 73 79 ab 54 6e df 8a d4 8b 7e 89 d9 b0 45 74 c7 04 e4 57 9b 72 d5 c3 e9 b5 fb f8 64 01 7b c2 e6 42 28 91 24 2b 32 03 96 22 4c eb 4e af 07 75 78 22 0a d0 a9 ee 25 f9 d6 e1 53 02 44 5b 1e 77 22 39 73 a9 93 1b 7e ff 06 e8 7c f3 99 fc 72 23 49 c3 Data Ascii: +'\|7\|8f+<Q[c>A1-<XgCz0,Yzb}c>b(!1Pm98G$<7-:+"\|syTn~EtWrd{B($+2"LNux"%SD[w"9s~\|r#I
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: e4 1d 50 59 34 60 3f 10 e9 d6 f3 1d a9 19 47 6f c5 6e 7a 6d 97 e1 84 4a 05 11 f6 13 d8 84 36 f3 53 ce be 1a 86 03 ef 6f c8 ef 6c 06 38 7e 02 62 41 81 83 cb 9e d9 bb 42 60 b0 79 ec df e3 c7 0e fb 74 9f 86 7b ff 3e dd 52 6e ed 5d b8 14 0d 45 c1 85 7b ee b8 c7 57 bb 9a c2 f1 75 ec 73 c0 c0 84 77 60 b9 b4 56 39 7f 31 36 52 dd 66 5f c6 7b 3c f8 7c ab 19 44 82 16 9b c4 16 6c de 51 3c 48 6d 21 6b 1b 86 50 29 3a 43 1e 32 08 0c 3b 74 88 6e 24 db 6f 67 00 03 41 c7 11 5b 46 0a 1d b5 7e 0c c6 a3 5b e2 f5 e6 fe 27 9d b4 e6 1b 6e 69 3f 5d 0e c8 20 1d ff f6 84 73 75 8f 52 b0 17 6c 54 d5 96 20 a5 97 52 8a 19 07 29 5d 9c 8e f8 e1 64 77 78 d3 dd 97 3f 29 5d d9 ed e6 91 c8 d0 28 29 cb 41 aa 06 2b c8 1a bd 7b e7 f2 77 4a b1 46 f5 08 45 da be 93 5b ec 81 f5 0a 65 eb 51 f5 df Data Ascii: PY4`?GonzmJ6Sol8~bAB`yt{>Rn]E{Wusw`V916Rf_{<\|DlQ<Hm!kP):C2;tn$ogA[F~['ni?] suRlT R)]dwx?)]()A+{wJFE[eQ
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: f5 24 1d 22 de ed 3d 38 cd 30 7e 90 1a 87 0c ed c4 ac ef a7 3a 6e b3 21 3b ef 05 5a 63 5f 03 68 c1 ad e4 16 d6 64 16 20 52 de f6 e0 ef 4f 8c 70 47 4a 47 1d 92 b8 b2 48 53 4d 81 fe fb df 40 56 c0 2d ed 5e 6e 61 3d a0 4d 35 f8 ec 7d 99 b9 7a 0c 70 87 95 91 37 18 40 fd 71 6f 20 25 63 8c 02 c8 bc 13 7e ac f7 01 85 f5 0e 88 04 07 d8 c6 76 af f6 25 71 f0 ed 36 7e d6 7d 92 46 3c 66 c5 65 93 64 1a 96 b8 a3 fb 94 b0 50 87 d8 f1 7e 39 64 1d c7 49 b8 47 10 b7 2f d2 b3 1a e3 8d f6 82 dd 6d 50 bd a7 3f ac 70 10 3e 51 15 7d 74 c3 f2 8c d7 de bb 19 18 c4 b8 f7 ee db 0e 3b a3 98 3a 69 61 b2 a8 03 dd c4 c1 c8 c9 90 8f 71 93 b8 0d d1 be fe c9 bd fb 17 ea 32 f1 f1 7f 77 f7 6e 78 01 8d 7b f7 fb 7f 2d f7 6e 78 9d bb ee dd f0 87 1f c9 bd db 78 91 9f d9 e9 fc 67 c4 c9 9f f0 e4 Data Ascii: $"=80~:n!;Zc_hd ROpGJGHSM@V-^na=M5}zp7@qo %c~v%q6~}F<fedP~9dIG/mP?p>Q}t;:iaq2wnx{-nxxg
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: ae 87 e7 ab d5 25 9c b0 41 ec 5c 42 6f b8 a9 70 ff 1f b2 cd 80 02 76 b2 68 17 d2 58 60 85 a0 f4 2b 11 fb fb 52 2f 4b 48 ca 5f 5a 23 4f 5b 2b 09 57 25 73 b1 a4 12 c7 81 1b 54 09 94 9e 15 75 fb 9e 50 be 3f f8 a0 86 ba 6d 2b c4 86 b1 d0 3f 9f 3a 18 39 b9 c2 c2 20 eb c1 97 7d 75 67 57 09 e5 7b 32 93 26 cd eb 21 d3 78 f7 2b 6c 38 be 42 ca 6e 7d eb bd c5 09 6b 1d df 93 54 93 1b c1 c4 06 d8 fd 4e 36 73 cc 2d 0d 49 50 ce 33 da 26 5c da 8d 8c ba ee 16 e2 3e b9 8d 78 ee 5e 6b d7 bd 1a 91 a8 76 97 f5 3d c8 b8 48 ad d5 1b bb 17 bc 7b 77 2e 6f d6 9e 4a 47 7d a9 09 db f8 20 4e 5a 38 f1 eb 94 68 63 fc d4 9e 1a c9 da 9f db 46 60 c3 12 3b 84 44 ce f7 96 f9 7d c2 db d1 61 f1 6e 6e 92 d1 50 ff 6e d3 49 94 8d ec 8e 75 9c da 5b 1f 3f f6 5c c9 b3 da ea 03 39 28 64 68 05 fd a3 Data Ascii: %A\BopvhX`+R/KH_Z#O[+W%sTuP?m+?:9 }ugW{2&!x+l8Bn}kTN6s-IP3&\>x^kv=H{w.oJG} NZ8hcF`;D}annPnIu[?\9(dh
2024-10-24 09:43:15 UTC	1408	IN	Data Raw: 59 23 96 00 06 04 13 4e 97 d0 3e 40 b4 ba 8b 6e 6a d5 7e df ee f3 da 59 84 7b e6 90 cd 66 9d 30 8b 3a 8c 30 03 3d 31 38 74 8e 29 05 eb 1c a6 74 7c 3b 17 08 8c b3 24 be c5 10 81 ec 9d bb eb f0 cc db 6f 3d 16 b4 0f a4 24 67 2b 39 51 45 8c eb 6d 17 63 a3 03 de 73 84 cf f3 15 bd fe 47 a1 a0 b4 40 ce b5 74 01 e9 fd d2 b4 7d ce f5 20 11 88 4c d7 90 e8 b5 95 06 b7 24 60 ab 86 6e bf c7 30 61 16 99 d9 88 09 4a 7f 0b da 0a 36 77 67 02 05 87 19 db c0 74 77 3d 0e 8a a5 1d d2 c7 83 ef 75 0c c0 87 36 27 ab 93 4e ad 41 40 16 c3 8e 98 50 83 fd 0c f8 db 9d 6b e3 04 66 60 21 b8 59 ee f1 96 87 fe 31 37 2f af 3f e4 3c fa 6e d9 f5 f3 0f ad 2b 3d fd 90 90 f0 c3 93 0f 7f 71 b6 ee 7e e1 07 a5 c9 f2 b2 08 9a 32 ad a2 ba 89 e3 28 f3 de f4 6d fb e1 cd f4 fd 17 16 89 49 db 30 2d 9a Data Ascii: Y#N>@nj~Y{f0:0=18t)t\|;$o=$g+9QEmcsG@t} L$`n0aJ6wgtw=u6'NA@Pkf`!Y17/?<n+=q~2(mI0-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.16	49819	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:15 UTC	524	OUT	GET /gui/manifest.json HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2024-10-24 09:43:15 UTC	340	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e46b5c25ec73a3bd36a931306d687c52 Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:15 GMT Expires: Thu, 24 Oct 2024 09:44:15 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: application/json Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:15 UTC	248	IN	Data Raw: 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 65 36 0d 0a 8b 08 00 00 00 00 00 02 ff 8c 90 c1 0e 82 30 0c 86 ef 3c c5 32 af 0a a2 21 51 9f c3 78 31 86 54 98 b8 38 36 b2 0e 03 12 de dd 75 98 78 22 7a 68 0f fd fa f7 ff d3 21 62 8c 6b a8 05 3f 30 7e 92 b6 c5 a3 71 a0 f8 92 e6 78 37 d6 e5 b3 d4 81 a7 ad 55 24 8d 93 49 52 4a 6c 14 f4 34 42 07 ba 04 65 b4 98 90 bb 8b 5a e4 85 51 c6 12 5e 6c 6f 59 7a cd 26 76 85 e2 51 59 d3 ea 72 66 41 16 46 a3 97 9d 7d 2e c6 86 d0 29 a1 2d e8 96 ac a1 12 98 d4 a0 e5 4d a0 4b 68 7b 95 ee 37 9d af b8 d1 55 30 21 21 47 f9 12 74 87 7f e8 97 b8 be 09 4f 08 b7 12 12 05 93 91 3e f1 a7 63 96 6e 3a 5f 33 8e 1f fa db d1 1b 5e c2 ff 9f c2 a2 34 3a c4 8d b7 eb 5d 9c f2 68 8c de 00 00 00 ff ff 03 00 05 bf f8 1c b3 01 00 00 0d 0a Data Ascii: 0000001e60<2!Qx1T86ux"zh!bk?0~qx7U$IRJl4BeZQ^loYz&vQYrfAF}.)-MKh{7U0!!GtO>cn:_3^4:]h
2024-10-24 09:43:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.16	49824	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:16 UTC	511	OUT	GET /gui/images/favicon.svg HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
2024-10-24 09:43:16 UTC	337	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: a6e2ca4873f548a8ca4ae483bcb1ed12 Content-Encoding: gzip Server: Google Frontend Date: Thu, 24 Oct 2024 09:43:16 GMT Expires: Thu, 24 Oct 2024 09:44:16 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: image/svg+xml Age: 0 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:16 UTC	336	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 31 0d 0a 4c 0d 0a 62 64 0d 0a 8e 3b 0f 82 30 14 85 77 7e c5 cd 75 a6 bd 54 50 6a 28 83 13 83 ae ee 9a 56 4a 52 1e d1 4a 0d bf de 62 1c 9c 4e be 9c 9c 47 f5 9c 5b 08 9d f6 56 61 66 7a 04 6b ba d6 fa 1f bc 7b 37 3c 15 5a ef a7 03 e7 21 04 16 b6 6c 7c b4 5c 10 11 8f 51 84 b9 33 e1 38 be 15 12 10 64 44 50 4a ac 13 80 6a ba 7a 0b f7 ce 39 85 1b ba e5 5a 5f f1 8b Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000001Lbd;0w~uTPj(VJRJbNG[Vafzk{7<Z!l\|\Q38dDPJjz9Z_
2024-10-24 09:43:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.16	49825	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:16 UTC	739	OUT	GET /gui/images/manifest/icon-192x192.png HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762992.0.0.0
2024-10-24 09:43:16 UTC	303	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 93608752a4924f2d538b04f91ce8b39e Server: Google Frontend Content-Length: 8764 Date: Thu, 24 Oct 2024 09:43:16 GMT Expires: Thu, 24 Oct 2024 09:44:16 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: image/png Age: 0 Connection: close
2024-10-24 09:43:16 UTC	1105	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 06 00 00 00 52 dc 6c 07 00 00 22 03 49 44 41 54 78 da ed 5d eb 93 1d c5 75 df 9a 8f fa c8 1f a0 8f 77 85 1d 13 13 48 1c b0 63 9b 18 02 d8 ae 04 9c aa c4 09 55 c1 49 91 4d 85 72 19 dd 15 c8 b0 bc 21 2b 21 0c c8 8b 29 05 81 09 e6 21 05 6c 48 04 c6 c1 06 8c 6d 08 60 63 84 c1 98 60 dd bb 2f 69 57 fb 92 b4 ab 7d bf d5 99 9e fb ea e9 e9 e9 3e a7 1f 77 e6 6a 7b aa a6 6e ef dd 99 73 e7 d1 a7 fb 3c 7e e7 d7 6d 6d 6d 6d 41 5b 7c 0b b8 cf 36 c1 31 69 c7 41 b6 c0 e0 bb da f7 81 a2 0d 95 25 3b 0e d2 6e 33 b8 f7 ac e4 a7 3d 47 d9 fb 0d 34 de 57 ab c9 47 3d e0 00 f1 d2 02 83 17 26 bb c9 c0 40 be 89 32 ab 14 33 d0 bc d6 66 c9 6f 93 bc c3 40 f2 bd ee f5 e6 5d be 56 a7 c6 be 4c d3 d1 2e 40 8e 0e 98 Data Ascii: PNGIHDRRl"IDATx]uwHcUIMr!+!)!lHm`c`/iW}>wj{ns<~mmmmA[\|61iA%;n3=G4WG=&@23fo@]VL.@
2024-10-24 09:43:16 UTC	1408	IN	Data Raw: 74 21 c1 b2 30 a2 2b 87 2f cf f2 21 9d 4e 85 cb 82 74 e2 2c e4 57 fb e6 26 84 d9 13 40 0b a9 6b 51 9f 2e ec c3 37 4d 8c 60 a6 4e 6c 9a 5e 36 aa ca 4c 2a 6c cc 3e cf f2 75 b2 ba aa e7 9f b1 fc 2e 83 b2 da f4 29 a2 5a cc d2 63 32 02 a9 70 41 90 e8 05 04 23 03 4d 92 e9 82 d5 d2 66 13 5b 60 b8 66 c8 77 e1 58 e7 44 3e ed a3 67 58 2f 55 25 95 6a 1d 63 07 48 67 b4 83 9e eb ca 04 d2 ad 8c ca ab 7c 95 59 89 19 ac 72 2a 7f 2b 90 95 24 80 4c 0f 35 88 f3 d6 66 65 22 5d 27 d4 b0 a1 3b 6c 49 63 de e5 9f ee ed aa 02 40 39 45 41 a3 3f 2d 60 df ab 63 d6 60 5e 0a 34 f6 af 6b 77 ba 9e aa 5b 31 27 80 09 31 63 67 ad ac e4 93 4a 8d f1 66 09 d1 96 b0 22 2c 15 3c 44 2a 95 fe a8 38 ba ac b3 99 14 b3 63 a3 03 a6 89 21 1d 47 32 ef f2 75 4c 4d e8 80 96 23 f9 1d 48 c2 b7 b6 54 96 b8 Data Ascii: t!0+/!Nt,W&@kQ.7M`Nl^6Ll>u.)Zc2pA#Mf[`fwXD>gX/U%jcHg\|Yr+$L5fe"]';lIc@9EA?-`c`^4kw[1'1cgJf",<D*8c!G2uLM#HT
2024-10-24 09:43:16 UTC	1408	IN	Data Raw: db 97 ec 1c 24 db 9e 18 25 db 9e dc b8 fb 45 3b 06 95 ca c1 2a 80 e7 05 d2 84 30 b8 04 4b ad 87 ed d1 a9 15 b2 f7 95 13 e4 82 3b 07 04 21 42 ce b1 ac 8e 98 57 ee 19 22 6f f7 2e 90 93 f3 6b 64 7a 61 63 ee d7 ef 1f 13 24 de 38 33 48 90 09 f6 bc 40 1a 68 50 97 b4 28 34 47 70 f8 d8 32 d9 fd 3f c7 c9 67 6f ef e7 ec 64 b1 63 78 f6 0d bd 64 fb fe d1 28 b7 b0 51 a1 d1 37 7f 7f 5c 9a 4d 67 9d 60 cf 0b 94 63 05 a8 e5 08 ca 63 4b 64 e7 81 09 72 fe 2d fd 8c 33 98 92 48 0a f7 73 ba 7a c9 ad 3f 18 27 43 27 56 9a 02 a0 cb 1b 2f 90 48 01 44 09 32 5d f9 ba e8 5d a8 fc a6 85 41 75 23 35 58 76 64 88 f2 c9 94 61 25 54 82 0f 87 16 c9 8d 4f 8f 91 3f be b1 2f 7d 06 60 14 e3 53 37 f5 91 fb 7e 74 8c 4c 4c af 6e a8 7a 00 ba d5 14 a0 3d 2d 5c 0b c8 03 d8 ba 36 1d f9 4e 4b 22 21 ab Data Ascii: $%E;*0K;!BW"o.kdzac$83H@hP(4Gp2?godcxd(Q7\Mg`ccKdr-3Hsz?'C'V/HD2]]Au#5Xvda%TO?/}`S7~tLLnz=-\6NK"!
2024-10-24 09:43:16 UTC	175	IN	Data Raw: 52 9f 01 8a 3c 23 5c 3c 43 6e 32 48 61 93 63 48 f9 1d 56 22 40 58 13 48 16 b9 d0 e1 15 35 19 2d 30 cb 04 a9 8e 9b 5b 5a 23 4f be 3e 15 d5 07 c4 28 4b 44 bc 3d 61 67 39 b7 ab 8f 74 3d 35 46 3e 1c 5e 8c 8a 71 b0 19 5c 93 08 09 24 21 86 86 43 0b 68 56 6a 26 90 2b 38 b4 4a f1 15 f2 d1 cc 70 81 09 37 a8 8d 9b d5 d1 7e db 89 16 59 c8 71 6a 6e 8d ec 79 e9 04 f9 f4 ad 7c b6 98 c3 ca 57 9d e4 3f bd b9 8f ec 38 30 11 65 8b 69 6d b2 4a 3e b4 f3 ea 5e 3f 26 a2 52 af 08 eb 4c 82 02 59 3f 00 98 94 42 87 b9 55 89 53 80 fc d6 82 43 db Data Ascii: R<#\<Cn2HacHV"@XH5-0[Z#O>(KD=ag9t=5F>^q\$!ChVj&+8Jp7~Yqjny\|W?80eimJ>^?&RLY?BUSC
2024-10-24 09:43:16 UTC	1408	IN	Data Raw: c6 fa 40 ce c5 98 6d b5 ff 8d 9d 5c 25 df fa e1 31 72 de cd 7d 49 c6 04 6e 36 a0 ed cf dc d6 1f 41 2c 46 26 57 22 a7 1a 8a 65 81 d8 ef d8 eb 87 cc 08 ac 13 5c 10 f1 0e 71 4c d4 ba f2 75 df 2d c2 ea 30 86 43 5b 29 89 74 b5 2a 0b 94 55 58 d7 21 93 d9 df c3 27 56 c8 1d cf 4e 34 6a 8b 19 22 59 11 a3 32 a5 64 f9 8f 9f 4d 46 d9 62 48 74 c4 56 56 18 12 51 49 7b af c9 92 c8 92 b0 84 54 57 3e 86 03 4a 47 3e 41 2e 91 24 a5 8d 33 81 43 eb 14 38 98 9a 49 d8 02 0a 0c 2e a7 16 1e ed 1b 5b 26 d7 ff e7 58 54 5b cc 92 ef b2 f4 83 ac b3 4c cb 2a 9f 7a eb 64 e8 4b ac 6b d9 f1 aa e4 11 06 57 04 99 25 58 13 a8 1e 09 aa 26 c4 0a 8c 63 0c 5d e1 05 73 0c 34 42 e6 3a 0a 94 9a 08 cb aa 20 06 6a 1f db c4 17 a5 dd 03 2d 8d fc dd 91 45 72 cd 63 23 e4 ac ed 22 ee fe 38 9c 9a 76 96 2f Data Ascii: @m\%1r}In6A,F&W"e\qLu-0C[)tUX!'VN4j"Y2dMFbHtVVQI{TW>JG>A.$3C8I.[&XT[LzdKkW%X&c]s4B: j-Erc#"8v/
2024-10-24 09:43:16 UTC	1408	IN	Data Raw: e5 c1 b1 35 40 78 5e 20 cf 0b a4 35 53 b0 bb 98 1e bd cc d9 ca a5 58 e7 a7 ab c5 bc 7f b8 91 e8 c2 e0 8d 3c 2f 90 e7 05 32 36 05 4c 7c 02 d9 02 19 49 f6 b7 52 2c 59 44 4b 1c ff f9 e1 a3 e4 ed de 79 e1 a2 79 58 de 21 13 1c 93 e7 05 f2 bc 40 20 0c 50 da 83 8d 2f 91 54 4e 10 5d d5 13 5e d5 f6 99 db 4a e4 8a 07 86 c8 2f 3e 9a 8b 42 a5 b6 78 87 3c 2f 10 58 86 e7 05 32 09 a9 f2 8b e4 3d 9f 58 24 af cc 95 34 36 22 3f 14 06 f1 95 fb 0e 93 17 df 9b 21 f3 80 f5 00 a0 23 3b 14 92 61 a2 f0 20 13 c8 f3 02 b9 35 87 f2 c4 0b 14 2d 93 fa 7f 73 e4 2f ba d9 05 b3 cb f5 c4 56 81 e3 f9 d9 12 ee 5f dc 35 48 0e fc 7a 3a 9a 35 54 f1 6d 1d de 21 cc f5 7b 5e 20 cf 0b 04 56 08 fe b3 b6 50 f6 c5 3b 6a 9d bf 24 ad 93 6d 8f 96 43 ea 8f b8 7d 66 99 2c 2f 24 12 63 e2 1b 41 e5 7b 5e 20 Data Ascii: 5@x^ 5SX</26L\|IR,YDKyyX!@ P/TN]^J/>Bx</X2=X$46"?!#;a 5-s/V_5Hz:5Tm!{^ VP;j$mC}f,/$cA{^
2024-10-24 09:43:16 UTC	1408	IN	Data Raw: 47 7e 41 e8 33 2d 24 5a 87 ff 76 26 21 d1 2c 73 32 8b 1d ca a5 7c f6 fc 62 23 f9 27 ac fd 2d b2 e8 d7 b8 d9 c3 3a c6 a6 51 2d 55 16 db 40 be 11 37 68 cc 14 62 13 61 98 22 0b 59 14 47 75 1e 24 93 99 f6 90 e6 16 2b 2c 0e 7f 75 cf e1 78 21 7b 0c e5 59 16 d4 b8 0a 9c e2 62 52 79 da 8b f2 08 52 5e e5 f3 59 6e 1e ec 96 08 79 0a d6 05 28 70 bf a9 63 d3 db 18 14 01 f2 3b 30 c4 0f 32 ac 74 53 12 61 b6 da 14 e2 f0 f2 07 b3 51 39 23 9b e5 15 47 7d f8 e4 57 29 8e 81 17 2c 0b 94 ec b0 b2 24 5a ce e4 17 cb 89 11 3d 8d ce 91 6f 17 98 73 0b 8c e2 b8 80 ba 58 e2 93 ed d0 ae 00 53 81 e1 6c a6 dc a1 18 70 08 16 88 26 ba de 2c cd 87 4e 6c 83 ab bf d0 59 16 82 ba 0a 7c f2 ab 98 34 33 58 5a f0 b4 ce c5 e3 87 0a ec 3a c0 39 93 9f a8 ed e5 62 fb b1 d5 2c d9 91 9f 25 c4 e5 56 89 Data Ascii: G~A3-$Zv&!,s2\|b#'-:Q-U@7hba"YGu$+,ux!{YbRyR^Yny(pc;02tSaQ9#G}W),$Z=osXSlp&,NlY\|43XZ:9b,%V
2024-10-24 09:43:16 UTC	444	IN	Data Raw: 20 85 62 b0 f9 01 3a 13 ec a3 9e b9 ad 17 e6 79 81 3c 2f 10 13 ed d9 67 cb ec 41 f1 02 01 7c 02 1e 33 44 43 a4 8b 90 c4 88 8d d1 c4 f3 02 e9 c9 c7 44 d2 b2 e4 05 a2 39 27 9b a1 4e 34 2f 10 a2 92 8c 8f 10 f5 a8 cc 14 cf 0b e4 79 81 14 01 8a 1e 49 92 2b d0 68 e3 79 81 24 23 be d2 de a2 f8 8c 2a 48 c9 7a fc df 65 7e 01 9a 9c 69 45 f9 ad c0 0b 44 fb 8c 09 b6 c7 6a 35 18 50 11 52 db e1 fd 6c 0a 6f a6 8b 48 ea 09 3c 2f 90 e7 05 aa 7e d2 3e 42 fb ca a6 b6 26 6e 52 5e 20 d3 6a 32 ae a8 66 6b 75 df eb 79 81 f2 23 1f ea 57 41 95 03 23 9f 54 ea cd a3 7e c1 14 b3 04 c0 40 0d 36 0a 84 e7 05 52 b4 55 17 14 a4 98 46 b4 d0 be a3 ca 38 91 ba b3 c7 98 b4 d3 e4 92 0a f3 75 6c 67 8f 11 fd cd 1f 2b fa 3e af f2 65 bf 25 db 45 32 d3 da 1a f2 37 b7 e5 6c 83 74 f2 c0 c0 11 c1 28 Data Ascii: b:y</gA\|3DCD9'N4/yI+hy$#*Hze~iEDj5PRloH</~>B&nR^ j2fkuy#WA#T~@6RUF8ulg+>e%E27lt(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.16	49827	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:17 UTC	525	OUT	GET /gui/images/manifest/icon-192x192.png HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:43:17 UTC	303	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b4c61e1909122611b75530b191fa197f Server: Google Frontend Content-Length: 8764 Date: Thu, 24 Oct 2024 09:43:17 GMT Expires: Thu, 24 Oct 2024 09:44:17 GMT Cache-Control: public, max-age=60 ETag: "gp--tA" Content-Type: image/png Age: 0 Connection: close
2024-10-24 09:43:17 UTC	1105	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c0 00 00 00 c0 08 06 00 00 00 52 dc 6c 07 00 00 22 03 49 44 41 54 78 da ed 5d eb 93 1d c5 75 df 9a 8f fa c8 1f a0 8f 77 85 1d 13 13 48 1c b0 63 9b 18 02 d8 ae 04 9c aa c4 09 55 c1 49 91 4d 85 72 19 dd 15 c8 b0 bc 21 2b 21 0c c8 8b 29 05 81 09 e6 21 05 6c 48 04 c6 c1 06 8c 6d 08 60 63 84 c1 98 60 dd bb 2f 69 57 fb 92 b4 ab 7d bf d5 99 9e fb ea e9 e9 e9 3e a7 1f 77 e6 6a 7b aa a6 6e ef dd 99 73 e7 d1 a7 fb 3c 7e e7 d7 6d 6d 6d 6d 41 5b 7c 0b b8 cf 36 c1 31 69 c7 41 b6 c0 e0 bb da f7 81 a2 0d 95 25 3b 0e d2 6e 33 b8 f7 ac e4 a7 3d 47 d9 fb 0d 34 de 57 ab c9 47 3d e0 00 f1 d2 02 83 17 26 bb c9 c0 40 be 89 32 ab 14 33 d0 bc d6 66 c9 6f 93 bc c3 40 f2 bd ee f5 e6 5d be 56 a7 c6 be 4c d3 d1 2e 40 8e 0e 98 Data Ascii: PNGIHDRRl"IDATx]uwHcUIMr!+!)!lHm`c`/iW}>wj{ns<~mmmmA[\|61iA%;n3=G4WG=&@23fo@]VL.@
2024-10-24 09:43:17 UTC	1408	IN	Data Raw: 74 21 c1 b2 30 a2 2b 87 2f cf f2 21 9d 4e 85 cb 82 74 e2 2c e4 57 fb e6 26 84 d9 13 40 0b a9 6b 51 9f 2e ec c3 37 4d 8c 60 a6 4e 6c 9a 5e 36 aa ca 4c 2a 6c cc 3e cf f2 75 b2 ba aa e7 9f b1 fc 2e 83 b2 da f4 29 a2 5a cc d2 63 32 02 a9 70 41 90 e8 05 04 23 03 4d 92 e9 82 d5 d2 66 13 5b 60 b8 66 c8 77 e1 58 e7 44 3e ed a3 67 58 2f 55 25 95 6a 1d 63 07 48 67 b4 83 9e eb ca 04 d2 ad 8c ca ab 7c 95 59 89 19 ac 72 2a 7f 2b 90 95 24 80 4c 0f 35 88 f3 d6 66 65 22 5d 27 d4 b0 a1 3b 6c 49 63 de e5 9f ee ed aa 02 40 39 45 41 a3 3f 2d 60 df ab 63 d6 60 5e 0a 34 f6 af 6b 77 ba 9e aa 5b 31 27 80 09 31 63 67 ad ac e4 93 4a 8d f1 66 09 d1 96 b0 22 2c 15 3c 44 2a 95 fe a8 38 ba ac b3 99 14 b3 63 a3 03 a6 89 21 1d 47 32 ef f2 75 4c 4d e8 80 96 23 f9 1d 48 c2 b7 b6 54 96 b8 Data Ascii: t!0+/!Nt,W&@kQ.7M`Nl^6Ll>u.)Zc2pA#Mf[`fwXD>gX/U%jcHg\|Yr+$L5fe"]';lIc@9EA?-`c`^4kw[1'1cgJf",<D*8c!G2uLM#HT
2024-10-24 09:43:17 UTC	1408	IN	Data Raw: db 97 ec 1c 24 db 9e 18 25 db 9e dc b8 fb 45 3b 06 95 ca c1 2a 80 e7 05 d2 84 30 b8 04 4b ad 87 ed d1 a9 15 b2 f7 95 13 e4 82 3b 07 04 21 42 ce b1 ac 8e 98 57 ee 19 22 6f f7 2e 90 93 f3 6b 64 7a 61 63 ee d7 ef 1f 13 24 de 38 33 48 90 09 f6 bc 40 1a 68 50 97 b4 28 34 47 70 f8 d8 32 d9 fd 3f c7 c9 67 6f ef e7 ec 64 b1 63 78 f6 0d bd 64 fb fe d1 28 b7 b0 51 a1 d1 37 7f 7f 5c 9a 4d 67 9d 60 cf 0b 94 63 05 a8 e5 08 ca 63 4b 64 e7 81 09 72 fe 2d fd 8c 33 98 92 48 0a f7 73 ba 7a c9 ad 3f 18 27 43 27 56 9a 02 a0 cb 1b 2f 90 48 01 44 09 32 5d f9 ba e8 5d a8 fc a6 85 41 75 23 35 58 76 64 88 f2 c9 94 61 25 54 82 0f 87 16 c9 8d 4f 8f 91 3f be b1 2f 7d 06 60 14 e3 53 37 f5 91 fb 7e 74 8c 4c 4c af 6e a8 7a 00 ba d5 14 a0 3d 2d 5c 0b c8 03 d8 ba 36 1d f9 4e 4b 22 21 ab Data Ascii: $%E;*0K;!BW"o.kdzac$83H@hP(4Gp2?godcxd(Q7\Mg`ccKdr-3Hsz?'C'V/HD2]]Au#5Xvda%TO?/}`S7~tLLnz=-\6NK"!
2024-10-24 09:43:17 UTC	175	IN	Data Raw: 52 9f 01 8a 3c 23 5c 3c 43 6e 32 48 61 93 63 48 f9 1d 56 22 40 58 13 48 16 b9 d0 e1 15 35 19 2d 30 cb 04 a9 8e 9b 5b 5a 23 4f be 3e 15 d5 07 c4 28 4b 44 bc 3d 61 67 39 b7 ab 8f 74 3d 35 46 3e 1c 5e 8c 8a 71 b0 19 5c 93 08 09 24 21 86 86 43 0b 68 56 6a 26 90 2b 38 b4 4a f1 15 f2 d1 cc 70 81 09 37 a8 8d 9b d5 d1 7e db 89 16 59 c8 71 6a 6e 8d ec 79 e9 04 f9 f4 ad 7c b6 98 c3 ca 57 9d e4 3f bd b9 8f ec 38 30 11 65 8b 69 6d b2 4a 3e b4 f3 ea 5e 3f 26 a2 52 af 08 eb 4c 82 02 59 3f 00 98 94 42 87 b9 55 89 53 80 fc d6 82 43 db Data Ascii: R<#\<Cn2HacHV"@XH5-0[Z#O>(KD=ag9t=5F>^q\$!ChVj&+8Jp7~Yqjny\|W?80eimJ>^?&RLY?BUSC
2024-10-24 09:43:17 UTC	1408	IN	Data Raw: c6 fa 40 ce c5 98 6d b5 ff 8d 9d 5c 25 df fa e1 31 72 de cd 7d 49 c6 04 6e 36 a0 ed cf dc d6 1f 41 2c 46 26 57 22 a7 1a 8a 65 81 d8 ef d8 eb 87 cc 08 ac 13 5c 10 f1 0e 71 4c d4 ba f2 75 df 2d c2 ea 30 86 43 5b 29 89 74 b5 2a 0b 94 55 58 d7 21 93 d9 df c3 27 56 c8 1d cf 4e 34 6a 8b 19 22 59 11 a3 32 a5 64 f9 8f 9f 4d 46 d9 62 48 74 c4 56 56 18 12 51 49 7b af c9 92 c8 92 b0 84 54 57 3e 86 03 4a 47 3e 41 2e 91 24 a5 8d 33 81 43 eb 14 38 98 9a 49 d8 02 0a 0c 2e a7 16 1e ed 1b 5b 26 d7 ff e7 58 54 5b cc 92 ef b2 f4 83 ac b3 4c cb 2a 9f 7a eb 64 e8 4b ac 6b d9 f1 aa e4 11 06 57 04 99 25 58 13 a8 1e 09 aa 26 c4 0a 8c 63 0c 5d e1 05 73 0c 34 42 e6 3a 0a 94 9a 08 cb aa 20 06 6a 1f db c4 17 a5 dd 03 2d 8d fc dd 91 45 72 cd 63 23 e4 ac ed 22 ee fe 38 9c 9a 76 96 2f Data Ascii: @m\%1r}In6A,F&W"e\qLu-0C[)tUX!'VN4j"Y2dMFbHtVVQI{TW>JG>A.$3C8I.[&XT[LzdKkW%X&c]s4B: j-Erc#"8v/
2024-10-24 09:43:17 UTC	1408	IN	Data Raw: e5 c1 b1 35 40 78 5e 20 cf 0b a4 35 53 b0 bb 98 1e bd cc d9 ca a5 58 e7 a7 ab c5 bc 7f b8 91 e8 c2 e0 8d 3c 2f 90 e7 05 32 36 05 4c 7c 02 d9 02 19 49 f6 b7 52 2c 59 44 4b 1c ff f9 e1 a3 e4 ed de 79 e1 a2 79 58 de 21 13 1c 93 e7 05 f2 bc 40 20 0c 50 da 83 8d 2f 91 54 4e 10 5d d5 13 5e d5 f6 99 db 4a e4 8a 07 86 c8 2f 3e 9a 8b 42 a5 b6 78 87 3c 2f 10 58 86 e7 05 32 09 a9 f2 8b e4 3d 9f 58 24 af cc 95 34 36 22 3f 14 06 f1 95 fb 0e 93 17 df 9b 21 f3 80 f5 00 a0 23 3b 14 92 61 a2 f0 20 13 c8 f3 02 b9 35 87 f2 c4 0b 14 2d 93 fa 7f 73 e4 2f ba d9 05 b3 cb f5 c4 56 81 e3 f9 d9 12 ee 5f dc 35 48 0e fc 7a 3a 9a 35 54 f1 6d 1d de 21 cc f5 7b 5e 20 cf 0b 04 56 08 fe b3 b6 50 f6 c5 3b 6a 9d bf 24 ad 93 6d 8f 96 43 ea 8f b8 7d 66 99 2c 2f 24 12 63 e2 1b 41 e5 7b 5e 20 Data Ascii: 5@x^ 5SX</26L\|IR,YDKyyX!@ P/TN]^J/>Bx</X2=X$46"?!#;a 5-s/V_5Hz:5Tm!{^ VP;j$mC}f,/$cA{^
2024-10-24 09:43:17 UTC	1408	IN	Data Raw: 47 7e 41 e8 33 2d 24 5a 87 ff 76 26 21 d1 2c 73 32 8b 1d ca a5 7c f6 fc 62 23 f9 27 ac fd 2d b2 e8 d7 b8 d9 c3 3a c6 a6 51 2d 55 16 db 40 be 11 37 68 cc 14 62 13 61 98 22 0b 59 14 47 75 1e 24 93 99 f6 90 e6 16 2b 2c 0e 7f 75 cf e1 78 21 7b 0c e5 59 16 d4 b8 0a 9c e2 62 52 79 da 8b f2 08 52 5e e5 f3 59 6e 1e ec 96 08 79 0a d6 05 28 70 bf a9 63 d3 db 18 14 01 f2 3b 30 c4 0f 32 ac 74 53 12 61 b6 da 14 e2 f0 f2 07 b3 51 39 23 9b e5 15 47 7d f8 e4 57 29 8e 81 17 2c 0b 94 ec b0 b2 24 5a ce e4 17 cb 89 11 3d 8d ce 91 6f 17 98 73 0b 8c e2 b8 80 ba 58 e2 93 ed d0 ae 00 53 81 e1 6c a6 dc a1 18 70 08 16 88 26 ba de 2c cd 87 4e 6c 83 ab bf d0 59 16 82 ba 0a 7c f2 ab 98 34 33 58 5a f0 b4 ce c5 e3 87 0a ec 3a c0 39 93 9f a8 ed e5 62 fb b1 d5 2c d9 91 9f 25 c4 e5 56 89 Data Ascii: G~A3-$Zv&!,s2\|b#'-:Q-U@7hba"YGu$+,ux!{YbRyR^Yny(pc;02tSaQ9#G}W),$Z=osXSlp&,NlY\|43XZ:9b,%V
2024-10-24 09:43:17 UTC	444	IN	Data Raw: 20 85 62 b0 f9 01 3a 13 ec a3 9e b9 ad 17 e6 79 81 3c 2f 10 13 ed d9 67 cb ec 41 f1 02 01 7c 02 1e 33 44 43 a4 8b 90 c4 88 8d d1 c4 f3 02 e9 c9 c7 44 d2 b2 e4 05 a2 39 27 9b a1 4e 34 2f 10 a2 92 8c 8f 10 f5 a8 cc 14 cf 0b e4 79 81 14 01 8a 1e 49 92 2b d0 68 e3 79 81 24 23 be d2 de a2 f8 8c 2a 48 c9 7a fc df 65 7e 01 9a 9c 69 45 f9 ad c0 0b 44 fb 8c 09 b6 c7 6a 35 18 50 11 52 db e1 fd 6c 0a 6f a6 8b 48 ea 09 3c 2f 90 e7 05 aa 7e d2 3e 42 fb ca a6 b6 26 6e 52 5e 20 d3 6a 32 ae a8 66 6b 75 df eb 79 81 f2 23 1f ea 57 41 95 03 23 9f 54 ea cd a3 7e c1 14 b3 04 c0 40 0d 36 0a 84 e7 05 52 b4 55 17 14 a4 98 46 b4 d0 be a3 ca 38 91 ba b3 c7 98 b4 d3 e4 92 0a f3 75 6c 67 8f 11 fd cd 1f 2b fa 3e af f2 65 bf 25 db 45 32 d3 da 1a f2 37 b7 e5 6c 83 74 f2 c0 c0 11 c1 28 Data Ascii: b:y</gA\|3DCD9'N4/yI+hy$#*Hze~iEDj5PRloH</~>B&nR^ j2fkuy#WA#T~@6RUF8ulg+>e%E27lt(

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.16	49828	52.149.20.212	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:18 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=sZTN4KFwpgdCGN8&MD=VOzp3FM4 HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 09:43:18 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: ece4fc7c-e07e-48ac-b533-af544603b041 MS-RequestId: fccb3b4b-5a9f-4633-9e14-d98a71d62bd0 MS-CV: ali5yWN0Y06RKJBl.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 09:43:18 GMT Connection: close Content-Length: 30005
2024-10-24 09:43:18 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-24 09:43:18 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.16	49831	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:52 UTC	695	OUT	GET /gui/sha256.worker.5553997fe32b1412e31e.worker.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: worker Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:43:52 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 28c17f321a2f807b58a40e841fae3fcc Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:04:01 GMT Expires: Sat, 18 Oct 2025 10:04:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517191 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:52 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 00 0d 0a 30 66 66 39 0d 0a 00 02 ff ec bd fb 76 db 46 b6 e7 ff f7 ef 3c 05 93 75 a2 45 9a b0 02 90 20 08 4a 46 32 b6 ac c4 ea f8 d6 92 dd 49 b7 96 e4 45 4b 94 c4 58 22 d5 24 25 db b1 9c f7 99 e7 98 17 9b cf 77 57 15 00 ca f2 25 dd f9 9d 35 33 eb f4 45 06 81 42 d5 ae 7d df bb 6a 17 9a cd 56 f1 dd bb cb e1 ac b1 28 de a5 bd 7c ed e8 62 72 b0 18 4f 27 cd 45 34 8a 66 2d 7b 34 5e 5f ac 8e de 9c 4f 67 8b 79 d1 1c 17 b3 66 92 b4 a2 59 b3 1b a7 fa a7 63 7f 06 99 fe c9 06 bd 56 54 76 e1 de 5e 14 e3 68 54 2c 56 4f Data Ascii: 000000010000000100000001000000010000000100000001000010ff9vF<uE JF2IEKX"$%wW%53EB}jV(\|brO'E4f-{4^_OgyfYcVTv^hT,VO
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 73 a3 d2 85 fa 3d 6c b7 a5 04 c7 d6 18 8e e7 35 35 ac 5e bb b8 fe da 49 f9 da 5b 5e 53 63 f7 9a 1a 56 af 89 f7 97 46 3b 2a 5f 3b e6 35 35 76 af a9 61 f5 9a 40 5e 7a ed 34 bc b6 7e 52 5c 82 9e 17 20 e5 2d a8 38 7e 7f 59 34 87 61 b2 26 a7 c3 fa 84 4d 4e 87 b5 49 4b 20 87 7e de ad 6a e2 f4 a1 31 83 ac bb 37 3c 3c be 8f 0a 03 55 1f c8 7a e8 e3 ad e0 f0 68 f0 70 d4 50 e1 fb a8 d0 51 f5 71 54 f5 71 ac 3e 3c 4e 7c 1f 35 bc f8 3e 2a dc 54 7d 9c 56 7d 88 89 40 91 e3 1f f0 a4 8b ce 1e c8 72 5c 03 c6 22 d4 f3 ce f8 b7 d1 5a fe be 85 b3 e0 f4 fc 8b 83 d9 68 b8 18 3d 18 9d 9e 8f b0 d1 2d 4c 45 34 d6 33 04 2e e9 a6 d7 f8 f9 bf c2 d5 58 3f 98 4e e6 8b c6 04 d3 29 87 23 8b f3 a4 db cb f9 d1 e9 a4 9d b8 97 76 7b 3d 0c 57 9c a6 71 de cf a3 5e bf 1f 27 49 2e 0b d6 eb c4 59 Data Ascii: s=l55^I[^ScVF;_;55va@^z4~R\ -8~Y4a&MNIK ~j17<<UzhpPQqTq><N\|5>T}V}@r\"Zh=-LE43.X?N)#v{=Wq^'I.Y
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 49 81 61 7d 80 1f 43 83 cc d0 03 18 c0 10 a5 06 2c 16 d8 26 2b 63 db ef a1 d0 22 0c 2b 76 0c 18 a5 1d 50 a5 8c 27 eb 85 aa 86 3d 65 46 d0 aa 0c 0c ed e0 52 29 05 d4 2c c3 62 91 30 03 50 52 5a 03 dd cf 5d 53 ac 31 aa d3 08 06 01 e2 c1 20 d3 b8 28 48 53 30 19 12 c3 8b d2 c8 12 09 7a 02 e0 0c 1d dc 87 65 00 08 08 50 2b 98 4b 10 8f 9a 43 e9 c4 60 12 ad 46 03 34 b3 04 19 45 88 a2 eb 69 b6 e9 00 8a 30 09 91 06 4e 47 8f 66 f4 00 47 33 45 c8 20 32 63 fa 63 24 17 47 00 23 22 d5 90 00 4c c6 34 50 ed 12 75 de 82 f1 a5 e3 78 19 d4 30 4f e8 88 88 62 2f 65 62 91 7f 98 1d fc 8a 15 b1 37 3d 20 91 21 41 98 12 74 1a dc 01 0d c4 14 20 1c 5b 0a 6d 18 01 70 a1 14 ae 89 a0 61 54 58 46 5a 18 13 41 1f e8 13 3a 48 bb 03 5c 0d a4 11 57 05 1b 8e 77 c1 74 20 37 7c 65 03 74 e3 81 ae Data Ascii: Ia}C,&+c"+vP'=eFR),b0PRZ]S1 (HS0zeP+KC`F4Ei0NGfG3E 2cc$G#"L4Pux0Ob/eb7= !At [mpaTXFZA:H\Wwt 7\|et
2024-10-24 09:43:52 UTC	311	IN	Data Raw: 24 fd 81 0f 24 45 0a be a5 44 50 02 52 3d 12 27 25 4b e4 00 08 3e e2 73 1c 02 e9 59 18 01 c9 c1 21 15 aa b0 62 10 4f b4 92 5c d3 6b 84 79 03 4e 72 13 28 36 b4 b1 82 3a d9 14 d0 22 2b 28 25 ab 88 8c e9 30 10 9a 01 1b 24 c1 43 98 d1 08 0a 2d 04 29 ba 95 46 0c c5 64 10 48 70 09 75 a5 c2 10 5e 3a 83 fe b0 a8 d4 7f 86 d1 21 a6 83 f3 d0 8f 64 8d 10 5f 9a 22 48 30 a1 45 09 18 1f 24 1d 1f 9d e0 45 61 52 86 0b 0c 93 62 61 71 29 f0 c1 15 de 90 86 c2 b4 42 13 8c 8e 29 4c 64 95 a8 1b ef 08 c6 83 e6 38 2b 42 3b 4a 0e 45 8b ff c3 b0 04 16 58 2b 23 27 b3 82 08 72 38 30 b6 f2 99 70 fd e5 27 70 cd 00 78 56 03 cc 97 dc 0c 10 8d 92 44 77 a1 22 a5 a3 e1 04 de c1 50 e5 28 55 29 09 dc 5b 62 7f fc 15 0c 28 1e 16 c0 32 2d b0 0f ea 94 1c 41 7e 49 e6 e0 ce e2 f8 e7 84 c2 96 3f 22 Data Ascii: $$EDPR='%K>sY!bO\kyNr(6:"+(%0$C-)FdHpu^:!d_"H0E$EaRbaq)B)Ld8+B;JEX+#'r80p'pxVDw"P(U)[b(2-A~I?"
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 17 0d 0a 30 30 30 30 30 30 30 31 0d 0a b0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 01 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a df 0d 0a 30 30 30 30 30 30 30 31 0d 0a 83 0d 0a 30 30 30 30 30 30 30 31 0d 0a dc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 18 0d 0a 30 30 30 30 30 30 30 31 0d 0a 37 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a eb 0d 0a 30 30 31 0d 0a 29 0d 0a 31 66 65 65 0d 0a bb ab 40 0b 66 42 95 60 92 e0 3a c0 63 68 a9 2e 85 82 24 60 Data Ascii: 00000001000000010000000100000001n00000001000000010000000100000001'00000001+00000001000000010000000100000001000000010000000170000000100000001001)1fee@fB`:ch.$`
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 28 44 68 2c 91 33 9b 0d aa a5 df 70 db a0 04 aa 0c c5 cb b4 b0 84 32 d9 08 14 a6 03 99 54 47 a0 50 5c 42 a2 0b fd 08 1f 32 00 ee 29 9d 88 0c 40 8a f8 e0 bf f2 1c 0d 8f 9a 97 74 42 19 26 84 4a c1 59 17 1f 28 dd 67 39 27 a8 82 85 b0 05 32 e4 14 d6 46 f8 e4 e6 a3 c9 00 18 cc e2 b4 f1 ba 92 fe 84 3b f0 3e 21 2f d8 97 1d 85 19 70 33 9c d5 90 26 17 ab da 73 d9 22 31 07 e0 d3 9b 6c 05 33 c2 21 81 f5 d5 00 11 53 e6 0e 8a 22 0e 5a 3d 80 cf 41 3c a6 96 c8 15 91 43 9c 31 e9 b2 83 5c 42 7b 14 1e 38 42 bb 23 27 ca e5 c2 83 3c 46 af a3 f9 71 de d0 80 48 09 a3 c1 65 0a b2 e5 39 91 87 80 2f 18 18 ff 01 4d 88 8d 56 02 07 2d ae 4c 2b f8 c4 84 90 1a e3 a7 7a 30 47 4c 81 89 34 09 60 28 72 51 36 1b dc 2b cc c3 20 c0 d0 44 22 90 14 56 93 ad 16 71 60 7f 94 b6 81 83 f1 84 6f 90 Data Ascii: (Dh,3p2TGP\B2)@tB&JY(g9'2F;>!/p3&s"1l3!S"Z=A<C1\B{8B#'<FqHe9/MV-L+z0GL4`(rQ6+ D"Vq`o
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 22 78 58 29 34 2b f3 96 83 05 d1 59 8c 97 6b 46 48 ae 64 ac 24 94 41 59 fb 04 dd 18 13 a9 1c 3c 4b 08 28 12 a0 d0 b1 45 48 b6 62 63 de 96 86 84 62 12 1c 29 2d 66 a1 be d0 b9 b0 8a 92 51 78 1e 82 10 51 e5 1e e1 ad e6 2a 3b a9 88 4d 93 21 3b 28 47 8d 58 0a 64 61 e8 e5 e6 03 21 c9 04 e5 15 34 49 2c 94 f4 22 62 8c 66 36 c8 70 3b 69 04 63 d2 01 01 b4 02 10 f2 6d b0 3b 80 83 19 b9 06 72 bc 49 a2 22 8e 83 11 12 ae 04 09 dd 4a 5d a0 4e a0 b1 1e 9b f5 47 df eb 15 d9 41 a5 a2 23 a6 84 5e 45 9d 70 93 47 f2 7d b1 c0 52 f0 e0 4f 8a 1b ba e1 dc 09 4c 04 13 1a 49 4b 8a 43 78 9d e4 05 58 80 63 88 f8 e5 b3 63 88 a5 6a 14 3b 2a 75 0f b7 e1 38 21 f7 8a d0 94 42 15 17 8a b1 b8 81 9b a3 2d 11 a0 1a f7 0d ce 46 d2 b4 24 03 2f 60 7b 79 84 75 66 52 08 06 01 1e 66 83 89 90 3d 21 Data Ascii: "xX)4+YkFHd$AY<K(EHbcb)-fQxQ;M!;(GXda!4I,"bf6p;icm;rI"J]NGA#^EpG}ROLIKCxXccj;u8!B-F$/`{yufRf=!
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 73 4d 67 4b 13 6e bd f3 3a d5 b8 cb b5 f4 55 7a 9b 8f 37 5e fc f2 c3 93 ed 47 2f 1e 3d b9 bf 19 49 97 bf f7 7d dd 77 a5 5c 5f de d7 fd cd 1b fa 1a 4f c6 b5 ba 44 5f 0b eb e0 38 3a 76 3c cb 4c c2 3c 66 2d 5f 02 f6 06 c1 3c 7b 34 3d a4 de d5 df a1 30 06 bd 6e 6f ce 54 ec d8 04 50 bb a8 a6 da 7a 37 5f b5 5b ab 07 c3 53 94 1c e5 8f a1 3f 5f 21 a9 97 ce 67 d3 83 d1 7c 5e bd 06 3d eb f8 79 31 3c 3f 57 59 e5 22 bc eb 5f d0 bb 47 e3 c9 f0 54 e5 39 75 66 08 2f af ac 18 74 1f bc 7f 38 fd c1 bf a6 2e 42 81 4f c9 d0 69 f4 62 99 0a 6b 49 f4 62 19 97 6b 9d 68 89 cb ab e1 29 59 f3 75 c6 8d 85 18 d3 c1 f2 f5 7c 31 1b 4f 8e bf a6 ba f3 ed f9 68 7a d4 58 7c 7f 6f ed ed 7b 0f 68 78 a3 89 dd 76 b7 de f9 32 c0 aa 5f ab 8a 0b 8f e9 7a dc 12 b7 aa 12 b0 49 35 b3 4a e6 98 8a 2f Data Ascii: sMgKn:Uz7^G/=I}w\_OD_8:v<L<f-_<{4=0noTPz7_[S?_!g\|^=y1<?WY"_GT9uf/t8.BOibkIbkh)Yu\|1OhzX\|o{hxv2_zI5J/
2024-10-24 09:43:52 UTC	1408	IN	Data Raw: 9c 2d d1 45 0e f9 c7 e1 af 85 a3 83 a3 38 e1 8f 09 cb b4 00 38 27 63 95 15 76 ce 9a fa 12 82 3d 0b 4e 57 9d 82 c5 89 9b 7e 8a 63 6f 82 f3 e3 ac ea 25 76 fc f9 89 8c ae 4f 24 88 46 98 4f f4 36 b8 70 1f 99 09 7c 8a a3 d6 82 e1 93 e4 9a 42 71 5e d1 b5 73 9d 60 cf ca 80 48 24 44 89 f1 3a 8c fb 35 27 f1 8c 50 25 a3 c3 af bf 0a b1 d9 eb 31 4c fc 7a 65 c5 fd 0b 0b 13 64 4d 2d 25 b6 74 a7 15 dd f4 f2 7c 74 7a c4 b9 38 fc ad bf 58 fb 7d f3 6b c7 a7 d3 97 c3 d3 67 98 df 95 95 ea ba de c5 07 77 5b d1 57 e3 95 95 9b 60 b8 36 81 b3 b9 1d b5 b2 34 85 70 ef e3 9d b8 f1 02 34 1f 42 e2 ef a8 83 d6 62 f6 16 2d 3e 6b b2 16 d1 7a 8f bf 7a 40 3e b0 f5 ce b2 6d 93 7a 64 24 4d 61 fa e2 eb 40 8e 2a 22 1e af 1e 8f 16 db a6 3f fe 36 3c bd 18 cd ad d7 92 35 ae 3d 6c 4e 46 af 1b cf Data Ascii: -E88'cv=NW~co%vO$FO6p\|Bq^s`H$D:5'P%1LzedM-%t\|tz8X}kgw[W`64p4Bb->kzz@>mzd$Ma@*"?6<5=lNF
2024-10-24 09:43:52 UTC	1371	IN	Data Raw: 73 11 de 0c c4 35 46 d3 5a da 07 1c 77 fe 41 5e 38 f0 c8 74 3b 2c 1a 5e 9c c3 91 35 67 a6 5c 35 73 de cc 07 cb 77 9e 61 34 49 08 f0 a7 ac 01 96 ec b3 46 41 ea 47 56 f6 2a b0 2a c7 5b 4e 92 17 5e 73 b2 9d 4d 23 eb 57 cb 4e 21 f1 a1 c7 b3 e1 81 3b 33 70 09 bd be 83 8f f6 7a b9 fa e0 d1 dd 0d d7 b5 dc b2 e5 ce a1 ea dc 16 a7 95 b0 09 da 6f fe be f9 68 b8 38 81 96 10 85 1d 4d b5 f1 6c bf 81 0f 80 6f 38 fc b8 84 22 38 cb d5 11 c7 3f 87 65 f4 fa 82 16 00 29 bb 15 8c b2 3f f1 38 46 2e 63 8e 91 9d d9 56 13 44 68 8e 1f 66 83 0e 49 51 22 91 95 f6 e6 40 d9 16 a7 b5 d2 e0 56 e7 ea fa b3 d6 1e 86 31 bb 6d 0f d7 27 de 59 bb 2a 86 66 0d cd 5d 8b f0 e6 82 40 8d 88 49 75 2e 23 32 38 6d bd 67 72 93 03 bf 84 ff 31 9d ef dd cc 9b fd 08 27 55 67 c3 73 fc 74 ef 4f 96 4b 70 61 Data Ascii: s5FZwA^8t;,^5g\5swa4IFAGV*[N^sM#WN!;3pzoh8Mlo8"8?e)?8F.cVDhfIQ"@V1m'Yf]@Iu.#28mgr1'UgstOKpa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.16	49832	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:53 UTC	537	OUT	GET /gui/sha256.worker.5553997fe32b1412e31e.worker.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:43:53 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 28c17f321a2f807b58a40e841fae3fcc Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:04:01 GMT Expires: Sat, 18 Oct 2025 10:04:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517192 Connection: close Transfer-Encoding: chunked
2024-10-24 09:43:53 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 66 66 38 0d 0a 02 ff ec bd fb 76 db 46 b6 e7 ff f7 ef 3c 05 93 75 a2 45 9a b0 02 90 20 08 4a 46 32 b6 ac c4 ea f8 d6 92 dd 49 b7 96 e4 45 4b 94 c4 58 22 d5 24 25 db b1 9c f7 99 e7 98 17 9b cf 77 57 15 00 ca f2 25 dd f9 9d 35 33 eb f4 45 06 81 42 d5 ae 7d df bb 6a 17 9a cd 56 f1 dd bb cb e1 ac b1 28 de a5 bd 7c ed e8 62 72 b0 18 4f 27 cd 45 34 8a 66 2d 7b 34 5e 5f ac 8e de 9c 4f 67 8b 79 d1 1c 17 b3 66 92 b4 a2 59 b3 1b a7 fa a7 63 7f 06 99 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000ff8vF<uE JF2IEKX"$%wW%53EB}jV(\|brO'E4f-{4^_OgyfYc
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: bb 3f d9 3d 82 f3 3c ad f6 a7 bb a7 52 5d c6 b2 fb 73 a3 d2 85 fa 3d 6c b7 a5 04 c7 d6 18 8e e7 35 35 ac 5e bb b8 fe da 49 f9 da 5b 5e 53 63 f7 9a 1a 56 af 89 f7 97 46 3b 2a 5f 3b e6 35 35 76 af a9 61 f5 9a 40 5e 7a ed 34 bc b6 7e 52 5c 82 9e 17 20 e5 2d a8 38 7e 7f 59 34 87 61 b2 26 a7 c3 fa 84 4d 4e 87 b5 49 4b 20 87 7e de ad 6a e2 f4 a1 31 83 ac bb 37 3c 3c be 8f 0a 03 55 1f c8 7a e8 e3 ad e0 f0 68 f0 70 d4 50 e1 fb a8 d0 51 f5 71 54 f5 71 ac 3e 3c 4e 7c 1f 35 bc f8 3e 2a dc 54 7d 9c 56 7d 88 89 40 91 e3 1f f0 a4 8b ce 1e c8 72 5c 03 c6 22 d4 f3 ce f8 b7 d1 5a fe be 85 b3 e0 f4 fc 8b 83 d9 68 b8 18 3d 18 9d 9e 8f b0 d1 2d 4c 45 34 d6 33 04 2e e9 a6 d7 f8 f9 bf c2 d5 58 3f 98 4e e6 8b c6 04 d3 29 87 23 8b f3 a4 db cb f9 d1 e9 a4 9d b8 97 76 7b 3d 0c 57 Data Ascii: ?=<R]s=l55^I[^ScVF;_;55va@^z4~R\ -8~Y4a&MNIK ~j17<<UzhpPQqTq><N\|5>T}V}@r\"Zh=-LE43.X?N)#v{=W
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 69 9c 03 2e 24 4f b0 06 93 42 91 c4 a8 48 fa c2 74 49 81 61 7d 80 1f 43 83 cc d0 03 18 c0 10 a5 06 2c 16 d8 26 2b 63 db ef a1 d0 22 0c 2b 76 0c 18 a5 1d 50 a5 8c 27 eb 85 aa 86 3d 65 46 d0 aa 0c 0c ed e0 52 29 05 d4 2c c3 62 91 30 03 50 52 5a 03 dd cf 5d 53 ac 31 aa d3 08 06 01 e2 c1 20 d3 b8 28 48 53 30 19 12 c3 8b d2 c8 12 09 7a 02 e0 0c 1d dc 87 65 00 08 08 50 2b 98 4b 10 8f 9a 43 e9 c4 60 12 ad 46 03 34 b3 04 19 45 88 a2 eb 69 b6 e9 00 8a 30 09 91 06 4e 47 8f 66 f4 00 47 33 45 c8 20 32 63 fa 63 24 17 47 00 23 22 d5 90 00 4c c6 34 50 ed 12 75 de 82 f1 a5 e3 78 19 d4 30 4f e8 88 88 62 2f 65 62 91 7f 98 1d fc 8a 15 b1 37 3d 20 91 21 41 98 12 74 1a dc 01 0d c4 14 20 1c 5b 0a 6d 18 01 70 a1 14 ae 89 a0 61 54 58 46 5a 18 13 41 1f e8 13 3a 48 bb 03 5c 0d a4 Data Ascii: i.$OBHtIa}C,&+c"+vP'=eFR),b0PRZ]S1 (HS0zeP+KC`F4Ei0NGfG3E 2cc$G#"L4Pux0Ob/eb7= !At [mpaTXFZA:H\
2024-10-24 09:43:53 UTC	328	IN	Data Raw: e8 0b af 0b 50 e5 94 42 1d 91 0b 9a a2 ad 81 1a 8e 24 fd 81 0f 24 45 0a be a5 44 50 02 52 3d 12 27 25 4b e4 00 08 3e e2 73 1c 02 e9 59 18 01 c9 c1 21 15 aa b0 62 10 4f b4 92 5c d3 6b 84 79 03 4e 72 13 28 36 b4 b1 82 3a d9 14 d0 22 2b 28 25 ab 88 8c e9 30 10 9a 01 1b 24 c1 43 98 d1 08 0a 2d 04 29 ba 95 46 0c c5 64 10 48 70 09 75 a5 c2 10 5e 3a 83 fe b0 a8 d4 7f 86 d1 21 a6 83 f3 d0 8f 64 8d 10 5f 9a 22 48 30 a1 45 09 18 1f 24 1d 1f 9d e0 45 61 52 86 0b 0c 93 62 61 71 29 f0 c1 15 de 90 86 c2 b4 42 13 8c 8e 29 4c 64 95 a8 1b ef 08 c6 83 e6 38 2b 42 3b 4a 0e 45 8b ff c3 b0 04 16 58 2b 23 27 b3 82 08 72 38 30 b6 f2 99 70 fd e5 27 70 cd 00 78 56 03 cc 97 dc 0c 10 8d 92 44 77 a1 22 a5 a3 e1 04 de c1 50 e5 28 55 29 09 dc 5b 62 7f fc 15 0c 28 1e 16 c0 32 2d b0 0f Data Ascii: PB$$EDPR='%K>sY!bO\kyNr(6:"+(%0$C-)FdHpu^:!d_"H0E$EaRbaq)B)Ld8+B;JEX+#'r80p'pxVDw"P(U)[b(2-
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 31 0d 0a 17 0d 0a 31 66 66 66 0d 0a b0 8a 6e 01 08 81 27 2b 02 df 83 dc 18 37 0a eb 29 bb ab 40 0b 66 42 95 60 92 e0 3a c0 63 68 a9 2e 85 82 24 60 18 41 52 02 36 e0 2c 30 4c 38 04 ba 18 4c ba 49 9a 0c 6c a2 b1 11 32 5d 32 41 9c 7d 34 0d 3d 20 be 84 27 4a 28 a0 bb e0 44 73 29 31 24 08 b0 54 31 4d c1 1c d2 cf 68 60 9d ff 7b 87 00 da 41 1a 86 80 e3 a0 b9 7c 12 74 33 6e 02 bd a3 14 f0 ca f0 18 08 2a e4 93 c8 13 91 d2 60 de c4 b8 e8 02 b3 0c b8 cb 88 00 e0 40 05 80 c7 f0 62 b5 08 a5 e4 04 33 18 94 82 2f e0 74 42 35 e9 18 18 15 6f 02 59 93 7e 42 e3 e0 e7 42 94 08 e5 a1 84 05 9c 21 fb 86 31 46 25 61 48 61 69 34 27 ec 60 11 bc d2 96 10 4d 5a 38 c7 a7 56 4a 48 79 28 d8 1c 10 c1 0e 6a 48 d2 81 3b 80 4d 71 6c ac 00 00 1d c3 5d 12 2b bc a0 e4 23 a6 Data Ascii: 00000011fffn'+7)@fB`:ch.$`AR6,0L8LIl2]2A}4= 'J(Ds)1$T1Mh`{A\|t3n*`@b3/tB5oY~BB!1F%aHai4'`MZ8VJHy(jH;Mql]+#
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 8d 56 02 07 2d ae 4c 2b f8 c4 84 90 1a e3 a7 7a 30 47 4c 81 89 34 09 60 28 72 51 36 1b dc 2b cc c3 20 c0 d0 44 22 90 14 56 93 ad 16 71 60 7f 94 b6 81 83 f1 84 6f 90 6b 31 3e ca 10 73 22 eb 82 f5 50 ae 03 92 61 4f 91 62 a9 79 e4 55 96 80 7e 19 1c 0f 01 b3 28 18 14 c4 61 5a b1 f7 d2 3d 16 55 d1 19 cc 00 1c 72 a2 e5 6c 93 cb 17 7e a1 03 48 03 6a f4 2c be 9b d4 be b4 04 41 13 e0 c1 8c 4a f7 82 34 d3 ce 70 b9 16 d8 b8 0b 01 f1 8b 89 8b 84 06 cc 84 d2 02 f2 e5 b1 65 f2 35 61 15 7c 05 d4 2b 20 a2 c2 30 ea 36 5f 84 89 29 21 1d 60 41 e9 71 18 9e 4b 5c 63 61 18 55 44 60 09 03 c2 08 b0 95 22 4d b8 5b a6 08 95 69 d4 c1 61 47 62 b0 22 0c 85 eb 0c b3 30 15 a9 7e c5 d5 b6 70 2a 0f 10 a6 62 3e cc 53 eb 0e 60 1e f1 20 1e 41 06 61 13 84 14 06 42 6c 50 c3 78 25 38 d1 5c e2 Data Ascii: V-L+z0GL4`(rQ6+ D"Vq`ok1>s"PaObyU~(aZ=Url~Hj,AJ4pe5a\|+ 06_)!`AqK\caUD`"M[iaGb"0~p*b>S` AaBlPx%8\
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 88 a5 6a 14 3b 2a 75 0f b7 e1 38 21 f7 8a d0 94 42 15 17 8a b1 b8 81 9b a3 2d 11 a0 1a f7 0d ce 46 d2 b4 24 03 2f 60 7b 79 84 75 66 52 08 06 01 1e 66 83 89 90 3d 21 11 a1 4c 05 97 04 13 a4 b9 09 87 c4 31 98 14 a5 0d 71 45 81 4a 2b 61 28 5b 34 24 02 0d a5 40 0e 20 48 af 02 2a 38 87 44 12 75 74 38 5e 0b 94 a2 25 ac 07 3d cd ed c4 d7 80 d8 60 40 c9 2f 8c 0a f4 85 53 e1 61 19 7f 86 46 17 9a 2a 84 b3 61 77 fa 47 fe 94 ad c4 f6 c3 1f a4 95 a0 2b a0 82 12 1c 27 65 ae b0 58 10 09 7b 07 a8 72 f8 4c d5 ca ff 55 a0 63 41 1e b6 5d fe 8b ec 10 dd 80 36 84 98 d5 0d 38 5f 44 c1 49 41 87 c0 e2 22 2f c1 1e 1c 0a d0 f8 dd 38 5e f2 b2 88 05 88 ba 70 b9 00 45 8b 48 98 70 b5 44 2c 64 39 18 9f 79 a0 0f 14 39 cb c7 87 58 12 62 dc 39 5a 4b 07 60 ae 50 a0 32 54 a0 0d 8b a7 dc 02 Data Ascii: j;u8!B-F$/`{yufRf=!L1qEJ+a([4$@ H8Dut8^%=`@/SaF*awG+'eX{rLUcA]68_DIA"/8^pEHpD,d9y9Xb9ZK`P2T
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 7c 31 1b 4f 8e bf a6 ba f3 ed f9 68 7a d4 58 7c 7f 6f ed ed 7b 0f 68 78 a3 89 dd 76 b7 de f9 32 c0 aa 5f ab 8a 0b 8f e9 7a dc 12 b7 aa 12 b0 49 35 b3 4a e6 98 8a 2f f6 fb e4 5b be 4d f5 16 55 87 a0 a1 45 8d 58 73 b6 ba b3 a0 b2 e9 cc f3 f6 51 e0 02 15 b4 06 94 55 9d 57 d0 58 59 6b a0 ca 57 31 90 54 1a 23 a1 eb d1 ea 99 38 e7 1d 97 5e fb 86 5a 69 e3 a8 52 6a de 7d b9 d0 94 82 b5 1a c4 e7 0f 4a 4a 29 4d cb 1d 7c 20 1e a1 ee f2 c0 6a bb 4b ee 1f 5f 16 a3 f7 cc e7 b0 38 5d dd b8 b7 51 94 34 0c ba e8 22 20 8f b2 d3 c0 11 d4 63 8b 56 ae 09 35 8e de 44 8c 2f d7 a7 df 37 27 78 3c 8e 5f e9 7b d1 5a 9b f8 a7 e7 b3 d1 a5 e9 aa b2 7c b5 5e a2 3b da 9d b5 e7 7b fb 94 df ce f7 02 3f 8d 56 4b ec d4 0c 9c a7 8f 75 55 11 d1 9c 45 19 98 b1 1f ce cd 13 05 3a 5e 2d 89 b8 3e Data Ascii: \|1OhzX\|o{hxv2_zI5J/[MUEXsQUWXYkW1T#8^ZiRj}JJ)M\| jK_8]Q4" cV5D/7'x<_{Z\|^;{?VKuUE:^->
2024-10-24 09:43:53 UTC	1408	IN	Data Raw: 3e 6b b2 16 d1 7a 8f bf 7a 40 3e b0 f5 ce b2 6d 93 7a 64 24 4d 61 fa e2 eb 40 8e 2a 22 1e af 1e 8f 16 db a6 3f fe 36 3c bd 18 cd ad d7 92 35 ae 3d 6c 4e 46 af 1b cf c7 93 45 b7 63 99 9d 66 d2 6a 61 0c 6b 83 8b b8 37 8d e2 54 94 1d 90 b4 3c 42 ed 41 33 6d e1 cf 0e 0f b7 d4 ff c3 4d c2 e3 6a 52 ef 17 27 b3 e9 eb 86 c6 df 9c cd 08 02 be 7e 3c 5c 8c 2f 47 0d c7 27 0d 6c 09 27 29 35 0e a6 17 a7 87 8d c9 74 d1 78 39 6a 5c a0 41 1a 8b 69 83 49 34 e6 88 f8 6c d4 70 a3 35 26 17 67 2f 47 b3 d5 af 61 e5 69 f1 e4 e5 af a3 83 a0 f1 6b 2c bb 94 53 00 af 1e 29 61 76 4a 1b 88 a1 67 41 c0 c9 b8 ce a6 8b a9 52 0d 64 68 66 85 60 25 6b 53 bb 3b b9 38 3d 8d 66 0a fc b1 9d ef de 13 93 cc 95 36 d3 e5 41 e1 f2 5e c5 3b a7 9c 6a f2 15 22 8e a9 73 af ca e1 56 56 f0 e9 bd cf 86 23 Data Ascii: >kzz@>mzd$Ma@*"?6<5=lNFEcfjak7T<BA3mMjR'~<\/G'l')5tx9j\AiI4lp5&g/Gaik,S)avJgARdhf`%kS;8=f6A^;j"sVV#
2024-10-24 09:43:53 UTC	1171	IN	Data Raw: 0f d7 27 de 59 bb 2a 86 66 0d cd 5d 8b f0 e6 82 40 8d 88 49 75 2e 23 32 38 6d bd 67 72 93 03 bf 84 ff 31 9d ef dd cc 9b fd 08 27 55 67 c3 73 fc 74 ef 4f 96 4b 70 61 9e 38 94 33 1c ca a2 5b 7a 99 1c 24 3d ba d9 ab c4 4a b1 14 a4 a7 6d b7 38 23 7f 04 cf 92 9f e6 59 6a 9f 16 6d f2 2b b5 e8 e8 a1 66 ef 5a 74 ca 16 7e fd 88 43 77 a7 ed d5 7e ef d6 10 00 86 b8 39 13 e7 aa b0 5c 02 6e b1 8a 73 61 ee 56 b3 7b 7b d8 5a c9 ba f8 5e 9a eb 81 96 53 dc 73 f6 35 38 dd 26 d2 ad 4f bc 77 f2 4d ba 1e 7a 3a 28 b9 69 f2 49 17 27 e0 d0 bb 37 41 69 83 37 b9 e6 a6 22 59 c1 1c 91 68 7c 04 2a e1 85 af c8 19 7e f8 04 af a8 c4 ae f3 d4 d9 ed 61 31 85 39 ec 93 5d 07 b9 5c 0b 66 37 6d 71 ae af 25 18 d8 20 76 6d 4a f3 c0 69 0a e9 0e 47 6f 9e c0 7e ad f5 db 09 61 e7 10 8b 35 2a 86 a5 Data Ascii: 'Yf]@Iu.#28mgr1'UgstOKpa83[z$=Jm8#Yjm+fZt~Cw~9\nsaV{{Z^Ss58&OwMz:(iI'7Ai7"Yh\|~a19]\f7mq% vmJiGo~a5*

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.16	49833	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:43:58 UTC	930	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTEwOTQ5NTQxMDEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDM3LjM4MQ== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:43:59 UTC	882	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 250090719d926b33a5c6917b089f2a60 Date: Thu, 24 Oct 2024 09:43:59 GMT Server: Google Frontend Content-Length: 26916 Expires: Thu, 24 Oct 2024 09:43:59 GMT Cache-Control: private Connection: close
2024-10-24 09:43:59 UTC	526	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 7b 22 69 64 22 3a 20 22 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 22 2c 20 22 74 79 70 65 22 3a 20 22 66 69 6c 65 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 66 69 6c 65 73 2f 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 22 7d 2c 20 22 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 6e 61 6d 65 73 22 3a 20 5b 22 75 70 64 61 74 65 Data Ascii: {"data": {"id": "c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3", "type": "file", "links": {"self": "https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3"}, "attributes": {"names": ["update
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 72 4d 74 61 4d 76 38 69 6c 70 34 4c 51 4b 54 75 57 70 65 63 47 75 48 62 44 62 64 4b 33 2f 7a 4b 3a 79 76 48 34 67 31 58 4d 76 7a 44 4b 6e 54 75 57 66 31 72 57 32 22 2c 20 22 74 6c 73 68 22 3a 20 22 54 31 42 32 44 36 33 33 32 36 41 33 44 34 35 44 45 32 44 43 43 32 41 31 42 35 34 36 39 32 30 39 35 45 46 41 33 33 42 43 44 38 30 33 37 30 43 42 34 42 31 42 36 30 34 41 42 33 37 45 31 37 31 46 34 39 45 37 41 37 35 32 22 2c 20 22 74 6f 74 61 6c 5f 76 6f 74 65 73 22 3a 20 7b 22 68 61 72 6d 6c 65 73 73 22 3a 20 30 2c 20 22 6d 61 6c 69 63 69 6f 75 73 22 3a 20 30 7d 2c 20 22 66 69 72 73 74 5f 73 75 62 6d 69 73 73 69 6f 6e 5f 64 61 74 65 22 3a 20 31 37 32 38 36 30 38 32 39 36 2c 20 22 61 75 74 68 65 6e 74 69 68 61 73 68 22 3a 20 22 32 33 62 65 39 33 61 61 35 62 35 37 Data Ascii: rMtaMv8ilp4LQKTuWpecGuHbDbdK3/zK:yvH4g1XMvzDKnTuWf1rW2", "tlsh": "T1B2D63326A3D45DE2DCC2A1B54692095EFA33BCD80370CB4B1B604AB37E171F49E7A752", "total_votes": {"harmless": 0, "malicious": 0}, "first_submission_date": 1728608296, "authentihash": "23be93aa5b57
2024-10-24 09:43:59 UTC	482	IN	Data Raw: 36 2e 33 32 35 39 35 22 2c 20 22 74 79 70 65 22 3a 20 22 4c 69 6e 6b 65 72 22 2c 20 22 6e 61 6d 65 22 3a 20 22 4d 69 63 72 6f 73 6f 66 74 20 4c 69 6e 6b 65 72 22 7d 2c 20 7b 22 76 65 72 73 69 6f 6e 22 3a 20 22 32 30 32 32 20 76 65 72 73 69 6f 6e 20 31 37 2e 36 22 2c 20 22 74 79 70 65 22 3a 20 22 54 6f 6f 6c 22 2c 20 22 6e 61 6d 65 22 3a 20 22 56 69 73 75 61 6c 20 53 74 75 64 69 6f 22 7d 2c 20 7b 22 69 6e 66 6f 22 3a 20 22 50 4b 43 53 20 23 37 22 2c 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 32 2e 30 22 2c 20 22 74 79 70 65 22 3a 20 22 53 69 67 6e 20 74 6f 6f 6c 22 2c 20 22 6e 61 6d 65 22 3a 20 22 57 69 6e 64 6f 77 73 20 41 75 74 68 65 6e 74 69 63 6f 64 65 22 7d 5d 7d 2c 20 22 73 69 67 6d 61 5f 61 6e 61 6c 79 73 69 73 5f 72 65 73 75 6c 74 73 22 3a 20 5b 7b 22 Data Ascii: 6.32595", "type": "Linker", "name": "Microsoft Linker"}, {"version": "2022 version 17.6", "type": "Tool", "name": "Visual Studio"}, {"info": "PKCS #7", "version": "2.0", "type": "Sign tool", "name": "Windows Authenticode"}]}, "sigma_analysis_results": [{"
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 6e 22 3a 20 22 44 65 74 65 63 74 73 20 70 6f 74 65 6e 74 69 61 6c 20 44 4c 4c 20 73 69 64 65 6c 6f 61 64 69 6e 67 20 6f 66 20 5c 22 4d 70 53 76 63 2e 64 6c 6c 5c 22 2e 22 2c 20 22 72 75 6c 65 5f 61 75 74 68 6f 72 22 3a 20 22 4e 61 73 72 65 64 64 69 6e 65 20 42 65 6e 63 68 65 72 63 68 61 6c 69 20 28 4e 65 78 74 72 6f 6e 20 53 79 73 74 65 6d 73 29 2c 20 57 69 65 74 7a 65 20 42 65 75 6b 65 6d 61 22 2c 20 22 6d 61 74 63 68 5f 63 6f 6e 74 65 78 74 22 3a 20 5b 7b 22 76 61 6c 75 65 73 22 3a 20 7b 22 49 6d 61 67 65 4c 6f 61 64 65 64 22 3a 20 22 43 3a 5c 5c 55 73 65 72 73 5c 5c 3c 55 53 45 52 3e 5c 5c 41 70 70 44 61 74 61 5c 5c 4c 6f 63 61 6c 5c 5c 54 65 6d 70 5c 5c 30 46 41 39 44 37 30 39 2d 33 46 45 38 2d 34 37 32 41 2d 41 34 45 38 2d 32 41 30 42 43 38 33 32 44 Data Ascii: n": "Detects potential DLL sideloading of \"MpSvc.dll\".", "rule_author": "Nasreddine Bencherchali (Nextron Systems), Wietze Beukema", "match_context": [{"values": {"ImageLoaded": "C:\\Users\\<USER>\\AppData\\Local\\Temp\\0FA9D709-3FE8-472A-A4E8-2A0BC832D
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 31 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 43 41 54 2d 51 75 69 63 6b 48 65 61 6c 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 41 54 2d 51 75 69 63 6b 48 65 61 6c 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 32 2e 30 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 53 6b 79 68 69 67 68 22 3a Data Ascii: "engine_update": "20241011", "category": "undetected", "result": null}, "CAT-QuickHeal": {"method": "blacklist", "engine_name": "CAT-QuickHeal", "engine_version": "22.00", "engine_update": "20241010", "category": "undetected", "result": null}, "Skyhigh":
2024-10-24 09:43:59 UTC	1280	IN	Data Raw: 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 4b 37 47 57 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 32 2e 31 39 33 2e 35 33 35 33 31 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 43 72 6f 77 64 53 74 72 69 6b 65 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 72 6f 77 64 53 74 72 69 6b 65 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 Data Ascii: "method": "blacklist", "engine_name": "K7GW", "engine_version": "12.193.53531", "engine_update": "20241010", "category": "undetected", "result": null}, "CrowdStrike": {"method": "blacklist", "engine_name": "CrowdStrike", "engine_version": "1.0", "engine_u
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 50 45 58 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 50 45 58 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 36 2e 35 38 34 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 50 61 6c 6f 61 6c 74 6f 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 50 61 6c 6f 61 6c 74 6f 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 30 2e 39 2e 30 2e 31 Data Ascii: lt": null}, "APEX": {"method": "blacklist", "engine_name": "APEX", "engine_version": "6.584", "engine_update": "20241010", "category": "undetected", "result": null}, "Paloalto": {"method": "blacklist", "engine_name": "Paloalto", "engine_version": "0.9.0.1
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 63 65 6e 74 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 30 2e 30 2e 31 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 31 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 45 6d 73 69 73 6f 66 74 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 45 6d 73 69 73 6f 66 74 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 30 32 34 2e 31 2e 30 2e 35 33 37 35 32 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 Data Ascii: cent", "engine_version": "1.0.0.1", "engine_update": "20241011", "category": "undetected", "result": null}, "Emsisoft": {"method": "blacklist", "engine_name": "Emsisoft", "engine_version": "2024.1.0.53752", "engine_update": "20241010", "category": "undete
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 43 4d 43 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 4d 43 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 2e 34 2e 32 30 32 32 2e 31 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 30 33 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 53 6f 70 68 6f 73 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 53 6f 70 68 6f 73 22 2c 20 22 Data Ascii: gory": "undetected", "result": null}, "CMC": {"method": "blacklist", "engine_name": "CMC", "engine_version": "2.4.2022.1", "engine_update": "20241003", "category": "undetected", "result": null}, "Sophos": {"method": "blacklist", "engine_name": "Sophos", "
2024-10-24 09:43:59 UTC	1408	IN	Data Raw: 22 36 2e 36 2e 31 2e 33 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 6e 74 69 79 2d 41 56 4c 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 6e 74 69 79 2d 41 56 4c 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 33 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 4b 69 6e 67 73 6f 66 74 22 Data Ascii: "6.6.1.3", "engine_update": "20241010", "category": "undetected", "result": null}, "Antiy-AVL": {"method": "blacklist", "engine_name": "Antiy-AVL", "engine_version": "3.0", "engine_update": "20241010", "category": "undetected", "result": null}, "Kingsoft"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.16	49838	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	907	OUT	GET /ui/files/submission/challenge HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Cache-Control: no-cache Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTQ4OTkxMDg3NTMtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDM5LjI5 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	879	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 867ca1296109b1ad79ab51599d16e765 Date: Thu, 24 Oct 2024 09:44:01 GMT Server: Google Frontend Content-Length: 43 Expires: Thu, 24 Oct 2024 09:44:01 GMT Cache-Control: private Connection: close
2024-10-24 09:44:01 UTC	43	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 7b 22 63 68 61 6c 6c 65 6e 67 65 22 3a 20 22 33 62 6b 56 59 48 4a 4d 54 41 41 43 61 4a 65 43 22 7d 7d Data Ascii: {"data": {"challenge": "3bkVYHJMTAACaJeC"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.16	49835	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	676	OUT	GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 882c066edeaa62b697f1d5f65c7a99ca Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:01 GMT Expires: Sat, 18 Oct 2025 08:57:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521219 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:00 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a eb 0d 0a 30 30 30 66 66 33 0d 0a 7a db 46 b2 b0 7b 2b 34 97 e3 87 34 41 8a d4 c9 32 25 88 cb b1 93 b1 93 38 c9 c4 ce c1 a3 68 34 14 05 49 b0 29 40 01 41 4b 8a ac ef f7 f7 7b df cb be 81 7d 29 fb 4a f6 5b d5 07 34 24 ca 51 b2 66 d6 5e df 3c c9 8c 45 1c ba 1b d5 d5 d5 Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001000ff3zF{+44A2%8h4I)@AK{})J[4$Qf^<E
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 40 c1 6d 98 a4 65 4f f9 40 31 9f 00 f0 83 07 c0 50 7b d2 cb c6 27 70 ad e6 cb f1 a9 56 f8 f0 a1 f9 2a 31 75 47 a6 07 87 45 7e c2 87 86 cd 27 8e b9 db 82 4b 7f 6f 8d 86 df a7 1f 5e b4 b3 92 ab 8d 0f 83 f5 0f 2b cb 6d 2e 9f 4e c7 27 a7 c9 41 db b4 70 7f a9 57 26 b3 b2 95 b4 47 a6 37 43 23 12 ae ae 68 16 b4 64 00 f9 e0 41 33 9b 9f ec 27 45 80 02 cb a5 da 97 f4 a2 55 c6 49 5b b1 50 c4 fd 28 ad f0 d8 be bc b2 3c e9 72 36 4c a3 ac 62 38 9e 14 0a a4 99 6d 6b 74 79 90 67 c9 f0 5e ff 6a 68 af 06 d1 fb f1 74 9e 0c e1 64 9d ce ee d5 55 94 54 2d 30 36 e5 71 91 9f 35 ca ab e8 70 98 5e 5d 99 bb 2c 39 6b bc 66 98 3e 2b 8a bc 68 35 5f 64 b4 80 88 1b 97 65 72 72 5a 36 ca bc 61 e8 21 69 64 79 d6 d5 eb fd 69 d2 48 91 3e e3 6c 92 f4 7e ce 5e 64 8d bc 38 48 0a 29 bb cf 1b 21 Data Ascii: @meO@1P{'pV*1uGE~'Ko^+m.N'ApW&G7C#hdA3'EUI[P(<r6Lb8mktyg^jhtdUT-06q5p^],9kf>+h5_derrZ6a!idyiH>l~^d8H)!
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: f5 99 96 fc 77 91 51 a6 37 5e 46 31 70 a8 bc 7f ba cf fe 74 9f 05 ee 33 43 23 ff 22 7d c5 cd bf c6 7d e2 1b 9c 48 d7 a5 95 f7 c5 65 37 74 15 a2 5d a4 88 73 cf 21 ee fb 9b 05 2e 3a 1c ae ed 64 a7 d8 ad 2a 70 e3 db 49 f1 f3 e6 71 b2 49 50 8f 5d 68 6e a6 54 50 ad 43 d6 bf cf 5a f9 4e ba 5b 29 1e b7 b9 bd 0c 94 99 77 7c 95 3d 91 21 b0 d8 6a ad fa 31 c7 15 be 5f df e9 b7 01 a7 2c d5 df fa 26 1e 44 2f e2 e5 e8 f3 78 25 7a 1e af 46 df c4 83 a4 bb 5e 85 16 7c 55 d5 68 96 c5 38 9b 4d c7 68 11 cd 4e d9 69 46 fd 76 b3 6a fa db 85 05 fb 91 16 0d 0b fe 5a 15 24 94 69 bb 23 51 46 55 33 bf 18 c6 68 75 a2 2c 7e 39 2e 8f 7b 27 e3 73 95 6a fb e3 ec e0 2c 3d 28 8f 5b ed ee f2 c3 ac bd b4 8c a8 2b 72 02 1e 5a b2 be b7 a5 cd 83 0c 19 91 68 f3 49 bb 13 08 8b 9f 7c 5c cb 3d 55 Data Ascii: wQ7^F1pt3C#"}}He7t]s!.:d*pIqIP]hnTPCZN[)w\|=!j1_,&D/x%zF^\|Uh8MhNiFvjZ$i#QFU3hu,~9.{'sj,=([+rZhI\|\=U
2024-10-24 09:44:00 UTC	388	IN	Data Raw: 2f f0 b3 d2 ce 31 82 10 89 32 ce 33 62 f8 5a ee 59 d1 19 b4 51 6a 8a 64 fc ce 77 98 b9 7a cf 84 e6 ea 26 90 4b 01 72 98 d9 40 d4 04 13 6b 79 f5 45 ef b4 c8 cb 5c b0 16 7f 19 5c 87 a6 c4 e1 17 51 1e c4 bb aa 9d c8 da 64 c5 f3 a6 fc 92 25 14 de bc 34 42 fe 32 6e 48 f7 f4 04 55 6d 76 3a 45 7d 5b fa fb 87 9f 67 9d a5 36 0b 84 d3 80 d5 82 7b 23 53 9b 4d 08 a4 ec a1 91 27 e7 18 7d 9a 04 99 8a 39 39 d9 8e fb ba 5c 70 5d 4c e8 62 0d 0b 78 0d 23 4c 48 f7 0a 31 9b 7d 73 96 59 5b 33 21 97 0b 08 84 6d 33 59 7e 96 d5 08 44 f7 ba 5c 2a c9 d0 2b c5 0e 96 67 5a 9d 13 98 c3 ea a1 5a 11 12 6d 7d 63 5b c3 d6 72 5b 7d b7 c2 13 ef c5 08 fe a6 23 a1 2a a4 3b 5b 40 a9 19 96 6f e2 78 25 b0 7a 9f 1d 3d 42 ad 98 00 85 dc 20 ab f9 d6 78 53 28 8b 1d 1f 65 9c ef cc a1 2d 81 af 9d 6a Data Ascii: /123bZYQjdwz&Kr@kyE\\Qd%4B2nHUmv:E}[g6{#SM'}99\p]Lbx#LH1}sY[3!m3Y~D\+gZZm}c[r[}#;[@ox%z=B xS(e-j
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 90 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 30 30 30 30 30 31 0d 0a 06 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 30 30 31 0d 0a da 0d 0a 31 0d 0a 61 0d 0a 32 66 66 35 0d 0a 98 4e db 19 12 dc b7 0b be 6d 8c 9a 7e ad 46 20 56 a4 6b be 5a 4f 85 3f d0 57 bb e6 fd 2f 00 25 08 09 20 62 9e 8a 95 a3 70 80 61 ec 80 d6 52 22 97 d3 eb 80 25 58 2c d4 8e 99 95 f1 97 15 53 c7 b6 4b 08 bc 23 f0 06 ab a4 4a 17 71 7a 47 12 6c c3 f1 ca 91 62 e5 97 79 52 5c bc d2 85 23 18 13 bb bd 6f 49 d6 77 d6 f6 0e af f6 8f f3 45 1f 48 ef Data Ascii: 00000001R0000000100000001`00000001/00000001W0000000100000001'0000000100000001000000011a2ff5Nm~F VkZO?W/% bpaR"%X,SK#JqzGlbyR\#oIwEH
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: ca f6 82 b6 3e 15 43 83 f2 4f f1 ea 3d c5 1f 88 a9 02 f1 58 a1 e3 6f b7 80 76 a3 52 19 90 ca 8f b7 54 92 31 11 79 ba 10 ca cd 1b 4d 5a 7b eb a8 d9 c4 c9 57 81 f4 17 0f 74 2a 1e a8 e7 af 5f 7e 55 03 f9 cb 5b be ae ed 57 55 42 80 bf b8 a5 ca 1d 00 ae 1a bc 05 dc bf 7a 70 c5 56 f2 2a dd 47 db 39 82 39 33 b0 a1 93 3b d0 43 75 a0 02 92 2c 89 52 31 a3 74 5a 10 43 93 cf 67 b7 b6 12 6a a1 76 bc af 7d 47 8d 52 aa ee 06 5f c8 c4 87 be 80 5a 6d ff a5 89 9a cc 11 5f 82 3c f4 2a 19 f6 a1 4d a7 41 61 0d 38 c7 63 20 11 36 46 12 59 13 58 ad b4 16 22 c2 66 82 33 a5 4c 6c 09 80 20 30 a7 f6 08 51 89 ea 12 72 ec e4 16 58 ed e7 15 ae 1a b0 37 1a fc 88 46 54 68 e3 a6 db aa 34 da 5e 31 b5 54 7b 1a 25 d9 30 cb 24 9c b8 a2 47 a2 34 3c ee 84 06 aa 37 73 79 23 8d a1 32 d6 87 61 13 Data Ascii: >CO=XovRT1yMZ{Wt_~U[WUBzpVG993;Cu,R1tZCgjv}GR_Zm_<*MAa8c 6FYX"f3Ll 0QrX7FTh4^1T{%0$G4<7sy#2a
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: e9 ec 53 a3 bd 79 82 b0 96 c0 00 0c 92 ba 22 b2 d1 72 2d 83 30 24 cd 58 ba d1 db 43 11 22 04 74 4a fa 89 3d d9 84 10 c3 4f c8 4d 28 0f 2b 72 f0 83 20 20 8b 90 53 16 aa 85 b0 6f ea 8d 61 7e 1a fa 76 ea 35 83 8a c9 4a d3 bf d9 1e 65 ee d8 9c 28 13 55 73 56 d3 37 6a a2 82 a3 a0 11 77 6e 94 7c 47 79 66 93 85 65 90 d5 6c f6 8a 63 89 8f 3e 96 bd 9d e2 62 28 d0 1a 0d e7 91 3d 00 b8 e6 e5 81 b1 10 98 e0 3f bb 71 9b 78 38 93 98 4a 6b a5 68 fd 61 2d 2d 24 16 f2 dc 07 c3 0f 93 96 e4 fc 23 7e 7e 54 d8 1d 0e a9 df 0c 22 b1 c1 ba 99 22 e8 5d 65 4c 53 47 48 e2 b6 a5 b0 86 76 d7 6c 4b 29 9d 41 60 cf ca 21 b1 de ba eb 14 85 d5 52 76 15 1d 45 f4 9f d9 cf 84 62 46 16 14 32 90 04 e4 9a ca 5c ea 6f 4e b7 64 b6 4c fd ca 46 82 30 92 9d e9 2e 11 18 85 fc 1c 13 e0 60 1b 3e 85 e2 Data Ascii: Sy"r-0$XC"tJ=OM(+r Soa~v5Je(UsV7jwn\|Gyfelc>b(=?qx8Jkha--$#~~T""]eLSGHvlK)A`!RvEbF2\oNdLF0.`>
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 07 76 e3 eb 61 89 18 8e 6f 37 2a e3 ed 35 6a f6 0e c2 d1 58 98 91 56 9c 91 70 96 c5 97 93 f1 a9 a4 6f e4 7c 87 e8 94 c4 6a e9 7b 2e 07 41 4c df 9e 82 26 1e 85 44 1c 2a cf 4c 9c 13 eb 6e 89 e1 c9 4f 5f 9c 9c 24 07 29 be 65 89 c9 19 1f 49 c2 09 d4 cc ca fc bd 4f 75 25 34 fc 6b 4c 53 bb 3d 2f 34 69 8b 27 50 c1 31 f9 db c2 dd 8b e7 5a d9 29 6a 26 c9 a5 f5 ee 60 b8 f1 cd 55 8b 1c 4e 20 e0 bc 27 93 21 45 dc 96 8e 25 06 09 a0 5f 8a 3d 5e 77 88 3c c9 e2 de a3 e8 55 16 0f 96 9e 64 d1 eb 2c 6e fe fc f3 ec 61 6b a7 d3 dd 1d fd fc f3 41 a7 2d b7 cd e8 5d ed 05 27 75 f0 ee e1 cf 3f f7 da 5a 88 fb 9d e4 b3 dd aa d2 c8 56 7b fa 7b ab 7d 62 3e f7 75 16 2f fd fd 3f 5a 3b fd ee e3 71 f7 70 f7 72 25 da b8 6a df 5f 8a be 67 07 3e a3 f8 5d 72 f4 d9 f9 69 eb 1f 7f 2f 8e f6 7f Data Ascii: vao75jXVpo\|j{.AL&DLnO_$)eIOu%4kLS=/4i'P1Z)j&`UN '!E%_=^w<Ud,nakA-]'u?ZV{{}b>u/?Z;qpr%j_g>]ri/
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: f7 e3 b7 b9 9b c7 4c c5 75 e8 96 87 10 0d 42 88 f9 8c d8 93 06 60 c5 6b 6b f2 40 54 48 99 93 2b 50 bd de 1d 70 52 d7 f0 51 7f 95 f3 3a 1f 63 b0 77 2c 19 d6 c6 84 37 f7 0a 3e 3c e1 f1 0a 82 d4 e1 76 75 85 99 cc d0 9f 92 ab c6 53 3a 53 6f 7d ed d1 80 f1 d5 c7 ca f2 61 b2 cb 4c 27 f3 a8 c2 d3 60 00 4b 65 2c b4 64 80 a6 d5 95 0d 58 cd 0a 8f 4f c7 17 63 7a 76 aa bd 5d e9 3f 7a 14 9d ca 9a f5 74 7e 78 28 8f e4 7f 14 4b 8a b9 f0 8b f5 0d d8 7e e4 e6 c6 fa a0 0f 0d 9d 4e 59 a7 22 a3 97 57 d7 57 a8 9c 9f c1 1c 1c dd 22 23 98 89 96 24 84 ca 1e 31 93 61 b9 09 18 b6 4f d7 d7 21 09 c4 af ed 3e a4 44 27 18 90 0b ab 0f 2c 23 53 d7 10 35 45 7e 31 36 f3 81 79 86 04 58 8b 66 84 f5 4c 61 df a2 36 30 ba cc 86 47 3c 13 8d 03 c0 57 69 67 63 99 fb ec c0 b5 b4 de 5f a1 e6 2a fe Data Ascii: LuB`kk@TH+PpRQ:cw,7><vuS:So}aL'`Ke,dXOczv]?zt~x(K~NY"WW"#$1aO!>D',#S5E~16yXfLa60G<Wigc_*
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 5d 7f 98 73 cf 5d d2 69 0d b8 32 6f f5 49 d1 99 3f 64 64 d7 af 30 09 bf cc a2 6f 38 dd 5b 93 f1 fa a9 d6 b0 06 5e b1 42 13 80 26 94 a8 ac 2b 30 0e 2b db 53 d7 b2 b8 06 a6 68 ef 84 ec 2f d4 ac 6a ef 71 65 26 e7 c3 cf 33 31 65 9c a8 be 55 bb d9 f0 ae 80 85 4d f9 4a 1b 12 de 60 ef 66 81 67 d4 f1 8a 86 4c 51 98 ad d7 eb 66 d3 aa c6 77 47 fb c3 e7 70 70 cb 37 b8 26 69 1d a8 f8 25 8b 7e cd 22 2c dd e0 e4 12 73 0c 6b 6d f6 c8 54 48 31 69 7f 84 db be ca 0c f7 63 95 d1 7a 45 4b 95 a4 53 06 cf e8 28 ba 8e dc c5 be bb 70 4c 40 fc 6a c5 bb 5b 5a 7f 12 b4 8e 39 fc 8f b4 ae dc c0 c9 65 81 45 1d f1 27 a7 15 56 ad 20 14 86 6a 84 52 e4 2e 09 a7 74 97 fb ed e8 ba e0 11 97 e0 82 01 ef f6 d6 b6 8c b7 8a 50 3b d3 e2 16 d4 df 5b 7b f0 a0 7a e5 36 01 1e dd 7c 45 74 a5 d6 da 77 Data Ascii: ]s]i2oI?dd0o8[^B&+0+Sh/jqe&31eUMJ`fgLQfwGpp7&i%~",skmTH1iczEKS(pL@j[Z9eE'V jR.tP;[{z6\|Etw

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.16	49836	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	676	OUT	GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 61c8a9faeb81744b464184c1c018b63e Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:13 GMT Expires: Sat, 18 Oct 2025 08:45:13 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521927 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:00 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 66 66 38 0d 0a 02 ff cc 5d 6d 73 db 46 92 fe 7e bf 82 e6 5d a9 88 32 17 11 25 f9 25 64 60 af d7 56 bc da 8d e5 54 24 27 77 e7 f3 a1 40 12 92 10 51 80 0a 00 e5 a8 24 fe f7 ed c1 bc f5 74 cf 40 4c ce c9 25 1f 62 61 fa e9 ee 67 66 7a 30 33 0d 70 30 5c 37 f9 a0 69 eb 62 d1 0e 67 a3 26 5f 9d c5 9f f3 f9 75 b6 b8 7c 7d b1 2e 2f 6f da 74 5d a4 57 59 51 26 3d b2 fb fb 8f 9f a2 f8 7a dd 5c 8c 3e 7e 3c f8 7a ef d9 de a7 f1 5d f7 ef f4 6c 5d 2e da a2 2a Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100ff8]msF~]2%%d`VT$'w@Q$t@L%bagfz03p0\7ibg&_u\|}./ot]WYQ&=z\>~<z]l].*
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 29 5c 75 c3 b9 1e af 66 ba c9 07 4b d1 e8 cd e7 a2 5d 5c 88 bf 16 19 cc 08 bb 53 f1 cf f0 c7 c3 1f de 1c bd 3e 4d 3f 1c ff f3 f8 fd 4f c7 c3 a9 ea 9b 3a 26 92 59 a7 75 e0 6a fd ed f0 f8 e8 ad 4f 49 0a a4 ce 73 57 e7 c3 f1 9b c3 d3 c3 d7 a7 87 6f bc ce b4 50 ea 4e f6 5c e5 93 0f 27 df 1f bd 3e 7a ff e1 c4 a3 6c 85 4a f9 a9 ab fc ee d5 77 41 5d 23 9b e9 10 34 0d f1 e1 f8 87 c3 d7 ef df 1e 1f fd f7 e1 1b 34 9e 16 9e 46 65 ad a6 9a 93 35 b3 24 68 e1 b2 bd 28 5a 35 2f 05 db 16 a4 0a 56 32 a4 4a b6 71 a8 92 95 30 25 d3 2a 54 c7 08 86 a4 bd 86 3a 90 50 4b 89 69 8e 86 9f ad ba 52 50 1e 06 bb 94 b8 d3 34 83 03 2a b6 55 d6 16 9e 53 88 ad a0 86 4c f6 28 c6 54 c8 40 9e 92 9a 89 89 d5 8c a8 b5 a7 4a 6a 44 9d 1c c2 c8 39 3a fd 2f 36 a4 56 31 15 49 12 6a 4c 19 e1 f1 fb Data Ascii: )\ufK]\S>M?O:&YujOIsWoPN\'>zlJwA]#44Fe5$h(Z5/V2Jq0%T:PKiRP4USL(T@JjD9:/6V1IjL
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: f9 86 8d 88 35 80 e7 fe de e1 bc 16 f0 5a 0f 1b da 73 a2 dc 34 0f 86 63 7b ee 7a cb 59 1f 62 ab f0 f4 08 d1 eb 51 c2 b6 7b 57 96 d8 ba 3b 7b f7 aa 61 fb e1 55 a9 63 dc e9 9e b0 8e b1 ec 8b 69 b3 9c c5 96 d1 6c df ab 63 2c e3 f0 30 eb 60 6c 31 30 cb 1b ac b1 b4 d5 c2 19 5b 46 53 fc 56 ba 90 75 d8 8c 97 b9 5c 5d 8b 87 b0 72 21 09 cf 28 cd e3 32 78 fe 6a d7 cd 3f e4 19 3c 36 83 07 30 e2 19 1c 2d 86 05 e5 4c ac cf 53 f5 04 02 16 72 d9 cb 56 2c d1 a7 6d 7c 5d 35 8f 33 b5 07 cf 13 f5 c8 26 6b 1a d8 3c 8c ee 36 e3 73 f9 30 29 77 17 be c9 c7 4f e3 1c 2d 45 e1 7a d6 99 fa 26 75 16 bd 6a b1 1b cd f4 b3 8b 17 2f 5e ec ab e7 17 93 29 2c 95 e9 8e 1f 1e 8d c9 5b 4b 34 9b c3 1e e0 52 66 ea f6 14 94 ac cc fd e0 7d 00 3b ab 74 f9 d4 bb d5 b7 1b 78 be 82 4c 1f 00 da 2e a9 Data Ascii: 5Zs4c{zYbQ{W;{aUcilc,0`l10[FSVu\]r!(2xj?<60-LSrV,m\|]53&k<6s0)wO-Ez&uj/^),[K4Rf};txL.
2024-10-24 09:44:00 UTC	327	IN	Data Raw: 06 70 f7 c0 b6 d3 77 8a 82 46 70 b2 48 27 13 89 49 0e 91 04 8d 03 0e 08 ba 63 89 b6 ae 4f 71 ad 18 82 38 63 f2 a0 2f 4c 0b d6 9a f2 29 31 f3 e7 45 11 9f 5e 4c d0 2f 4d 61 31 97 14 40 bc 51 71 d0 11 cb 37 31 4f 0c 41 5c 31 79 d0 17 4b 0f 31 5f 0c 41 7c 31 79 8f 2f 9e c1 f1 b8 e3 20 e6 91 43 82 4e 79 ca 85 b9 e4 10 e2 90 03 82 ee 54 2e 85 f9 d0 39 16 77 08 eb 84 0c be 41 ca 5b 84 cd bb 98 7b 88 2e 92 e4 50 1a 85 92 f1 27 51 8c 1d 9e e7 d0 f7 25 26 f1 58 b6 29 0a 5d 47 70 67 0b 0d 39 5b e4 31 a2 b6 88 fa 77 17 c8 12 91 18 73 a4 dc b1 89 d6 17 c0 c5 dd d3 43 ad c3 62 b0 1e 16 86 5c 98 db 63 9f 23 2f c8 75 e7 85 3c e8 54 b5 43 d7 62 88 bb 31 a6 e4 01 57 4a ea 78 41 1b ea ce 2a ba 06 2b e8 ca d1 32 0e cd 6e 1b 5a 9a 16 82 3e 2d 72 8c f8 36 b3 1d 07 9f 00 8c f9 Data Ascii: pwFpH'IcOq8c/L)1E^L/Ma1@Qq71OA\1yK1_A\|1y/ CNyT.9wA[{.P'Q%&X)]Gpg9[1wsCb\c#/u<TCb1WJxA*+2nZ>-r6
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a ea 0d 0a 30 30 30 30 30 30 30 31 0d 0a 34 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 01 0d 0a 30 30 30 30 30 30 30 31 0d 0a d2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1e 0d 0a 30 30 30 30 30 30 30 31 0d 0a c3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 37 64 61 0d 0a e9 2e 2c 77 7c f9 c6 15 da 40 b9 b7 14 d3 ad 06 01 be 7a 2d 38 be 70 04 9a 7d 8b ae 8f b1 6d 24 aa d9 d8 86 c5 b1 b9 d5 ea bf f3 b1 15 12 7c 6e 85 eb de 0d 15 2f a2 7c 9f d5 6d 91 89 c3 6e fe 6c ef a2 78 5e 42 81 1d 01 db da b8 e9 3d ef 8e c5 64 b0 3c 52 d8 44 78 4a a1 19 3d a5 ca 7d b7 29 b1 3f 30 75 09 38 3b 16 b4 cd 74 ca 7f ff 77 4f 1e fe 3d d8 9f e7 9d 13 87 eb ef f5 ae 89 5e 36 c9 1f f4 ba 5b 3d 37 81 80 47 f9 6f 78 c5 Data Ascii: 000000010000000140000000100000001000000010000000100000001000000010007da.,w\|@z-8p}m$\|n/\|mnlx^B=d<RDxJ=})?0u8;twO=^6[=7Gox
2024-10-24 09:44:00 UTC	716	IN	Data Raw: 27 87 ea 76 d9 01 bf c9 d1 11 60 a9 0e bb c0 11 60 70 32 ad 1c 3c 49 aa a3 d2 3d 66 67 5a 7a 82 2d b9 1c a5 2a 16 dd d3 bc f6 01 ae 82 0f be ed 82 62 4f 1d a5 96 8e 2d 21 c7 cf 01 28 ea 20 92 9a 26 c8 1e 52 7d 02 aa be c0 00 33 be 60 7a c8 dc 53 30 87 23 40 b2 c1 81 d2 63 41 9f 60 03 8d e9 3d c1 a6 f4 9d 60 d3 7a 3b 94 cf 36 aa a7 d0 24 a3 4a e0 2c 39 dd 8b e6 77 75 aa 20 82 13 e6 b4 cc cd c5 f2 5b 08 32 cc 85 e2 bc 3a 76 6f b5 33 18 97 09 cf bc d4 4d 4b 03 33 79 9f 32 e9 57 55 22 6b a4 3e 2e 84 c2 48 4c 4d e2 bc 7f b8 05 2a a4 aa 60 07 95 3b 4f fc 3a a2 0e 29 54 35 5d 04 2e f4 9f 24 e0 90 13 8d 10 5e f4 df ea 10 3f ec c6 17 7e c8 a5 4f 0c ee 7d c5 81 a0 45 94 7c 5a 82 9e af dc 43 15 87 36 a2 88 8b 81 1a be e4 03 00 b1 c1 40 c1 02 5f 6b ef 70 93 a4 bf bd Data Ascii: 'v``p2<I=fgZz-bO-!( &R}3`zS0#@cA`=`z;6$J,9wu [2:vo3MK3y2WU"k>.HLM`;O:)T5].$^?~O}E\|ZC6@_kp
2024-10-24 09:44:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.16	49834	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	562	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	225	IN	HTTP/1.1 429 Too Many Requests Content-Type: application/json X-Cloud-Trace-Context: 8603c79891ed396c5e78e93936abe094 Date: Thu, 24 Oct 2024 09:44:00 GMT Server: Google Frontend Content-Length: 153 Connection: close
2024-10-24 09:44:00 UTC	153	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 20 7b 22 63 6f 64 65 22 3a 20 22 52 65 63 61 70 74 63 68 61 52 65 71 75 69 72 65 64 45 72 72 6f 72 22 2c 20 22 6d 65 73 73 61 67 65 22 3a 20 22 50 6c 65 61 73 65 20 72 65 2d 73 65 6e 64 20 72 65 71 75 65 73 74 20 77 69 74 68 20 61 20 76 61 6c 69 64 20 72 65 43 41 50 54 43 48 41 20 72 65 73 70 6f 6e 73 65 20 69 6e 20 74 68 65 20 5c 22 78 2d 72 65 63 61 70 74 63 68 61 2d 72 65 73 70 6f 6e 73 65 5c 22 20 68 65 61 64 65 72 22 7d 7d Data Ascii: {"error": {"code": "RecaptchaRequiredError", "message": "Please re-send request with a valid reCAPTCHA response in the \"x-recaptcha-response\" header"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.16	49839	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	676	OUT	GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: de168ac8c9ab60739686a0fce48c3836 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:54:20 GMT Expires: Sat, 18 Oct 2025 09:54:20 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517780 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:00 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a b6 0d 0a 30 30 30 30 30 30 30 31 0d 0a b2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7e 0d 0a 30 30 30 30 30 30 30 31 0d 0a ef 0d 0a 30 30 30 30 30 66 65 64 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001[00000001[00000001w00000001000000010000000100000001~0000000100000fed
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: fe d0 db 23 ca cb 94 a4 8a fd c9 5f 1b da d7 80 3f 19 51 aa 81 7e e6 07 03 38 85 30 cd c4 ee 79 3e ca e7 41 a6 bc c1 90 fd c2 ff f4 65 7a ac 4c 14 fb 8d ff e4 c3 63 1c 5d 27 30 80 0b 91 c9 15 fb cc dd 5f f9 a3 c1 5f fe 70 e7 c1 23 88 81 08 dd 9f 5b ad 9f fd 0b b1 ca ed 5f ff ed e1 e8 c3 c7 a3 93 a3 f5 da 71 3c af ef 1c 2b eb e6 e6 59 e8 8d 3a be b3 f3 6b d7 71 98 94 c0 5e 2e 25 24 d7 c6 d3 75 fe 72 76 7e f1 c3 20 8e dd df 3c 3f 13 8b 38 08 85 fb 68 70 76 f6 d7 03 ff e1 4e df f5 06 67 c3 9b cd 7a f8 68 c6 9c b3 b3 07 2d a7 36 6a 7b b7 eb 92 3f 9e ff b0 ef f6 f9 d9 d9 99 eb ad 1b 60 5f 03 06 50 03 86 1e 21 7a d0 c1 08 c7 db 71 1e 38 e0 9b e4 0f fa 07 be b6 a7 dd 65 1a 4d 1a 6d 96 48 7e e0 eb 93 b0 88 da 95 29 62 29 9d 05 6c 50 34 7a 9b 1f 26 70 96 59 30 8e Data Ascii: #_?Q~80y>AezLc]'0__p#[_q<+Y:kq^.%$urv~ <?8hpvNgzh-6j{?`_P!zq8eMmH~)b)lP4z&pY0
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 33 98 a1 c4 1d b3 15 5b 82 36 12 74 e9 26 ee 8a 8d f1 49 f6 32 30 9c 2f fd c6 ac 0f c3 c4 c7 70 82 6a 94 b6 a7 dd 19 c4 02 3b eb f4 c6 08 31 2f 36 13 18 1f 94 7a c2 aa a6 01 b7 b8 f4 88 57 23 90 6f a2 69 74 0e 7b 50 1b 82 d2 8d a8 7f f7 ce 39 bf 86 25 76 b7 f0 28 17 7e 17 54 c0 b5 3a 96 d1 58 ce 24 f6 10 d3 73 50 3f 97 41 12 52 a2 8f ef 3b 46 5d b7 5a b0 2b d5 28 ac eb d2 79 ac 42 34 82 9a 42 95 6d 88 c7 08 be a8 e6 07 aa af 2f 44 ca 9a 97 3a 20 01 33 de b8 e9 36 7f a6 cf f5 da ee b7 d6 d7 fc dc 6a 7d 26 79 91 e4 e6 e0 cb dc 3f 69 6c 5f c8 ee a1 e7 4b 91 4b 17 b1 3b a5 0d 76 72 e3 a3 c2 0d e2 66 dc 15 9c fc df 16 21 11 a1 dd 71 64 c4 6c 59 95 84 ae d7 3f 31 b8 37 9e 58 fb 10 13 4e 25 52 da 69 46 7c 30 54 92 45 42 93 d2 fe ca 88 c1 2b ed 40 8a a5 b7 b8 d5 Data Ascii: 3[6t&I20/pj;1/6zW#oit{P9%v(~T:X$sP?AR;F]Z+(yB4Bm/D: 36j}&y?il_KK;vrf!qdlY?17XN%RiF\|0TEB+@
2024-10-24 09:44:00 UTC	462	IN	Data Raw: 3f 5d af e7 d5 b0 39 0a db 7c b4 5e 2f 35 68 29 71 59 97 a7 f1 52 b8 34 76 b6 5e 2f aa b1 b8 da 69 f2 cb f5 7a 54 81 70 c7 d3 e4 17 44 35 90 d9 6e 14 0c 53 0c 16 20 3c 31 0f ca 8d d4 1f 05 9b 5a d6 6e 62 23 b2 99 7d 50 2d f3 70 9b 48 0a 91 78 a6 84 88 9b 58 55 78 5b 49 5b 3f 3b d5 05 a9 71 09 18 69 c0 ac 04 cc 34 e0 bc 04 5c 6a c0 75 09 b8 b0 8a 21 36 3a 4b fd 24 39 0a c1 e5 ce 4b e2 06 f6 ad 0c ee b1 bd fe 95 ac 64 0b 87 33 0c 30 b5 de 32 8d 75 e8 be 53 e0 a2 0c 59 50 25 9c 25 74 c3 de 48 73 d9 1b e5 8a 2f 4a f9 fe 90 3c 84 84 7d b3 05 14 67 2b a9 55 b9 3c 09 96 ae 00 94 55 20 85 c1 d0 d9 ba 1d 10 1b 75 5b fc 2e d4 2f 4a 5a 68 9f 57 62 f4 13 31 c5 9c e1 5b 59 87 44 df 92 6f 1e 54 73 55 fd c1 30 d7 6a 87 5d d7 c8 3c 69 50 aa 9e df 20 89 41 49 bc 5e 43 80 Data Ascii: ?]9\|^/5h)qYR4v^/izTpD5nS <1Znb#}P-pHxXUx[I[?;qi4\ju!6:K$9Kd302uSYP%%tHs/J<}g+U<U u[./JZhWb1[YDoTsU0j]<iP AI^C
2024-10-24 09:44:00 UTC	1278	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a 18 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9d 0d 0a 30 34 37 34 0d 0a 4a 61 81 89 32 e8 6b 0f 30 12 96 ea 89 f0 0d 3e 0a c3 f1 0a 87 c7 9d 9d 45 db 28 68 ad 08 1e 03 23 a9 72 cd 9c 44 7c 91 78 87 50 db 0f e5 87 db 63 e4 3c 4b af d5 a0 c2 d5 79 0d 39 8c cd e6 bb 47 0f 1f 7e d7 78 d8 f8 3f ba d9 4f 72 41 ed 83 74 b1 ca a2 d9 5c 36 f6 da 9d a7 8d 37 69 3a 8b 45 e3 dd bb 03 ea 3c fe f0 ea f3 ee 3b 3d 78 f7 ed 04 57 7b d1 34 12 Data Ascii: 0000000100000001j00000001-000000010000000100000001'000000010000000100000001R000000010474Ja2k0>E(h#rD\|xPc<Ky9G~x?OrAt\67i:E<;=xW{4
2024-10-24 09:44:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.16	49837	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	676	OUT	GET /gui/36796.52ea6edb5c8ac00adeb8.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e3b00d85576c0d37a31e3c0fe71a2e28;o=1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:01:31 GMT Expires: Sat, 18 Oct 2025 10:01:31 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517349 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:00 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 62 34 33 0d 0a 6f db 38 16 fd 3e bf 42 d6 66 0d a9 96 15 29 4e 1c 57 2a ed 76 32 ed 22 98 16 2d fa c0 2c d6 f5 4c 65 89 8e 39 95 49 0f 45 35 f1 da fa ef 7b 28 4a b6 93 14 c5 7e 58 6c 81 c6 12 45 5e 5e de d7 39 97 76 59 50 ab 50 92 a5 ca 8e 9d 82 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001X00000001k0000b43o8>Bf)NW*v2"-,Le9IE5{(J~XlE^^9vYPP
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 97 10 4b 69 56 58 b7 2c a3 3a 8f 15 bd a1 b2 b0 94 b0 50 1a 52 38 cd f6 6c 2e 54 7f 9e 14 2c b5 23 fb 3a cf e9 4d 92 37 6b c7 c4 0a ee 46 81 e5 60 8a 95 58 f5 24 2b 15 19 b5 d6 02 b2 5c 2c 66 fc 5b 92 b3 ac 5f 6f a6 05 98 77 23 c0 ae bc 94 bc 49 d4 d2 87 6e 42 c6 0d 26 2d a4 58 5d 2d 13 79 05 49 87 6a af 61 6a 7b 70 d6 fb 84 df 50 e3 b1 64 aa 66 47 15 0a 25 55 a7 95 b1 1a ca bd 5f ac 73 a6 1c fb 39 fc 96 53 6d 48 db 8e a9 9f 53 7e a3 96 e3 b0 db 75 38 a1 d3 60 d6 c3 0c 4f e1 31 9c b5 36 17 0f 02 a8 95 39 9d 35 92 54 23 26 46 fd 71 62 f8 22 76 e9 94 cf 88 44 fa 71 88 69 32 19 58 e8 28 68 22 e9 3a 4f 10 2e a5 67 fb b6 eb b6 9a e1 19 1a fb 7f c2 68 8e fe d0 2e e3 3d 51 99 2d 17 f7 14 d1 21 66 4e 12 d4 1b 43 69 40 9b 3a bd 0c 02 e0 d7 78 1c 7a aa 47 f4 80 74 Data Ascii: KiVX,:PR8l.T,#:M7kF`X$+\,f[_ow#InB&-X]-yIjaj{pPdfG%U_s9SmHS~u8`O1695T#&Fqb"vDqi2X(h":O.gh.=Q-!fNCi@:xzGt
2024-10-24 09:44:00 UTC	601	IN	Data Raw: 6c a1 5f 68 26 7e b1 10 fa 92 cd 4b a5 59 78 b6 9f a9 67 08 9e 6f ac 75 22 55 bb 64 3f 55 87 ab 84 15 ea 33 b6 c5 d8 44 95 df b6 de 2d 7f 07 e5 ae d9 b7 a1 5b fc be ed eb 1a c9 27 32 92 bd 2f 27 5b 5d b4 18 4f f3 12 39 58 33 1d 34 5d ba 22 18 6a 77 8a c0 f9 dd c1 15 d1 57 a6 76 2b f1 ef dd aa d8 09 77 87 78 22 d3 17 fd 7f cd 5c 10 72 bb 7f d2 b5 1f 00 58 15 9d 6c 79 15 7f 41 af 60 43 ef 72 9d e1 ae c5 c0 88 61 4e 68 73 bd d0 05 4f 6d c0 1e e5 aa bd 1a f1 6b 6b 6a 8f ee dd a0 96 ac f0 17 fb fc 6b 5e 89 6e 73 90 18 6d e7 5b 5b 01 65 d3 ab bf 37 b6 a2 26 4f 13 04 d5 f7 10 e3 7f 00 12 1d e0 03 94 7d 08 84 08 2e 4a 50 53 5c c4 13 72 5c 5f 71 e1 56 62 4e 25 32 d5 5c 2b a1 e1 32 b4 c5 dd a2 26 80 52 37 ba 72 d0 d1 23 ae ee ee 2f 18 b6 45 24 3c 1e ed cf b1 c7 64 Data Ascii: l_h&~KYxgou"Ud?U3D-['2/'[]O9X34]"jwWv+wx"\rXlyA`CraNhsOmkkjk^nsm[[e7&O}.JPS\r\_qVbN%2\+2&R7r#/E$<d
2024-10-24 09:44:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.16	49840	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:00 UTC	676	OUT	GET /gui/22232.91445a0c09a3242fac1c.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:00 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 7cae9e9d43fdc5a448c5d90e956e2698 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:58:31 GMT Expires: Sat, 18 Oct 2025 09:58:31 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517529 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:00 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 66 66 39 0d 0a 00 02 ff ec 5c 7b 93 db 36 92 ff ff 3e 05 c3 6c bc 62 96 e4 90 d4 9b b2 c6 eb 57 65 5d 9b 38 5b 19 3b 5b b5 3e 57 c2 07 28 31 43 91 5a 92 9a 47 64 7d f7 fb e1 45 82 94 66 ec bc ee b6 ae 66 e4 19 49 68 a0 bb d1 dd 68 34 1a 4d eb bb 8a 68 55 5d a6 51 ad 2f 06 15 c9 12 fb 9a 84 db 20 ba 7c be de e5 97 57 f5 0f bb f4 87 4d 90 e6 cb 7b 60 1f 3e bc 7b 6f d8 db 5d b5 1e bc 7b e7 79 de d0 7b 6f ee bd a9 37 75 fc 01 31 4b b3 32 96 e7 fb ca 8e 07 a5 b9 8f 2e fd 01 be Data Ascii: 0000000100000001000000010000000100000001000000010000000100000ff9\{6>lbWe]8[;[>W(1CZGd}EffIhh4MhU]Q/ \|WM{`>{o]{y{o7u1K2.
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 95 d1 da f1 c9 f8 ae 78 64 7c 3b e1 8f 3f 62 9c f0 76 d5 3b bd 1d ca 7c 1d 6f 39 f6 c6 26 00 27 76 0c ee a8 4f 13 6a d7 4c 43 49 71 d3 bf 23 a1 66 87 e1 38 a5 9c 7e fd 7c aa 76 f5 3d 0b 4a be 97 32 33 69 2c 95 3a fd 72 51 5d a7 75 f4 87 5a eb 3e 0a 10 0b dd 13 75 c0 03 e9 d8 19 06 96 15 56 c2 06 0c 7d 11 62 e3 b8 5c dc 31 b6 d5 4b 67 30 d3 8d 15 ae 4c ad c1 c7 9b 98 da c9 66 bb 0e aa b4 32 3e 86 9d 2b a3 83 59 28 a4 19 89 b0 2b d8 65 75 a7 cf b6 4c 37 08 41 0c fd 20 3c 51 d9 ea e0 7b ba 25 dd b9 4c 45 24 d3 da ff 1d 01 8b 34 8b 36 84 11 34 79 0c f3 1f a1 4b b1 c6 94 e0 e3 d3 55 29 c6 b6 4b ec fe a1 52 4f 62 98 94 0e 5d 34 62 60 a3 26 d1 45 8a 8b 76 69 b5 54 22 da 41 34 23 b7 a7 81 63 16 f6 ba de 64 c6 20 fb f0 61 90 2d 93 1f b5 c7 71 7a a5 b1 e8 68 a9 97 Data Ascii: xd\|;?bv;\|o9&'vOjLCIq#f8~\|v=J23i,:rQ]uZ>uV}b\1Kg0Lf2>+Y(+euL7A <Q{%LE$464yKU)KROb]4b`&EviT"A4#cd a-qzh
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: e3 0d b5 37 6b a2 60 7a ba ab d7 45 59 b1 de 5f a7 88 32 2b 9c b4 68 98 57 6a df bc 7a a3 10 48 eb f5 0e e1 1c 50 d7 d7 61 75 d6 50 3b 0b b3 22 3c a3 b7 61 67 b8 d5 78 f9 fa e2 25 23 7d e6 97 e0 67 cf 72 0c 21 0c cd d7 3e 77 c2 51 1c 07 0b d6 94 e6 71 ba 2a d0 38 99 b8 4e e2 f1 c6 ed ae dc 66 b4 e7 24 19 79 91 2b 1a d3 fc 92 0e 66 3f bc a9 24 31 5a a2 b1 37 f2 1c de 82 0b 22 5c 2d a0 91 8c a7 43 47 34 de 92 2c 2b ae d1 98 44 64 3e 99 f2 9e ab 92 90 1c 6d c3 79 10 8d 22 de 56 93 20 43 93 e7 44 f3 b9 e8 16 dd 06 b4 97 37 9b 86 e1 98 f7 0a 33 9c 39 d1 06 46 78 c3 f5 1a a7 4b 34 24 49 22 71 07 b7 f8 3e 61 3f 6d 13 72 2c 25 1d 38 64 3f 4a 3b 1c 11 1d 3e a7 2f a5 19 3b 1e 6d f6 e8 4b 69 c6 bc d0 4c 26 f4 a5 34 8f 58 73 c4 7e 94 e6 31 6b 0e 87 f4 a5 34 4f 58 f3 Data Ascii: 7k`zEY_2+hWjzHPauP;"<agx%#}gr!>wQq*8Nf$y+f?$1Z7"\-CG4,+Dd>my"V CD739FxK4$I"q>a?mr,%8d?J;>/;mKiL&4Xs~1k4OX
2024-10-24 09:44:00 UTC	318	IN	Data Raw: 98 50 4e 65 de d5 8d c6 c5 77 02 37 69 be ab c9 9d e0 35 42 13 4e e7 ce 2e 71 80 7d 9e 72 72 67 0f c4 1c f5 fa 23 7d 6e 69 f0 c1 d0 b4 a2 50 26 ce ef bf e8 3d 98 15 ee ea ba c8 f7 62 c3 a7 f7 9d 4a bf 8a 65 ba ac d6 ef ef a5 e8 a8 8c 02 38 42 c4 45 3d a1 f2 ad b5 ba 0e 50 c9 20 85 79 92 09 a4 c3 89 b5 db d2 24 b2 e4 82 2a dd 6f 36 2c a1 25 85 14 67 16 0c b2 b1 a8 af 45 8d 55 81 8b 3c 3e 87 4f 1c 8d 3c 38 ce f9 55 d5 b7 a6 10 95 11 d8 ac 60 20 4a 72 82 d6 3d 6c 8b 14 57 69 37 d4 89 8b 2d a4 6d a5 ae 7b 3c 9d 34 9b 4b 0b d9 20 0d 31 9d d0 2b 62 ee b4 5b 08 f5 5c f3 39 32 fe 47 10 e6 cb 71 c2 3f 05 62 30 9c d2 b6 37 07 9b dd b8 ed 39 5e 7a f9 66 09 7b b7 6e a8 fb 99 60 b9 08 d4 1d 20 f3 4d c3 1e b0 5d 67 0e 6e 09 bb 03 19 ec 38 4a 64 48 85 43 53 f6 0f 04 88 Data Ascii: PNew7i5BN.q}rrg#}niP&=bJe8BE=P y$*o6,%gEU<>O<8U` Jr=lWi7-m{<4K 1+b[\92Gq?b079^zf{n` M]gn8JdHCS
2024-10-24 09:44:00 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5d 0d 0a 30 30 30 30 30 30 30 31 0d 0a f0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 0d 0a fa 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 63 0d 0a 30 30 30 30 30 30 30 31 0d 0a c1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0e 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a dc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 31 0d 0a 30 30 30 30 30 30 30 31 0d 0a f1 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 31 0d 0a 3f Data Ascii: 00000001p0000000100000001]0000000100000001Y00000001000000010000000100000001F00000001c000000010000000100000001000000010000000110000000100000001000000010000000100001?
2024-10-24 09:44:00 UTC	325	IN	Data Raw: 1e 11 34 25 3f 6d 79 cf 43 e1 90 a8 34 7a 28 1c 7a 28 1c 7a 28 1c 42 c2 91 3b 0c 71 e0 7c 28 1c 7a 28 1c 7a 28 1c 12 8b 81 9f 72 65 11 fe ff 55 e1 50 80 ff 0f 09 cf 7f fa dd f4 1a 2b 3c 64 80 7e ca 89 41 44 4e 90 a5 37 f8 dd 7d 5b e6 c2 6b 5a 02 9f 95 2d f2 74 57 17 9b 72 dd cc 00 bd fa 46 e3 10 b0 ab 81 77 f4 31 b4 f7 06 ff cc 1e 76 c6 79 fe 6e 90 a0 c7 27 23 cb 60 58 4e a1 cf da 43 31 94 28 da 7a 28 86 fa 6d c5 50 ff f1 b5 4e ca ed 7b 5b c6 f0 e9 25 2d ca f0 ee 2d f5 fd 97 f7 27 86 fd fa 4b 68 a5 28 e7 ff cb 4d 31 bb 8a e4 25 4d 7b f6 99 56 4d c2 cd b1 e7 73 db cb c0 df 72 3d 79 ef 65 1e 7d 82 57 b9 b0 43 35 40 34 70 6d 8f 55 20 69 7f d1 ec e1 d5 75 37 01 cd bc a8 60 f8 de 7b 5f 59 33 a0 64 fe f1 9f 29 a0 ea 0e a9 ff 1e 55 14 02 f4 2e 12 7f b7 04 76 27 Data Ascii: 4%?myC4z(z(z(B;q\|(z(z(reUP+<d~ADN7}[kZ-tWrFw1vyn'#`XNC1(z(mPN{[%--'Kh(M1%M{VMsr=ye}WC5@4pmU iu7`{_Y3d)U.v'
2024-10-24 09:44:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.16	49841	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	676	OUT	GET /gui/34894.ada184a092746870eefc.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 0f1c8482986af67dfa39f955e1096748 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:12 GMT Expires: Sat, 18 Oct 2025 08:45:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521929 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 66 66 62 0d 0a 00 00 00 02 ff dc 5b 5b 77 db 48 72 7e cf af 80 11 1f 2d b0 03 40 a4 2e b6 04 19 d2 78 64 4d 56 bb f6 c8 c7 92 f7 6c 22 2b 34 48 34 49 58 20 c0 05 9a ba 84 e2 7f cf 57 d5 dd 00 48 4a 96 77 33 c9 43 ce 9c b1 c1 46 77 a1 aa ba ee 55 b6 67 95 b0 2a 59 a6 03 69 1f 38 95 c8 86 c1 ad e8 4f e3 c1 f5 f1 78 96 5f df c8 de 2c ed 4d e2 34 8f be f3 ee e1 e1 f2 ca 0d a6 b3 6a ec 5c 5e 6e ef ec ed ef 78 af f6 b7 f7 5f 7b 5b bb 3b 5b db de 5e 77 67 cb db db dd ef 5c 79 f3 9d d7 dd fd d7 a1 23 3d e1 e5 6e 74 38 cf 83 c4 11 de fc 4f a1 83 5f e5 c2 3d 18 64 71 Data Ascii: 000000010000000100000001000000010000000100ffb[[wHr~-@.xdMVl"+4H4IX WHJw3CFwUg*Yi8Ox_,M4j\^nx_{[;[^wg\y#=nt8O_=dq
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 5c 65 4d 60 84 ad 71 7c 23 ac d8 5a 93 7a c7 b5 26 42 8e 8b 24 b0 dd 85 e3 2e 8c 52 59 8a 9a 39 6b 00 84 ec e1 41 1c 4a 2d 74 24 90 02 9c 56 22 e8 1e 90 ec 2a f5 eb 78 65 a4 b4 15 52 99 bf 11 07 f9 4f 3f b9 e5 65 7e 15 49 fc a1 af d0 2a 17 b4 fb 2c 32 df 52 0e c5 2b 95 96 41 c7 a2 d8 dc 86 fe 06 6c 5a fa 66 fb 48 84 4a bf a3 f2 a8 8c 94 20 04 23 21 cf 6e f3 8f 25 1c 49 29 ef df 89 6a 50 a6 53 f2 31 e4 a3 c2 92 94 d8 56 9c c0 cd 6a 01 fc 24 86 e4 10 36 36 6c 83 c2 da bb 20 11 83 02 86 41 b8 71 a4 b7 d7 4b 35 be 07 b5 ea 12 41 55 cd 12 bf 7b 50 1d 46 9d 83 ca f7 5d 07 7a 78 59 5d 11 cf e2 c8 21 2a 0a 27 76 c3 f4 90 1e 80 a3 87 1f fc e0 42 83 62 23 e6 16 de 6f 6c c4 1b 1b 9a 4a 65 c7 0c 95 fa 9c 17 2f 0e 58 fe ad b7 d1 3c 29 c8 d1 57 bd 41 31 cb 65 68 bf 53 Data Ascii: \eM`q\|#Zz&B$.RY9kAJ-t$V"xeRO?e~I,2R+AlZfHJ #!n%I)jPS1Vj$66l AqK5AU{PF]zxY]!*'vBb#olJe/X<)WA1ehS
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: ef fc 5d 6b 42 7f b4 30 b4 8a 1b 51 0e b3 e2 d6 1f a7 49 22 f2 e6 fe f5 77 7d fa ae b1 a1 93 ca 8f 67 b2 80 15 55 fe ba 16 0a 59 c8 38 fb a4 30 fd 15 07 ea 17 1a 0a ad bd 4f 2b c4 8f c4 64 bb 16 98 f6 47 8c d0 80 89 54 34 60 49 e6 e8 d0 33 66 ad 78 9c 77 2d 1b 57 18 1b 57 40 7b 10 af d6 47 e3 67 8f c6 e6 68 bc cc 72 32 ea 4a ab 44 3e 43 c2 4d 21 10 f2 e4 99 e6 fd 61 a7 cd fd 5b 70 ff 76 95 fb 14 e2 0b 3f 29 64 e5 d3 41 cd e2 95 55 8b 81 2e f1 67 65 87 e1 0f 29 55 8d 85 1b b6 c2 af 97 f8 fa 4b 7c fd 2b 82 39 a0 bd 60 16 40 c0 2f 54 64 43 41 a7 2e 59 e8 a4 0a ba 54 a6 88 b2 df ba d0 c8 a9 03 ab 73 38 a7 e2 55 1e 9d 23 c3 42 7d 0b e5 c0 cb 8e 49 5b bf be 9c e7 97 dd ab 45 88 58 46 5e 96 57 8b af 88 1a 83 6f b0 9e 8e fd 25 47 f8 ae 4c 37 27 0a 55 f3 b1 16 82 Data Ascii: ]kB0QI"w}gUY80O+dGT4`I3fxw-WW@{Gghr2JD>CM!a[pv?)dAU.ge)UK\|+9`@/TdCA.YTs8U#B}I[EXF^Wo%GL7'U
2024-10-24 09:44:01 UTC	291	IN	Data Raw: ee a3 e7 bb ed f3 dd ab f0 d2 26 72 6d cf 06 51 f8 93 70 b7 31 5d c3 e9 65 1e 1d 3a 73 f8 4c 2a ed 87 d2 2b d8 83 86 b9 97 c5 7d 0c 7b 08 24 74 10 7d 4e b3 6a 82 2e 88 20 c5 49 4e 65 a8 ec 8f 1b 47 52 a3 72 5a 4a 80 a0 c4 28 69 62 13 14 19 56 10 33 29 08 2e 21 8e dc 09 27 ef fc 6f 65 31 9b 56 de 04 2b e8 99 50 44 9f 78 c3 28 53 48 d1 38 46 fd a4 79 27 03 8d 25 7f 4a e1 49 e3 04 28 8c 02 53 fe 9e 01 64 d8 85 c6 6f a0 9a 20 03 78 ae 41 74 57 37 41 30 a7 e3 a3 87 cd d9 c4 72 5f c3 42 55 35 f6 15 f8 3a eb 30 80 cd 82 ee a2 a8 5d 48 6c 38 75 6e ca e6 42 65 5f e9 10 7d 2d 1a f4 70 d1 88 f7 5e bc 88 bd 82 1c 28 0f 83 b4 62 7e 59 7c 9e a2 4d 7c 8c d6 9b 43 1d 1f fc ef 7a a3 e8 6b 5f e6 fe cb f9 07 c4 2c 41 19 e7 e8 a4 3a 50 c6 42 05 74 78 a4 82 11 cf 25 38 5b ee Data Ascii: &rmQp1]e:sL*+}{$t}Nj. INeGRrZJ(ibV3).!'oe1V+PDx(SH8Fy'%JI(Sdo xAtW7A0r_BU5:0]Hl8unBe_}-p^(b~Y\|M\|Czk_,A:PBtx%8[
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 10 0d 0a 30 30 30 30 30 30 30 31 0d 0a fe 0d 0a 30 30 30 30 30 30 30 31 0d 0a 53 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 31 0d 0a c0 0d 0a 36 63 32 0d 0a c5 7c 0a ad 7d b3 52 57 f4 89 13 94 e9 51 0e 58 65 05 8a 4b c0 71 34 12 ad 22 26 aa a6 b2 50 30 78 b7 49 5b 12 24 23 3e 8a 9e f7 b6 6a 34 e2 28 25 32 98 43 18 e5 a1 05 28 63 79 60 51 7f 2d 8b ef 43 ab 9f 15 03 f4 a4 48 c4 ac a0 2f 90 12 0b 92 3b 0a f3 4c 56 aa 6f 45 d1 ae be 5a d7 6b 5a 08 e2 04 f7 c2 0c 1e dc e5 4c ac 9a b4 e5 eb 35 65 55 f3 1a 10 d5 07 b4 f0 af 37 88 54 f3 4a 31 66 09 25 7d e2 90 8a 47 48 af 50 1e a3 41 35 8c 85 20 bd 32 12 17 a2 7d Data Ascii: 00000001k0000000100000001O000000010000000100000001S00000001016c2\|}RWQXeKq4"&P0xI[$#>j4(%2C(cy`Q-CH/;LVoEZkZL5eU7TJ1f%}GHPA5 2}
2024-10-24 09:44:01 UTC	427	IN	Data Raw: 66 59 cd 3b f0 22 6b a5 1a f3 c1 d5 06 db 68 58 61 fd 49 aa 03 1a 86 5a a1 dd e8 b4 85 0c 2c 97 da 02 70 bf 71 4d 1b 96 09 62 58 3c 4e c7 60 2b 4b 8e 15 e8 76 42 8a 06 82 46 c8 34 53 e7 4b ce a1 56 ef a7 ef 10 88 ad e8 74 eb 56 6a d1 ec f0 15 30 53 78 3b 5c cb 2d 58 c2 0b 18 be 59 d1 71 88 52 9a 1b db d1 b8 00 cc 5d 20 2b 50 54 68 59 53 33 93 c6 79 10 67 4d 63 93 54 3c 5f b7 d5 f1 10 30 14 08 ed 42 42 eb 0f 0f 7f 60 44 96 9d 88 f1 47 66 55 8b 75 a3 0d ad de 26 9b 59 8c ce 29 c0 4f c9 cf a3 32 f2 3d a1 5a 91 9f dd 46 7e 68 4e cf 30 a2 b6 b2 db 1d e3 19 34 77 90 49 c2 26 2f f9 55 df 70 4c 2d 13 c7 da 53 3b 4f 5c ff 77 ae f8 7b 92 f1 94 55 37 2c fd 61 6f dd 46 b1 85 af 9a 9b 52 7c 60 f5 b8 e5 91 3a 14 56 8a cc 08 36 5a ba f5 10 9a da b9 ee 1e 9e c2 f3 7b b4 Data Ascii: fY;"khXaIZ,pqMbX<N`+KvBF4SKVtVj0Sx;\-XYqR] +PThYS3ygMcT<_0BB`DGfUu&Y)O2=ZF~hN04wI&/UpL-S;O\w{U7,aoFR\|`:V6Z{
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
77	192.168.2.16	49842	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	522	OUT	GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 6e4a2739c0714617b9a5a005ae1796ba Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:48:06 GMT Expires: Sat, 18 Oct 2025 09:48:06 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518155 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 31 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 02 ff cc 5d 6d 73 db 46 92 fe 7e bf 82 e6 5d a9 88 32 17 11 25 f9 25 64 60 af d7 56 bc da 8d e5 54 24 27 77 e7 f3 a1 40 12 92 10 51 80 0a 00 e5 a8 24 fe f7 ed c1 bc f5 74 cf 40 4c ce c9 25 1f 62 61 fa e9 ee 67 66 7a 30 33 0d 70 30 5c 37 f9 a0 69 eb 62 d1 0e 67 a3 26 5f 9d c5 9f f3 f9 75 b6 b8 7c 7d b1 2e 2f 6f da 74 5d a4 57 59 51 26 3d b2 fb fb 8f 9f a2 f8 7a dd 5c 8c 3e 7e 3c f8 7a ef d9 de a7 f1 5d f7 ef f4 6c 5d 2e da a2 2a 47 c5 38 1b b7 d1 9d be 1e a4 a2 24 ba bb c9 ea 41 9b 0c d7 e5 32 3f 2b ca 7c 39 7c 94 b4 b7 d7 79 75 36 38 b9 bd 9a 57 ab 9d 9d e2 a3 fc 2b 2e da bc ce da aa fe 74 7f 5f 7c 1c fe f5 af fa 7a f8 69 56 9c 8d 1e 81 71 f8 e7 55 5d 67 b7 71 d1 74 ff 8e 8a e8 fe 7e d4 26 da a9 74 09 a8 a2 Data Ascii: 001000]msF~]2%%d`VT$'w@Q$t@L%bagfz03p0\7ibg&_u\|}./ot]WYQ&=z\>~<z]l].*G8$A2?+\|9\|yu68W+.t_\|ziVqU]gqt~&t
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 1f bd 3e 7a ff e1 c4 a3 6c 85 4a f9 a9 ab fc ee d5 77 41 5d 23 9b e9 10 34 0d f1 e1 f8 87 c3 d7 ef df 1e 1f fd f7 e1 1b 34 9e 16 9e 46 65 ad a6 9a 93 35 b3 24 68 e1 b2 bd 28 5a 35 2f 05 db 16 a4 0a 56 32 a4 4a b6 71 a8 92 95 30 25 d3 2a 54 c7 08 86 a4 bd 86 3a 90 50 4b 89 69 8e 86 9f ad ba 52 50 1e 06 bb 94 b8 d3 34 83 03 2a b6 55 d6 16 9e 53 88 ad a0 86 4c f6 28 c6 54 c8 40 9e 92 9a 89 89 d5 8c a8 b5 a7 4a 6a 44 9d 1c c2 c8 39 3a fd 2f 36 a4 56 31 15 49 12 6a 4c 19 e1 f1 fb e3 43 13 dd 48 49 94 4b 0d 35 a2 8c c6 77 ef 7f f2 29 40 b1 c4 eb 51 64 14 de 1d be 39 fa f0 ce a7 23 25 4a 4d 8d 1f a3 f6 f7 a3 b7 7f f7 29 89 72 da 5a ab 38 30 6e 6e 3c 4d 87 6a e9 86 c3 d0 f8 d6 71 25 a9 21 05 d1 2c aa d3 2c ba 6b 43 06 85 06 61 48 d1 76 0c 28 5b 81 61 55 b3 31 b8 Data Ascii: >zlJwA]#44Fe5$h(Z5/V2Jq0%T:PKiRP4USL(T@JjD9:/6V1IjLCHIK5w)@Qd9#%JM)rZ80nn<Mjq%!,,kCaHv([aU1
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: ba 90 75 d8 8c 97 b9 5c 5d 8b 87 b0 72 21 09 cf 28 cd e3 32 78 fe 6a d7 cd 3f e4 19 3c 36 83 07 30 e2 19 1c 2d 86 05 e5 4c ac cf 53 f5 04 02 16 72 d9 cb 56 2c d1 a7 6d 7c 5d 35 8f 33 b5 07 cf 13 f5 c8 26 6b 1a d8 3c 8c ee 36 e3 73 f9 30 29 77 17 be c9 c7 4f e3 1c 2d 45 e1 7a d6 99 fa 26 75 16 bd 6a b1 1b cd f4 b3 8b 17 2f 5e ec ab e7 17 93 29 2c 95 e9 8e 1f 1e 8d c9 5b 4b 34 9b c3 1e e0 52 66 ea f6 14 94 ac cc fd e0 7d 00 3b ab 74 f9 d4 bb d5 b7 1b 78 be 82 4c 1f 00 da 2e a9 7b a1 4f 00 8a 96 bf e0 bd bb 63 38 e6 9e 4a 8c 19 f7 62 b5 eb 05 3e 23 40 bc d8 93 eb 5a af da 73 a2 c6 16 a0 5e ad af 89 16 76 06 d3 85 4c 69 78 35 27 bb 44 95 2e 1c fd 5a a2 6f f1 68 63 cb 42 bf 9a e8 67 ac c6 16 7d 7e 35 d1 e3 ae 1a 5f ce f9 35 45 ef 63 4d be 54 f3 eb a9 50 30 dd Data Ascii: u\]r!(2xj?<60-LSrV,m\|]53&k<6s0)wO-Ez&uj/^),[K4Rf};txL.{Oc8Jb>#@Zs^vLix5'D.ZohcBg}~5_5EcMTP0
2024-10-24 09:44:01 UTC	232	IN	Data Raw: 91 43 82 4e 79 ca 85 b9 e4 10 e2 90 03 82 ee 54 2e 85 f9 d0 39 16 77 08 eb 84 0c be 41 ca 5b 84 cd bb 98 7b 88 2e 92 e4 50 1a 85 92 f1 27 51 8c 1d 9e e7 d0 f7 25 26 f1 58 b6 29 0a 5d 47 70 67 0b 0d 39 5b e4 31 a2 b6 88 fa 77 17 c8 12 91 18 73 a4 dc b1 89 d6 17 c0 c5 dd d3 43 ad c3 62 b0 1e 16 86 5c 98 db 63 9f 23 2f c8 75 e7 85 3c e8 54 b5 43 d7 62 88 bb 31 a6 e4 01 57 4a ea 78 41 1b ea ce 2a ba 06 2b e8 ca d1 32 0e cd 6e 1b 5a 9a 16 82 3e 2d 72 8c f8 36 b3 1d 07 9f 00 8c f9 8a 1d 83 78 c2 d1 7b 5b 1d 5c 86 89 16 80 41 1f 3e 68 50 ed 5d e5 38 32 d6 e4 86 d3 35 25 77 a6 64 50 1b 0d bc 0b 64 e4 b0 90 10 c4 22 4a b2 67 9b a6 5d f4 40 a4 a3 1e 00 75 d7 bb 7b d3 0e 7b 41 aa 6e 7d 7b 32 0d 0a Data Ascii: CNyT.9wA[{.P'Q%&X)]Gpg9[1wsCb\c#/u<TCb1WJxA*+2nZ>-r6x{[\A>hP]825%wdPd"Jg]@u{{An}{2
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a ea 0d 0a 30 30 30 30 30 30 30 31 0d 0a 34 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 01 0d 0a 30 30 30 30 30 31 0d 0a d2 0d 0a 37 64 64 0d 0a 1e c3 08 e9 2e 2c 77 7c f9 c6 15 da 40 b9 b7 14 d3 ad 06 01 be 7a 2d 38 be 70 04 9a 7d 8b ae 8f b1 6d 24 aa d9 d8 86 c5 b1 b9 d5 ea bf f3 b1 15 12 7c 6e 85 eb de 0d 15 2f a2 7c 9f d5 6d 91 89 c3 6e fe 6c ef a2 78 5e 42 81 1d 01 db da b8 e9 3d ef 8e c5 64 b0 3c 52 d8 44 78 4a a1 19 3d a5 ca 7d b7 29 b1 3f 30 75 09 38 3b 16 b4 cd 74 ca 7f ff 77 4f 1e fe 3d d8 9f e7 9d 13 87 eb ef f5 ae 89 5e 36 c9 1f f4 ba 5b 3d 37 81 80 47 f9 6f 78 c5 84 cc 2e e2 a7 c2 6e e6 b5 db 1d 86 5d e2 7d 8e de 0c 9a 00 c6 dc 38 10 62 b9 1f 40 ee 48 dc 02 a1 ca 01 3d 19 20 b6 29 44 Data Ascii: 0000000100000001400000001000000010000017dd.,w\|@z-8p}m$\|n/\|mnlx^B=d<RDxJ=})?0u8;twO=^6[=7Gox.n]}8b@H= )D
2024-10-24 09:44:01 UTC	675	IN	Data Raw: f6 01 ae 82 0f be ed 82 62 4f 1d a5 96 8e 2d 21 c7 cf 01 28 ea 20 92 9a 26 c8 1e 52 7d 02 aa be c0 00 33 be 60 7a c8 dc 53 30 87 23 40 b2 c1 81 d2 63 41 9f 60 03 8d e9 3d c1 a6 f4 9d 60 d3 7a 3b 94 cf 36 aa a7 d0 24 a3 4a e0 2c 39 dd 8b e6 77 75 aa 20 82 13 e6 b4 cc cd c5 f2 5b 08 32 cc 85 e2 bc 3a 76 6f b5 33 18 97 09 cf bc d4 4d 4b 03 33 79 9f 32 e9 57 55 22 6b a4 3e 2e 84 c2 48 4c 4d e2 bc 7f b8 05 2a a4 aa 60 07 95 3b 4f fc 3a a2 0e 29 54 35 5d 04 2e f4 9f 24 e0 90 13 8d 10 5e f4 df ea 10 3f ec c6 17 7e c8 a5 4f 0c ee 7d c5 81 a0 45 94 7c 5a 82 9e af dc 43 15 87 36 a2 88 8b 81 1a be e4 03 00 b1 c1 40 c1 02 5f 6b ef 70 93 a4 bf bd 69 e1 b3 05 9e f5 94 8a 54 58 ad d8 a8 ed 7a 5a 4c ef ce 8c c4 23 ab 53 e2 c5 90 eb e2 85 8e 29 13 84 d2 69 17 49 26 bc 60 Data Ascii: bO-!( &R}3`zS0#@cA`=`z;6$J,9wu [2:vo3MK3y2WU"k>.HLM*`;O:)T5].$^?~O}E\|ZC6@_kpiTXzZL#S)iI&`
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.16	49845	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	676	OUT	GET /gui/59084.04d6b3360a5bc50128d1.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:01 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 7690cf29d877000297842104a4161905;o=1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:49:40 GMT Expires: Sat, 18 Oct 2025 08:49:40 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521661 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 66 66 33 0d 0a 93 db 46 8e df ef 57 d0 ca c5 2b e6 48 0e f5 96 a8 c8 89 d7 c9 d5 a5 d6 d9 bd 8a 93 fb 70 3e 57 96 8f 96 c4 1d 8a 54 91 d4 8c 27 b2 fe fb 01 fd 62 77 8b d2 8c 37 1b 6f 65 8b 9e 3c c6 0d f4 0b 8d 06 d0 68 80 dd 3b 54 c4 aa ea 32 8d eb de b2 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001=00000001k0ff3FW+Hp>WT'bw7oe<h;T2
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 92 04 cf ca 93 8d d0 d0 4b d7 df d0 ad 9b d8 fd 12 e4 24 df 1e 6c 32 b8 39 8e ca 98 03 7d 34 d8 c5 c9 b6 4f 27 27 f3 aa fa 21 23 d5 8a b2 f4 21 af c2 35 79 f5 e6 8d dd 4f bd 97 b6 93 d9 cb 7d ff 2d 80 6a 6f cf c5 20 8c 05 45 5d c0 a4 c7 c9 7e e7 dc 21 ac 2e b0 d4 e9 89 95 eb 39 77 45 9a 58 20 a9 ef 56 a2 89 f8 50 d5 c5 8e 8b 0e bb df 53 c6 e7 d6 e1 c6 95 75 b1 51 fb e4 4c e6 b3 f1 6f a0 44 40 87 8c fd 09 28 9c 4c d7 27 fe 6c 36 e4 fa 04 b4 89 b3 6f f4 c9 5d a7 4f fe 41 fa e4 b0 02 61 79 45 9f 50 6d 51 1e 62 d4 b2 f6 b1 3a 80 e6 ed 7b 9e 27 95 36 df 56 c0 2d 6f 90 6d 57 cf 06 27 a9 82 50 51 96 a8 94 99 22 4a 48 1d a6 b0 63 fe 33 dc a5 d9 83 ae 8e 0a a6 70 74 14 54 4a 68 04 3c 5b ad fa e5 2a f5 fe fc 93 17 1f 4a 68 be fe a9 22 25 68 59 c6 d1 00 2e 9f 3f 2f Data Ascii: K$l29}4O''!#!5yO}-jo E]~!.9wEX VPSuQLoD@(L'l6o]OAayEPmQb:{'6V-omW'PQ"JHc3ptTJh<[*Jh"%hY.?/
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: b0 2e 69 d3 bb 22 2f 2a b8 41 05 59 2e 5a 7e 55 24 84 b7 2c a1 ac c6 a6 0c 93 14 dc 8b 81 05 17 40 70 07 e1 8a 02 b8 db 84 45 d9 38 16 88 90 b0 2f 66 c6 e7 e8 7b 03 b8 37 6d 07 81 ba 67 5a 12 1d 2d 74 40 ec 84 1e 58 e0 1c ed 53 90 41 81 b3 0a 55 fa 0b 09 06 25 d9 99 2d dd 13 dc c6 81 05 5b 5f 01 e1 c8 dd 2d 07 0d 3c a1 df b0 7f 38 77 15 28 72 c1 52 00 15 ac d4 a1 00 b6 38 23 10 a9 28 00 c7 63 05 1e 6d a0 96 d4 84 d4 69 04 db 83 89 d3 f3 a5 16 02 50 f6 27 45 93 0e 69 e1 86 46 6a 88 b1 8e a6 a3 78 2c 44 a8 dc 56 ca 80 27 63 c7 9a 02 3f cd b8 26 6c 9a 60 a3 5e ac c3 75 c4 e6 a2 82 f8 e8 c7 a0 0c 86 13 a8 3e 9c 70 93 44 78 c3 e4 e8 a7 c3 69 3c e7 d4 d0 81 ac 8d c5 1c f4 89 8f ff 11 4a 43 62 d1 11 90 98 90 b5 59 5f 92 0f 69 3d 1c 41 ed a1 a0 f8 96 00 13 c2 05 Data Ascii: .i"/*AY.Z~U$,@pE8/f{7mgZ-t@XSAU%-[_-<8w(rR8#(cmiP'EiFjx,DV'c?&l`^u>pDxi<JCbY_i=A
2024-10-24 09:44:01 UTC	390	IN	Data Raw: e3 4a 4a cd 31 4a 2c 0b bc 0d 10 fb 0b 21 b8 a0 22 5d b0 17 1c b3 8d 16 0c 65 d3 b5 41 c5 b6 38 83 3d 66 1f 32 7b d1 3e 52 49 a7 8c 94 aa 12 2a ff 34 63 4a 9b 9c 72 e4 04 8a 5d a5 03 df e1 40 0d 95 ce fa 12 9d 4b 01 9b 0d 80 ed 36 6e 61 71 13 f5 13 0f 64 29 cd 3a 98 80 20 b6 3e 7c 53 8a d8 27 6a 2c 21 61 dd 78 4b e2 5b fb 3f f0 f7 00 2e a3 d2 3b e2 d0 df d7 69 59 d5 00 4d b3 44 2d a7 91 ac 6d 13 65 75 19 a3 3d 46 72 8e 1b 5d a5 b9 40 52 d8 eb fa b8 75 73 f7 d2 2c 5a b0 e8 9c f4 f2 e3 d3 49 49 a9 25 c4 38 ed d5 13 7f 6b a3 93 80 09 4a 71 83 d8 25 77 20 9b 2a 26 61 ae 33 ac 6c e1 3a fd 1a 34 95 82 4b a1 67 34 2e 95 b8 1c ca b8 9b 46 aa 37 36 06 15 ee 42 fb 37 7e 41 e4 21 e6 fb 93 4d 82 60 e6 9e 24 45 93 3e a6 e3 79 23 ad 5a 5b d9 ce 57 8e 65 4a 67 e7 1b f6 Data Ascii: JJ1J,!"]eA8=f2{>RI4cJr]@K6naqd): >\|S'j,!axK[?.;iYMD-meu=Fr]@Rus,ZII%8kJq%w &a3l:4Kg4.F76B7~A!M`$E>y#Z[WeJg
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a c1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 33 0d 0a 30 30 30 30 30 30 30 31 0d 0a c3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 56 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 22 0d 0a 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 37 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 67 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 31 0d 0a ee 0d 0a 38 63 33 0d 0a 5c ea 72 68 70 94 Data Ascii: 00000001W0000000100000001s000000010000000100000001\000000010000000130000000100000001V00000001b00000001"000000010000000170000000100000001C00000001g000000019000018c3\rhp
2024-10-24 09:44:01 UTC	1086	IN	Data Raw: e2 a3 79 b2 e9 12 22 30 0b 58 3b 15 77 09 11 5d 42 04 30 05 3a a4 ba 84 88 32 d0 23 40 a9 fc a0 82 85 c7 7e 4a 2f 3c 85 70 a7 5e 97 10 d1 25 44 60 00 7f 97 10 a1 27 77 74 09 11 22 e8 59 c9 dc 10 e9 14 8a 13 aa 49 70 e8 12 22 e0 03 bd 3c 1f ba 4b 88 30 52 37 b4 f8 c4 eb 0e 71 76 3c c5 0b 07 e9 b3 16 17 50 e0 1a ee 12 22 94 23 68 97 10 21 0e 04 ec b6 e1 e2 f5 2d 30 93 76 72 78 2c 2a 1d 6f b0 e8 4d 50 97 10 41 63 32 45 bc 8b 79 e3 a3 dc 14 2a b7 68 78 35 0e 29 04 ec aa ac 4b 88 d0 6f 63 1f 63 3d 71 2b d9 25 44 40 88 24 cb 10 ee 12 22 b8 7f 48 b9 9c 6e b4 64 7b c4 b1 e9 3d e2 e1 b9 ed 1b f6 fa 05 39 ef 5c 3f 3e 2a bd 2a 4d 0b e6 55 84 c1 85 b6 a5 6e 37 5b d7 01 4a db 12 c0 25 f9 35 9a 28 f7 ef 5d 42 04 cd 6c c7 74 60 33 eb 41 44 e6 62 40 1a e3 27 19 33 d0 25 Data Ascii: y"0X;w]B0:2#@~J/<p^%D`'wt"YIp"<K0R7qv<P"#h!-0vrx,oMPAc2Eyhx5)Kocc=q+%D@$"Hnd{=9\?>**MUn7[J%5(]Blt`3ADb@'3%
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.16	49844	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	522	OUT	GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: eb26d0d25a39993a1c1289097421fedd Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:16 GMT Expires: Sat, 18 Oct 2025 08:55:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521325 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 66 66 35 0d 0a 5b 5b 77 db b6 b2 7e ef af 90 b8 b3 b5 c8 18 66 24 a7 cd 45 0a aa e3 38 4e 9a 36 a9 d3 d8 6e d2 ca aa 16 45 41 12 6d 9a 94 49 50 8e 62 e9 bf 9f 6f 70 21 29 c7 ee be 3c ec 87 c8 e0 00 18 00 73 9f 01 e2 e6 22 9e fa d7 62 bc 08 c2 8b 83 79 91 5c 2c e5 a8 88 46 97 41 94 f0 bf e9 5b af 07 43 cf 5f 14 f9 dc 1d 0c f6 7e 78 be Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000010ff5[[w~f$E8N6nEAmIPbop!)<s"by\,FA[C_~x
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: da 71 3c af ef 1c 2b eb e6 e6 59 e8 8d 3a be b3 f3 6b d7 71 98 94 c0 5e 2e 25 24 d7 c6 d3 75 fe 72 76 7e f1 c3 20 8e dd df 3c 3f 13 8b 38 08 85 fb 68 70 76 f6 d7 03 ff e1 4e df f5 06 67 c3 9b cd 7a f8 68 c6 9c b3 b3 07 2d a7 36 6a 7b b7 eb 92 3f 9e ff b0 ef f6 f9 d9 d9 99 eb ad 1b 60 5f 03 06 50 03 86 1e 21 7a d0 c1 08 c7 db 71 1e 38 e0 9b e4 0f fa 07 be b6 a7 dd 65 1a 4d 1a 6d 96 48 7e e0 eb 93 b0 88 da 95 29 62 29 9d 05 6c 50 34 7a 9b 1f 26 70 96 59 30 8e 05 0b 24 ff c3 cf 17 71 14 0a 56 48 9e c8 7e 22 cb 53 9f 04 33 8b 3d 97 96 4b 33 21 6b 04 d7 0b e6 2c 84 53 97 fd 4c 42 23 b6 b7 15 4b ee 7e b2 73 89 0b ec 8d f9 62 95 70 42 86 b4 ca 7f 72 df 40 10 bd 8d c7 a6 92 bf 95 ee 01 73 ac 87 c0 b9 e7 16 06 ff 82 cf a5 fd 04 f7 c9 fd 01 b4 b0 20 78 35 7c 8e ec Data Ascii: q<+Y:kq^.%$urv~ <?8hpvNgzh-6j{?`_P!zq8eMmH~)b)lP4z&pY0$qVH~"S3=K3!k,SLB#K~sbpBr@s x5\|
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 10 d3 73 50 3f 97 41 12 52 a2 8f ef 3b 46 5d b7 5a b0 2b d5 28 ac eb d2 79 ac 42 34 82 9a 42 95 6d 88 c7 08 be a8 e6 07 aa af 2f 44 ca 9a 97 3a 20 01 33 de b8 e9 36 7f a6 cf f5 da ee b7 d6 d7 fc dc 6a 7d 26 79 91 e4 e6 e0 cb dc 3f 69 6c 5f c8 ee a1 e7 4b 91 4b 17 b1 3b a5 0d 76 72 e3 a3 c2 0d e2 66 dc 15 9c fc df 16 21 11 a1 dd 71 64 c4 6c 59 95 84 ae d7 3f 31 b8 37 9e 58 fb 10 13 4e 25 52 da 69 46 7c 30 54 92 45 42 93 d2 fe ca 88 c1 2b ed 40 8a a5 b7 b8 d5 e4 88 95 22 1d f0 a4 a5 75 8a aa ad 6f f9 a3 42 cb 45 ae 74 32 84 74 94 ba 28 b6 75 10 85 9a a6 8b 0c 37 fe 31 ac 14 49 6d 76 8a b0 af b2 a3 d0 55 fd 59 29 d2 d4 2a d2 9c 6a 0a ca 7f 2e b0 5e da 27 7f 72 2c cb ec 05 ea 5c 54 5a a6 9b 4a cb ea 8a 35 82 62 cd 87 a8 6a 0a a3 ec 5a a7 56 3c 87 4e 4d d8 88 Data Ascii: sP?AR;F]Z+(yB4Bm/D: 36j}&y?il_KK;vrf!qdlY?17XN%RiF\|0TEB+@"uoBEt2t(u71ImvUY)*j.^'r,\TZJ5bjZV<NM
2024-10-24 09:44:01 UTC	361	IN	Data Raw: ac 04 cc 34 e0 bc 04 5c 6a c0 75 09 b8 b0 8a 21 36 3a 4b fd 24 39 0a c1 e5 ce 4b e2 06 f6 ad 0c ee b1 bd fe 95 ac 64 0b 87 33 0c 30 b5 de 32 8d 75 e8 be 53 e0 a2 0c 59 50 25 9c 25 74 c3 de 48 73 d9 1b e5 8a 2f 4a f9 fe 90 3c 84 84 7d b3 05 14 67 2b a9 55 b9 3c 09 96 ae 00 94 55 20 85 c1 d0 d9 ba 1d 10 1b 75 5b fc 2e d4 2f 4a 5a 68 9f 57 62 f4 13 31 c5 9c e1 5b 59 87 44 df 92 6f 1e 54 73 55 fd c1 30 d7 6a 87 5d d7 c8 3c 69 50 aa 9e df 20 89 41 49 bc 5e 43 80 a2 da 73 36 14 f5 2c 29 cb b9 d5 54 8b 7e 43 49 d6 6f 92 bf bb cb 40 59 6c 28 b9 59 54 54 7e c3 eb 83 77 f5 22 75 d9 69 58 46 24 30 46 97 98 d5 3c 19 28 49 1d d6 28 fe b9 46 25 95 17 35 6d 91 04 93 6d ec 49 93 c1 1a 54 fa e9 86 cb eb aa 8a 8a e6 c9 46 96 ef 2b ca 4d d6 b5 57 5f 2c 60 a7 ec d9 de e3 67 Data Ascii: 4\ju!6:K$9Kd302uSYP%%tHs/J<}g+U<U u[./JZhWb1[YDoTsU0j]<iP AI^Cs6,)T~CIo@Yl(YTT~w"uiXF$0F<(I(F%5mmITF+MW_,`g
2024-10-24 09:44:01 UTC	1387	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a 18 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 32 0d 0a 30 30 30 30 30 30 30 31 0d 0a e8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 30 0d 0a 30 30 34 36 62 0d 0a 12 Data Ascii: 0000000100000001j00000001-000000010000000100000001'000000010000000100000001R0000000100000001J00000001a00000001000000010000000120000000100000001k000000010000000100046b
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.16	49843	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	676	OUT	GET /gui/30592.64f38a11064ff2dd4b23.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: cca0a4fed5a7397b6a34550860a903a7 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:44:10 GMT Expires: Sat, 18 Oct 2025 08:44:10 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521991 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 00 0d 0a 30 66 66 39 0d 0a 00 02 ff ec 7d 6b 77 db 46 d2 e6 f7 fd 15 30 93 38 a4 03 c2 24 75 27 4d 2b 8e ed 39 f1 79 9d 49 d6 97 9c 9d d5 68 65 90 04 25 c4 14 c1 01 40 5d 42 f1 bf ef 53 97 6e 34 40 52 92 93 cc 7b 66 f7 28 9e b1 a5 be 54 77 57 57 57 d7 ad 0b b5 79 16 79 59 9e c6 c3 bc d6 ab 67 d1 64 1c 5c 46 83 59 38 fc fc f2 6c 3e fd 7c 91 9f cc e3 93 f3 30 9e f6 6f a9 bb b9 39 3a 6e 04 b3 79 76 56 3f 3a da 6a ed 1c 74 fc dd dd ce 6e c7 df 3f d8 df 6f f9 7b ed ad ed bd 63 7f b1 8f b2 56 b7 1e f9 b9 9f 36 Data Ascii: 000000010000000100000001000000010000000100000001000010ff9}kwF08$u'M+9yIhe%@]BSn4@R{f(TwWWWyyYgd\FY8l>\|0o9:nyvV?:jtn?o{cV6
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 9d eb 85 4e f1 11 16 ae 2b 0a 64 06 cc 60 40 bc cc 3f ea 0d 5f 67 39 a5 59 4e 0d c2 2d 18 2c 63 d0 c8 cf 40 0e 5e bc c4 99 67 a6 13 2e b1 1d d8 81 ea 86 a0 b1 6c 63 8d ee 98 e9 69 c1 2d 23 b3 91 21 77 64 c6 9e f6 17 cb 20 4f e4 a4 1a 24 06 d9 24 1e 46 f5 7d bf d9 36 3c ae 26 33 04 b0 7e 8a 5d 0c f8 64 a5 f3 21 76 10 6b 49 c1 4d 9d 92 60 1a 9e 03 59 b5 9f c2 19 77 b8 b9 a9 bd 8f 72 fe f1 50 88 6b 0c 6a c6 34 bb b5 17 e6 f2 d0 86 4f ff 4f fd b0 fb 31 be 79 d3 98 e6 f8 69 ff a6 bd 7b b3 d5 69 e0 c7 97 93 f0 7c 16 8d 1a 02 e1 eb a7 41 1e 65 39 f6 f5 50 56 d3 15 7e b2 8a 94 c6 42 30 37 8d 2e bd 0f e0 3f af 71 ac d2 7a ed cd 14 5b 0a 0e 14 e6 79 74 3e cb bd 3c f1 46 00 48 4b 9a a7 91 37 4d a6 4d 26 c9 c1 24 f2 62 70 91 70 3a 8c 82 7f 4e df 4c bd 24 05 cb a5 f6 Data Ascii: N+d`@?_g9YN-,c@^g.lci-#!wd O$$F}6<&3~]d!vkIM`YwrPkj4OO1yi{i\|Ae9PV~B07.?qz[yt><FHK7MM&$bpp:NL$
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 59 9e 54 d9 87 5a c9 bc fc 19 a9 a3 b5 49 72 19 a5 a4 51 62 1f cd e4 20 6e 7d 9c e9 af 2e 26 69 b1 50 50 e7 33 48 db d5 2e 2a a2 69 2f 67 fb 68 fd 8d 65 45 cc c4 24 36 df 0d a4 7a 45 3d 22 2a 55 ed fa 75 15 28 dd 2d 84 36 2f 7a 2c cd fd 50 7e ec 1a 34 5a 54 13 6d c8 f9 93 2d 5f b9 35 a5 52 ee 68 17 bc 61 7c 74 ed 9c 0c c9 a2 f5 4b 49 06 c7 29 26 fe 1a b1 6a d9 d3 f9 55 4e 63 90 9d c5 63 9c f7 1e 4e 3c 9b d7 a0 92 ca e5 ed 62 b5 97 c3 a6 0a bc dd c2 a5 85 6c dc e9 81 a2 1c 1a 3e 8a 54 c3 a9 a0 b9 b1 e4 2d 55 64 7f 64 49 1f c6 c2 92 bc a6 ab fb 60 b4 1e 32 a4 ca 6c 75 51 2b da ca 33 19 d9 5d 83 f0 72 ab 39 f9 b9 34 31 5d df e2 54 bd c1 4e e8 75 e8 50 87 ca 32 66 70 b6 fb a6 aa 85 d7 41 6c 6c 5a c2 b1 3a 54 aa eb 2a c1 c2 90 b9 2c 8e 06 ae 3d b9 ec ac fe 67 Data Ascii: YTZIrQb n}.&iPP3H.i/gheE$6zE="Uu(-6/z,P~4ZTm-_5Rha\|tKI)&jUNccN<bl>T-UddI`2luQ+3]r941]TNuP2fpAllZ:T*,=g
2024-10-24 09:44:01 UTC	311	IN	Data Raw: 5f f8 d7 fe a5 7f e5 7f f6 4f fc f7 fe 6b ff a5 ff b5 ff c6 ff e0 bf f0 7f f6 7f f7 7f f3 df fa ef fc 57 fe 2f fe af fe 0f c5 35 fc a3 ff f1 e1 22 fe 0b 2e e2 b2 8f 3b f8 71 0e 82 9c 9e e2 0a 91 1f e0 e8 0e de cf 07 d0 07 11 c5 07 2f 68 d6 af 65 ee af f0 7a ff 08 d6 fc a3 78 bd c1 2c 10 10 f1 53 7f a1 bd 4f d2 39 22 dc a2 bc 1b 06 d7 61 1a 12 ef c5 99 07 4f cb 4f 42 ba 34 51 ce ff 72 05 98 21 5d a5 18 04 c5 c5 2f 6e 27 8a fe ea 0e 02 13 04 06 4f 4d 9e 26 34 d6 c9 6f c9 00 bd ec ef d4 69 d9 93 30 bc 7f d9 40 bc f9 fd 05 0c 98 6d e1 fd a1 20 a2 d2 2d 66 7f e7 90 35 91 35 54 91 1c 25 f9 1b 38 bb 21 dd 27 a9 6d 46 2c e2 25 5d b5 b8 77 6d 21 9c f4 97 a6 50 c4 87 17 f0 ec 9b 91 c0 0f 80 b3 77 c9 a5 b5 89 13 bf 70 7f 8f c7 7f 4f f2 9f 74 82 88 df d4 db 12 3e 93 Data Ascii: _OkW/5".;q/hezx,SO9"aOOB4Qr!]/n'OM&4oi0@m -f55T%8!'mF,%]wm!PwpOt>
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3b 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 31 0d 0a e1 0d 0a 32 62 31 37 0d 0a 08 d1 ae b7 7b 51 b5 11 f9 3c 71 35 b0 d7 33 63 c3 07 cc 7d 12 26 55 6b 91 4d 97 e7 86 28 83 10 e4 26 9e 7f 6e 4c 1b f0 63 14 22 9c a7 08 b4 14 2c 9d 4c c8 65 79 8b 9c b8 12 8f 79 74 1a bc f0 cf 83 17 c7 1c 95 c9 76 e0 77 d1 2c 49 f3 9f 21 59 e0 d0 58 87 9b 30 f5 e0 64 4c d6 36 20 0a a6 f5 3c 99 fd 82 d0 c9 f0 94 3d 8a 70 f8 47 b8 c0 e0 a2 9d e6 af a2 71 38 9f 50 08 c3 8c 1c 4f 44 1c 6f a6 af d2 10 e6 6d b6 68 09 2a 0d 48 0e af 14 c3 05 df 1c 41 3c 02 5e a8 d3 bb 68 c2 b0 6d 67 18 Data Ascii: 00000001;000000010000000100000001X00000001`0000000100012b17{Q<q53c}&UkM(&nLc",Leyytvw,I!YX0dL6 <=pGq8PODomh*HA<^hmg
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 79 52 ba 6d e7 21 de 97 7c 36 bf c9 0c 0a d8 30 63 ca 49 17 48 30 3e b2 fd d8 fc 23 d7 ac b3 9c 3c 3c cd d6 10 a4 95 3e 04 e3 a2 8c bd 05 6a c0 32 81 de 29 a2 f8 a0 5d d1 2b a5 86 44 41 0c 93 d9 b5 a3 7f 38 2a 97 96 fa 13 e1 19 53 e8 2d b3 6b 35 3d 40 9e 39 c9 10 44 43 6b fc 90 bc 9c c4 b3 41 12 a6 23 bd cb a4 90 01 db 2a c3 b2 65 5e b0 9f c8 49 2e 17 7f c0 a2 c0 b5 fd da a8 89 a7 28 11 1e 89 20 e8 90 5e c2 91 59 81 a4 4e 91 73 59 2a 0f ac bd e1 30 32 cf 60 4e 48 f4 f8 25 99 d1 0e 59 21 f5 0e 01 00 41 e4 d4 bc 74 fb 17 d7 75 e9 16 17 75 be bb d0 2e 50 a6 44 39 b4 8a a1 56 f8 52 6c eb 7d e1 bd 72 4b c9 cf be 21 3a db a8 0a c4 04 d9 73 68 f3 09 d4 46 46 04 6f 25 c5 61 18 54 9c 05 ff 7b 9f 02 d6 df b3 f1 f4 63 3a a9 2f 56 47 23 ad d4 47 64 51 37 5f 22 10 04 Data Ascii: yRm!\|60cIH0>#<<>j2)]+DA8S-k5=@9DCkA#e^I.( ^YNsY*02`NH%Y!Atuu.PD9VRl}rK!:shFFo%aT{c:/VG#GdQ7_"
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 08 9f 36 b0 47 b4 68 60 77 18 5c 1e 90 a2 44 91 f3 3f a7 af f8 d9 30 14 4d e2 fd 9b 2a 29 e8 be c6 4e d6 8f b7 87 df c0 eb ce e9 7a d8 22 7b ec ff cb 8d c4 51 d7 73 11 0b b3 09 56 11 89 53 ea 2f a7 ee ee ee 26 be f7 96 a9 a8 75 f5 2f 81 65 b5 ef 7b 43 a3 18 a3 d2 ca 5c a9 eb 8f 43 71 5d 18 b7 41 a9 8e be d6 4b b1 0a 80 23 1a 91 96 e7 ab b2 ed 9f 62 92 4a 8b a9 54 9b 44 3f 4b 7f ef e0 60 67 4d d4 d2 ff e2 58 a5 cb 7b c6 2a 21 2a 69 bb 75 70 b0 4b c1 48 12 80 24 61 4b 1a 60 54 8a d4 a5 b6 94 26 87 da ee ee b4 10 c1 e4 04 ed fa 33 ff 0c 41 48 9c e2 ca a4 72 f0 e0 a6 27 89 93 5c 89 a9 49 5a f5 39 ba a6 07 31 c4 41 85 30 e9 ec 38 69 ac 24 a1 4d 26 bd 36 a4 ba d2 36 04 06 6c 1b b9 66 92 40 a4 c1 7a dd 8c 8d 3c 46 e6 16 5e 3b 8c 93 2d 8b e6 18 44 53 3c 6c e6 e4 Data Ascii: 6Gh`w\D?0M)Nz"{QsVS/&u/e{C\Cq]AK#bJTD?K`gMX{!*iupKH$aK`T&3AHr'\IZ91A08i$M&66lf@z<F^;-DS<l
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 9c 25 e4 e5 25 e4 7f 68 09 94 87 a8 44 8d 66 95 ba 95 1b 89 55 d0 64 5a 17 38 59 ac 85 26 63 38 bb 67 8d 18 64 45 31 8b 23 2f 35 5d a0 24 23 01 97 0c e9 0e c6 44 cd f1 cc 2d c5 23 37 49 a1 03 be 04 30 38 8c 66 4a 3c 45 e8 d3 85 dc 60 42 4e 70 0c 44 79 af 17 6e 6c 7a 54 78 45 f9 4b 78 f0 15 89 05 81 15 14 87 5c 94 83 70 9c cc 97 dd 54 8e 8d b3 d0 a3 e4 d8 2c 8f 74 0d f6 51 ca fe ca cd 5d 96 4d 94 1b 6f a6 38 9c aa 19 d2 9f 53 58 09 bd 14 00 96 84 6a d4 47 80 eb ef 2d ce f0 0b 24 11 be ce e2 ec 07 a4 64 51 4a d4 b0 1a c1 86 18 b3 10 92 55 eb 45 01 8e d0 eb 10 69 88 39 e8 37 ff ae 0f 5b 7b 04 1b 11 c5 cd b3 c7 60 e9 35 61 5e 67 16 07 7b cb f2 9f d3 4f 14 26 31 e5 57 25 1b 5c fd 88 35 c8 7f 29 42 88 0a c2 96 f5 13 ff 21 34 aa 95 7e f5 d1 f3 a7 23 b8 82 bf c5 Data Ascii: %%hDfUdZ8Y&c8gdE1#/5]$#D-#7I08fJ<E`BNpDynlzTxEKx\pT,tQ]Mo8SXjG-$dQJUEi97[{`5a^g{O&1W%\5)B!4~#
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 84 95 89 4b 28 4d d7 cb 42 7c bb 87 c2 d9 90 e2 8f f7 d1 59 a2 e9 4f 52 ba 3e 7e ab 20 29 9e e2 e1 5c 24 c9 b1 6e e9 3e 69 6a ac 5f 35 8c 77 41 84 86 2c 1e 43 e8 d2 58 f8 0a 08 6f ed dc f1 74 bb 99 c5 bf 33 5e 55 ce 05 f5 12 2e 41 87 01 f6 86 53 90 65 32 57 26 63 c6 56 05 4f 20 75 a4 14 90 46 76 9b 5a 5e bb 35 93 5d a1 ed 91 39 79 78 2c 5f 8c 68 77 4b 9a d9 f0 45 7a 3d d8 f5 38 c1 58 f3 12 ef ee 31 1d cf 93 6d c2 6d 37 5e 3f fa 7c 22 13 c0 e9 80 d9 a9 ab 24 52 4c 47 d7 04 a1 78 68 ce d6 5a 90 9e 27 d9 47 bb de d6 d6 37 3c 32 3f da 64 62 e2 5f 75 d6 93 68 9c df 8b c2 08 93 c5 f3 d7 05 ad a5 02 d1 0e 68 10 f6 47 86 d0 4d 78 ee 3d 11 3c ac 5d 1c cd 45 48 fc 96 2d bd 05 d7 19 3e 75 28 6f 5b 78 1d b7 30 b6 5b 59 22 a6 a1 7a 01 22 3b 9b e1 69 22 b3 69 36 cb a5 Data Ascii: K(MB\|YOR>~ )\$n>ij_5wA,CXot3^U.ASe2W&cVO uFvZ^5]9yx,_hwKEz=8X1mm7^?\|"$RLGxhZ'G7<2?db_uhhGMx=<]EH->u(o[x0[Y"z";i"i6
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 7e 46 af 90 b5 b5 ba 5d cc 19 10 ff 74 de 15 49 81 12 e6 fd a3 de dc 6b 01 e7 1b 26 b2 be 8b db be 3c f6 18 79 62 df ac 0c 5c e1 50 8c 26 77 b9 45 7d b0 c7 cc 01 2d d6 c1 7d ff 85 2b eb 80 45 ca c2 1c 3b a9 c8 76 2b 73 b8 63 a5 0e 00 12 89 3c ef b6 29 7e 9c dd 0f f5 ff cd f3 9b 0e 37 9c 63 67 ed 19 ee 81 68 6b 54 6f e3 fc e2 7f 25 b2 f8 06 7a 98 e7 75 0a 32 5d d3 0f 47 1d 2c 5e ff 6a 20 b3 07 7d ac 00 f0 5a 28 65 90 cd 9d 51 a4 da 3c ef c1 56 4b c0 e2 d8 30 78 70 07 fe f7 e0 d6 61 da 41 07 d0 f4 af 75 c3 54 46 d9 56 a8 bb fa ef fe 9f 83 5e 5d 84 4b cc 6b 90 52 45 26 16 5e 66 df fc 7d 9f bf d0 2f f3 ed d3 27 8f b0 57 4f 3c f8 ed 72 bc a1 0c 67 d0 3a 77 82 ad a0 e3 d5 cf f2 7c 96 75 9f 3e 45 ec cc c0 d4 e2 66 3c 7f da e0 1e 14 f3 c2 86 2c 6c 74 bb dd ec b4 Data Ascii: ~F]tIk&<yb\P&wE}-}+E;v+sc<)~7cghkTo%zu2]G,^j }Z(eQ<VK0xpaAuTFV^]KkRE&^f}/'WO<rg:w\|u>Ef<,lt

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.16	49846	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	522	OUT	GET /gui/36796.52ea6edb5c8ac00adeb8.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: fe01df4983bb18153a451e0d2b911d2f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:51:38 GMT Expires: Sat, 18 Oct 2025 08:51:38 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521543 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6f 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 38 0d 0a 30 30 30 30 30 30 30 31 0d 0a 16 0d 0a 30 30 30 30 30 30 30 31 0d 0a fd 0d 0a 30 30 30 30 30 31 0d 0a 3e 0d 0a 62 33 64 0d 0a bf 42 d6 66 0d Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001X00000001k00000001o000000010000000180000000100000001000001>b3dBf
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: bf 3c 1f 0d 86 e7 97 9e 20 83 a1 c7 c8 e9 ef 77 bc df 3f f5 4a 72 3a fd 7c 77 f6 f2 73 39 08 82 b3 cf e5 ab 57 01 9e 5f bd 1a 86 b3 d3 1b 2f 21 5b f1 8d ca 45 2e 6e 23 fb 6d fb 84 ac 5d 97 10 4b 69 56 58 b7 2c a3 3a 8f 15 bd a1 b2 b0 94 b0 50 1a 52 38 cd f6 6c 2e 54 7f 9e 14 2c b5 23 fb 3a cf e9 4d 92 37 6b c7 c4 0a ee 46 81 e5 60 8a 95 58 f5 24 2b 15 19 b5 d6 02 b2 5c 2c 66 fc 5b 92 b3 ac 5f 6f a6 05 98 77 23 c0 ae bc 94 bc 49 d4 d2 87 6e 42 c6 0d 26 2d a4 58 5d 2d 13 79 05 49 87 6a af 61 6a 7b 70 d6 fb 84 df 50 e3 b1 64 aa 66 47 15 0a 25 55 a7 95 b1 1a ca bd 5f ac 73 a6 1c fb 39 fc 96 53 6d 48 db 8e a9 9f 53 7e a3 96 e3 b0 db 75 38 a1 d3 60 d6 c3 0c 4f e1 31 9c b5 36 17 0f 02 a8 95 39 9d 35 92 54 23 26 46 fd 71 62 f8 22 76 e9 94 cf 88 44 fa 71 88 69 32 Data Ascii: < w?Jr:\|ws9W_/![E.n#m]KiVX,:PR8l.T,#:M7kF`X$+\,f[_ow#InB&-X]-yIjaj{pPdfG%U_s9SmHS~u8`O1695T#&Fqb"vDqi2
2024-10-24 09:44:01 UTC	663	IN	Data Raw: d4 26 a7 a8 06 50 5d 9b 18 3d 8e 39 1c a9 4f 63 fc 5d 20 94 8d 2d 74 f2 4e cc 63 d4 22 8c 3b 3e 6b 52 a0 89 e6 8f 4b 6a 7d a9 e5 c2 5b 5f ac 8c 49 dc 62 30 84 5e 1d 84 08 54 d4 ac 0c 71 6c a1 5f 68 26 7e b1 10 fa 92 cd 4b a5 59 78 b6 9f a9 67 08 9e 6f ac 75 22 55 bb 64 3f 55 87 ab 84 15 ea 33 b6 c5 d8 44 95 df b6 de 2d 7f 07 e5 ae d9 b7 a1 5b fc be ed eb 1a c9 27 32 92 bd 2f 27 5b 5d b4 18 4f f3 12 39 58 33 1d 34 5d ba 22 18 6a 77 8a c0 f9 dd c1 15 d1 57 a6 76 2b f1 ef dd aa d8 09 77 87 78 22 d3 17 fd 7f cd 5c 10 72 bb 7f d2 b5 1f 00 58 15 9d 6c 79 15 7f 41 af 60 43 ef 72 9d e1 ae c5 c0 88 61 4e 68 73 bd d0 05 4f 6d c0 1e e5 aa bd 1a f1 6b 6b 6a 8f ee dd a0 96 ac f0 17 fb fc 6b 5e 89 6e 73 90 18 6d e7 5b 5b 01 65 d3 ab bf 37 b6 a2 26 4f 13 04 d5 f7 10 e3 Data Ascii: &P]=9Oc] -tNc";>kRKj}[_Ib0^Tql_h&~KYxgou"Ud?U3D-['2/'[]O9X34]"jwWv+wx"\rXlyA`CraNhsOmkkjk^nsm[[e7&O
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.16	49847	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	676	OUT	GET /gui/71254.89ea96287cbc8b900860.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: ad169ac3b95a80eaac1903b2735807de Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:47:50 GMT Expires: Sat, 18 Oct 2025 08:47:50 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521771 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff ec 5c e9 76 db 46 96 fe 3f 4f 01 33 89 9a 48 03 10 17 71 95 29 47 96 97 28 f1 d6 92 9c 4e e2 f6 61 40 a0 48 22 02 01 06 00 b5 84 e6 bb cf 77 6b 01 0a 20 65 d9 93 a4 a7 e7 9c b1 12 89 ac f5 d6 dd 97 02 6a ab 94 19 69 96 04 5e 56 3b ac a7 2c 9c 3a d7 6c b2 74 bd cb 93 f9 2a ba bc ca c6 ab 60 bc 70 83 68 f4 91 be 0f 1f de bd 37 9d e5 2a 9d d7 df bd eb 35 5b 9d 03 eb e0 a0 d9 ee 5b dd 7e bb 67 e1 43 a3 63 75 1b cd 76 cb ea 36 bb dd f6 7b 6b 3d e8 74 5a fd 61 3d b3 98 15 98 a3 a3 f5 95 9b 18 f1 28 a8 1f f4 7b 8d 03 d3 4a f0 11 23 0f 3a a6 15 e1 63 b7 d3 ef 76 cc c3 90 65 46 6a b9 56 38 ca 46 47 d9 21 cd f1 46 d3 55 e4 65 41 1c 89 b5 ac d8 e4 6b 25 Data Ascii: 000000010000010ffe\vF?O3Hq)G(Na@H"wk eji^V;,:lt`ph75[[~gCcuv6{k=tZa=({J#:cveFjV8FG!FUeAk%
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: d6 7a 61 7d 6f bd b6 9e 5a 8f ad 5f ad df ad 67 d6 73 eb a5 f5 ca fa d9 fa d6 fa c9 fa ce fa cd fa c1 fa 47 61 4b fe f9 ff b6 e4 4f b2 25 3f 56 6c c9 d4 c9 3c a1 23 93 15 c9 17 6c 40 ba 82 a9 ad 3b 8e 93 5b 69 a9 c3 bd 78 79 7b 11 c7 61 16 2c 2f 60 8b 46 b5 13 34 18 7e 4c 3e 88 91 c5 86 17 06 cb 49 ec 26 7e 4d e8 7c 98 a7 20 bb bd 80 9e 1c d5 c4 a8 52 c7 db 24 cc db 37 77 9b 31 52 c7 91 b3 8a 52 77 ca 4e ce cf cd fa 3b 82 d9 11 c6 ce ba 71 8e ad b1 73 fc de 7c bf 19 c3 06 3e 73 af 02 e8 aa 37 c1 55 9c 91 74 c2 04 48 6b 68 cc 9c 9f fb e4 4d 9c 33 37 f1 e6 d8 bc be 16 00 0e 73 e0 e8 20 63 9a 3f f6 e7 6e 3a 1f 66 1b 93 af fa 04 7e 82 b6 a4 c5 94 59 09 46 0b e7 7a 40 ab 5e 04 0b f6 3a a1 81 20 54 cd c7 df 9a f9 f7 da df 6b ca de 7f c2 ee ef b2 f7 c3 40 ee 58 Data Ascii: za}oZ_gsGaKO%?Vl<#l@;[ixy{a,/`F4~L>I&~M\| R$7w1RRwN;qs\|>s7UtHkhM37s c?n:f~YFz@^: Tk@X
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: ff 43 71 bf 74 f4 a4 ef 9f 80 fb 0a 36 ee c5 7b fc 19 78 8f f7 f6 e2 02 ef 85 66 d4 91 fd 02 c8 7e f1 1f 8a ec 2b 07 30 97 b2 c9 7f 02 c2 09 0d 77 61 d9 84 22 b2 23 24 e1 61 25 e6 70 0f 7f 87 01 75 c3 9a 4a ba c0 a4 c2 86 68 a6 54 da cb 60 c4 55 15 14 de f3 2c 38 87 7f 5c f2 36 65 55 e1 50 28 bc dc 1a 49 dd 48 e1 27 56 b4 20 23 3b ac d5 f3 8b 53 83 2f 48 66 0b f6 98 91 fb 1d da 29 ed 51 b2 5a df 83 8c df 73 32 52 c6 e6 e1 2c 0b c4 20 c3 81 ff 82 90 8f 0a 5d 85 77 99 77 c3 ed 51 19 9e 40 05 38 39 84 dc 5e e6 e8 87 95 44 e0 a0 52 fb 70 71 0b 70 8a d6 12 4c af 01 d3 eb 1c 26 e5 c5 16 83 6d 14 0f 83 18 61 05 70 ac 7c e1 a2 57 b5 48 7b 87 b8 06 27 8f 13 04 af 5b 56 4a c4 3a 70 a0 44 ba a3 58 43 46 3a b2 47 4b ac 4c 62 64 70 16 14 3b c9 5c 5c 31 47 40 a5 a7 47 Data Ascii: Cqt6{xf~+0wa"#$a%puJhT`U,8\6eUP(IH'V #;S/Hf)QZs2R, ]wwQ@89^DRpqpL&map\|WH{'[VJ:pDXCF:GKLbdp;\\1G@G
2024-10-24 09:44:01 UTC	252	IN	Data Raw: 54 5e ce 94 0e 0d 92 da 45 b9 92 00 21 3c f3 15 95 9a e7 b5 7b 6a e5 ba 9f ae ec 8e 6a d7 81 9f cd 87 70 5b 96 37 e8 b9 80 75 36 4e e3 13 03 17 65 a1 72 52 e3 a7 e3 b3 63 23 01 e1 81 2c 89 d7 c9 11 9c 1f e4 77 10 cd fb 06 77 cb ca 9d 34 1a 6c e2 28 ff a0 d0 b3 12 f9 02 74 80 21 15 6f 35 c4 22 43 02 d1 aa d3 75 d3 75 ec cc 0f e0 99 a0 fe 47 35 2f f5 a9 9e 38 df bd 75 4e 5f 9f 8c cf 2f ce 9e 1e bf c4 ad d9 f1 63 e7 d9 e9 8b 8b a7 67 e3 c7 3f e1 eb e9 a9 73 fe fa ed d9 c9 d3 f1 c9 eb 17 6f 5f be 1a 9f bd 7d f1 f4 fc e9 c5 f8 d5 f1 cb a7 e8 0f 9f e3 82 29 19 5a 15 fa eb ea 8d eb 97 94 f3 39 6e 34 90 b1 ad ff f2 e5 1a 17 96 ad a9 f3 ea da f9 16 f5 19 14 55 cc 3a 1c 04 5c 90 74 6e dd c4 a5 7c 14 24 e2 2f 00 fa 0f 40 9c ed 86 38 b3 e8 ce c4 3a c3 0d 0a Data Ascii: T^E!<{jjp[7u6NerRc#,ww4l(t!o5"CuuG5/8uN_/cg?so_})Z9n4U:\tn\|$/@8:
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 76 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 30 30 30 30 30 30 31 0d 0a fa 0d 0a 30 30 30 64 30 62 0d 0a 03 f9 46 c8 a6 65 b8 dc 16 2f e9 32 b8 3b e3 21 37 b5 91 c7 16 47 42 ec 9f 30 10 3e 54 48 a9 e1 69 00 5e 89 92 34 af e1 62 3c c7 48 7e 05 96 5f 7f 7d 96 c4 8b f3 df 56 b8 f4 c4 b1 54 93 59 24 54 fa 99 4a 11 8a d5 53 99 7a 21 e5 b2 e3 ba d8 77 50 2d df 69 2a 5d e6 a7 fe 32 21 a0 7a 3e af e5 2f 57 93 30 48 11 50 50 2d 3f 9b 83 df 73 d9 c6 45 f6 4b 83 7e d9 cb 04 57 b6 e0 19 95 fc a6 0c 37 19 19 7c ac f1 24 74 23 f8 5d 42 41 40 8e 25 4b 93 0b 01 57 c3 c8 8b 84 f9 16 Data Ascii: 00000001m00000001b00000001v00000001000000010000000100000001000d0bFe/2;!7GB0>THi^4b<H~_}VTY$TJSz!wP-i*]2!z>/W0HPP-?sEK~W7\|$t#]BA@%KW
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 31 fd 06 38 a5 7c 9e ea 90 ae df 3c 68 ca 53 41 79 cf b3 ad 8d 74 0e 21 ae fe e8 00 45 aa c9 cc c6 95 6f 3c 5a 44 a4 9c fa fe 54 8a 5d 81 14 7d 04 6b d0 4f 19 21 a5 7e 6f 3a 60 4c f4 73 82 96 3a 3b d3 b6 92 46 45 52 bd 1f a2 da 62 52 9e 25 51 4b dd 2e 6b aa bd 05 02 4a bd de 14 3f 62 67 7e 78 bd 53 17 c0 fc e0 a2 c2 90 1f 7e e0 4f fa 53 75 b4 9c 23 64 1d 22 1f e5 b5 e8 a7 82 80 ca 4a 93 86 cf 26 52 55 09 24 54 06 0c 06 9e 3b 95 07 cd 11 51 19 33 ed 78 bd 81 64 3d 85 8c ca 10 d6 77 7b ae 94 1e 89 90 ca 08 5d 4d 09 a4 54 06 e8 2a 88 6b 4c 29 63 1d 88 57 4b fe 12 87 e5 0a 36 97 4f 88 a8 44 95 f0 d3 dd 28 b5 53 96 04 d3 a1 51 13 f1 a0 71 8e 36 03 29 99 9a 65 9c c5 48 9d c4 ea 2f 1e ed 99 66 96 f1 2d 0b af 18 39 23 96 71 9c 04 6e 68 19 69 be 8a d8 92 2f 8d 90 Data Ascii: 18\|<hSAyt!Eo<ZDT]}kO!~o:`Ls:;FERbR%QK.kJ?bg~xS~OSu#d"J&RU$T;Q3xd=w{]MT*kL)cWK6OD(SQq6)eH/f-9#qnhi/
2024-10-24 09:44:01 UTC	624	IN	Data Raw: fe 8e 1e 32 b1 83 01 25 73 ab 73 b8 d3 c1 6f 3f 6c 77 f1 3e c4 14 4b 58 87 4b 76 3b 4d f0 d8 78 6a e0 0d 5c c8 ae a5 a9 3d 01 c1 e9 1d 79 4b 96 ae 1b 5f ad 27 c8 9b cd 12 7a 6d 48 fe bc 84 7d 23 f4 ba 3e 9d 58 00 f2 82 0b 79 a4 70 d6 59 bc 2e 24 1d ef f6 82 7c d4 db 5d 0a b1 50 99 d2 76 55 d3 b0 c3 35 ed 56 4c 4a 91 85 66 f5 86 b9 e9 a0 59 d9 ee e6 61 31 80 73 8b be 16 5e c1 e6 b1 39 b7 23 36 ee 3b 5e af f5 99 4e 03 af 22 d3 36 d6 07 5f bb 57 6c 8d 74 de 57 39 53 2e dc 14 85 6f f9 de 8d 21 32 af 8d af 8c c6 57 b0 6d bb 9a 37 1b 87 9b 20 99 38 90 36 ea ec f9 e3 63 7a c9 9d a8 60 a9 a4 02 d9 8c 8f 19 28 8d 7b 0e 15 db 56 0c 83 f4 3d 3e 7d 7d 9e 0f e6 7a 59 37 85 fa 4e 7f f9 0e 65 0c 09 f3 67 95 b0 26 ec 90 8e 3b 04 6e 5d c4 aa cd 1e e2 bf 1c 8f 1c d1 77 1d Data Ascii: 2%sso?lw>KXKv;Mxj\=yK_'zmH}#>XypY.$\|]PvU5VLJfYa1s^9#6;^N"6_WltW9S.o!2Wm7 86cz`({V=>}}zY7Neg&;n]w
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
83	192.168.2.16	49848	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	522	OUT	GET /gui/22232.91445a0c09a3242fac1c.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b5ab664f4b44a5d8592e66a90ff2ab00 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:38 GMT Expires: Sat, 18 Oct 2025 08:57:38 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521183 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 66 66 38 0d 0a 02 ff ec 5c 7b 93 db 36 92 ff ff 3e 05 c3 6c bc 62 96 e4 90 d4 9b b2 c6 eb 57 65 5d 9b 38 5b 19 3b 5b b5 3e 57 c2 07 28 31 43 91 5a 92 9a 47 64 7d f7 fb e1 45 82 94 66 ec bc ee b6 ae 66 e4 19 49 68 a0 bb d1 dd 68 34 1a 4d eb bb 8a 68 55 5d a6 51 ad 2f 06 15 c9 12 fb 9a 84 db 20 ba 7c be de e5 97 57 f5 0f bb f4 87 4d 90 e6 cb 7b 60 1f 3e bc 7b 6f d8 db 5d b5 1e bc 7b e7 79 de d0 7b 6f ee bd a9 37 75 fc 01 31 4b b3 32 96 e7 fb Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000ff8\{6>lbWe]8[;[>W(1CZGd}EffIhh4MhU]Q/ \|WM{`>{o]{y{o7u1K2
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 78 3b 37 ab 7b fc 6f b8 3a e5 95 d1 da f1 c9 f8 ae 78 64 7c 3b e1 8f 3f 62 9c f0 76 d5 3b bd 1d ca 7c 1d 6f 39 f6 c6 26 00 27 76 0c ee a8 4f 13 6a d7 4c 43 49 71 d3 bf 23 a1 66 87 e1 38 a5 9c 7e fd 7c aa 76 f5 3d 0b 4a be 97 32 33 69 2c 95 3a fd 72 51 5d a7 75 f4 87 5a eb 3e 0a 10 0b dd 13 75 c0 03 e9 d8 19 06 96 15 56 c2 06 0c 7d 11 62 e3 b8 5c dc 31 b6 d5 4b 67 30 d3 8d 15 ae 4c ad c1 c7 9b 98 da c9 66 bb 0e aa b4 32 3e 86 9d 2b a3 83 59 28 a4 19 89 b0 2b d8 65 75 a7 cf b6 4c 37 08 41 0c fd 20 3c 51 d9 ea e0 7b ba 25 dd b9 4c 45 24 d3 da ff 1d 01 8b 34 8b 36 84 11 34 79 0c f3 1f a1 4b b1 c6 94 e0 e3 d3 55 29 c6 b6 4b ec fe a1 52 4f 62 98 94 0e 5d 34 62 60 a3 26 d1 45 8a 8b 76 69 b5 54 22 da 41 34 23 b7 a7 81 63 16 f6 ba de 64 c6 20 fb f0 61 90 2d 93 1f Data Ascii: x;7{o:xd\|;?bv;\|o9&'vOjLCIq#f8~\|v=J23i,:rQ]uZ>uV}b\1Kg0Lf2>+Y(+euL7A <Q{%LE$464yKU)KROb]4b`&EviT"A4#cd a-
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: bd 2d 69 1c ab 79 8e eb 5a 9e e3 0d b5 37 6b a2 60 7a ba ab d7 45 59 b1 de 5f a7 88 32 2b 9c b4 68 98 57 6a df bc 7a a3 10 48 eb f5 0e e1 1c 50 d7 d7 61 75 d6 50 3b 0b b3 22 3c a3 b7 61 67 b8 d5 78 f9 fa e2 25 23 7d e6 97 e0 67 cf 72 0c 21 0c cd d7 3e 77 c2 51 1c 07 0b d6 94 e6 71 ba 2a d0 38 99 b8 4e e2 f1 c6 ed ae dc 66 b4 e7 24 19 79 91 2b 1a d3 fc 92 0e 66 3f bc a9 24 31 5a a2 b1 37 f2 1c de 82 0b 22 5c 2d a0 91 8c a7 43 47 34 de 92 2c 2b ae d1 98 44 64 3e 99 f2 9e ab 92 90 1c 6d c3 79 10 8d 22 de 56 93 20 43 93 e7 44 f3 b9 e8 16 dd 06 b4 97 37 9b 86 e1 98 f7 0a 33 9c 39 d1 06 46 78 c3 f5 1a a7 4b 34 24 49 22 71 07 b7 f8 3e 61 3f 6d 13 72 2c 25 1d 38 64 3f 4a 3b 1c 11 1d 3e a7 2f a5 19 3b 1e 6d f6 e8 4b 69 c6 bc d0 4c 26 f4 a5 34 8f 58 73 c4 7e 94 e6 Data Ascii: -iyZ7k`zEY_2+hWjzHPauP;"<agx%#}gr!>wQq*8Nf$y+f?$1Z7"\-CG4,+Dd>my"V CD739FxK4$I"q>a?mr,%8d?J;>/;mKiL&4Xs~
2024-10-24 09:44:01 UTC	328	IN	Data Raw: 85 39 d4 56 42 6b ed 2a 8b a6 98 50 4e 65 de d5 8d c6 c5 77 02 37 69 be ab c9 9d e0 35 42 13 4e e7 ce 2e 71 80 7d 9e 72 72 67 0f c4 1c f5 fa 23 7d 6e 69 f0 c1 d0 b4 a2 50 26 ce ef bf e8 3d 98 15 ee ea ba c8 f7 62 c3 a7 f7 9d 4a bf 8a 65 ba ac d6 ef ef a5 e8 a8 8c 02 38 42 c4 45 3d a1 f2 ad b5 ba 0e 50 c9 20 85 79 92 09 a4 c3 89 b5 db d2 24 b2 e4 82 2a dd 6f 36 2c a1 25 85 14 67 16 0c b2 b1 a8 af 45 8d 55 81 8b 3c 3e 87 4f 1c 8d 3c 38 ce f9 55 d5 b7 a6 10 95 11 d8 ac 60 20 4a 72 82 d6 3d 6c 8b 14 57 69 37 d4 89 8b 2d a4 6d a5 ae 7b 3c 9d 34 9b 4b 0b d9 20 0d 31 9d d0 2b 62 ee b4 5b 08 f5 5c f3 39 32 fe 47 10 e6 cb 71 c2 3f 05 62 30 9c d2 b6 37 07 9b dd b8 ed 39 5e 7a f9 66 09 7b b7 6e a8 fb 99 60 b9 08 d4 1d 20 f3 4d c3 1e b0 5d 67 0e 6e 09 bb 03 19 ec 38 Data Ascii: 9VBkPNew7i5BN.q}rrg#}niP&=bJe8BE=P y$o6,%gEU<>O<8U` Jr=lWi7-m{<4K 1+b[\92Gq?b079^zf{n` M]gn8
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5d 0d 0a 30 30 30 30 30 30 30 31 0d 0a f0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 0d 0a fa 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 63 0d 0a 30 30 30 30 30 30 30 31 0d 0a c1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0e 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a dc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 31 0d 0a 30 30 30 30 30 30 30 31 0d 0a f1 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 00000001p0000000100000001]0000000100000001Y00000001000000010000000100000001F00000001c000000010000000100000001000000010000000110000000100000001000000010000000100000001
2024-10-24 09:44:01 UTC	342	IN	Data Raw: cd 46 b7 b5 3d 0f 85 43 0f 85 43 32 09 b0 60 a9 38 1e 11 34 25 3f 6d 79 cf 43 e1 90 a8 34 7a 28 1c 7a 28 1c 7a 28 1c 42 c2 91 3b 0c 71 e0 7c 28 1c 7a 28 1c 7a 28 1c 12 8b 81 9f 72 65 11 fe ff 55 e1 50 80 ff 0f 09 cf 7f fa dd f4 1a 2b 3c 64 80 7e ca 89 41 44 4e 90 a5 37 f8 dd 7d 5b e6 c2 6b 5a 02 9f 95 2d f2 74 57 17 9b 72 dd cc 00 bd fa 46 e3 10 b0 ab 81 77 f4 31 b4 f7 06 ff cc 1e 76 c6 79 fe 6e 90 a0 c7 27 23 cb 60 58 4e a1 cf da 43 31 94 28 da 7a 28 86 fa 6d c5 50 ff f1 b5 4e ca ed 7b 5b c6 f0 e9 25 2d ca f0 ee 2d f5 fd 97 f7 27 86 fd fa 4b 68 a5 28 e7 ff cb 4d 31 bb 8a e4 25 4d 7b f6 99 56 4d c2 cd b1 e7 73 db cb c0 df 72 3d 79 ef 65 1e 7d 82 57 b9 b0 43 35 40 34 70 6d 8f 55 20 69 7f d1 ec e1 d5 75 37 01 cd bc a8 60 f8 de 7b 5f 59 33 a0 64 fe f1 9f 29 Data Ascii: F=CC2`84%?myC4z(z(z(B;q\|(z(z(reUP+<d~ADN7}[kZ-tWrFw1vyn'#`XNC1(z(mPN{[%--'Kh(M1%M{VMsr=ye}WC5@4pmU iu7`{_Y3d)
2024-10-24 09:44:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.16	49850	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	522	OUT	GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 358e8166b9ed32d533b01ba7c12bb4ed Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:09:23 GMT Expires: Sat, 18 Oct 2025 13:09:23 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506078 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a eb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 31 0d 0a 46 0d 0a 30 66 66 30 0d 0a b2 b0 7b 2b 34 97 e3 87 34 41 8a d4 c9 32 25 88 cb b1 93 b1 93 38 c9 c4 ce c1 a3 68 34 14 05 49 b0 29 40 01 41 4b 8a ac ef f7 f7 7b df cb be Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001z0000000101F0ff0{+44A2%8h4I)@AK{
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 79 d5 2b f3 57 5a b4 37 19 4f a7 d4 ee cd a6 e9 24 69 6d 44 d5 e4 6c 7e b3 ff 36 41 40 c1 6d 98 a4 65 4f f9 40 31 9f 00 f0 83 07 c0 50 7b d2 cb c6 27 70 ad e6 cb f1 a9 56 f8 f0 a1 f9 2a 31 75 47 a6 07 87 45 7e c2 87 86 cd 27 8e b9 db 82 4b 7f 6f 8d 86 df a7 1f 5e b4 b3 92 ab 8d 0f 83 f5 0f 2b cb 6d 2e 9f 4e c7 27 a7 c9 41 db b4 70 7f a9 57 26 b3 b2 95 b4 47 a6 37 43 23 12 ae ae 68 16 b4 64 00 f9 e0 41 33 9b 9f ec 27 45 80 02 cb a5 da 97 f4 a2 55 c6 49 5b b1 50 c4 fd 28 ad f0 d8 be bc b2 3c e9 72 36 4c a3 ac 62 38 9e 14 0a a4 99 6d 6b 74 79 90 67 c9 f0 5e ff 6a 68 af 06 d1 fb f1 74 9e 0c e1 64 9d ce ee d5 55 94 54 2d 30 36 e5 71 91 9f 35 ca ab e8 70 98 5e 5d 99 bb 2c 39 6b bc 66 98 3e 2b 8a bc 68 35 5f 64 b4 80 88 1b 97 65 72 72 5a 36 ca bc 61 e8 21 69 64 Data Ascii: y+WZ7O$imDl~6A@meO@1P{'pV*1uGE~'Ko^+m.N'ApW&G7C#hdA3'EUI[P(<r6Lb8mktyg^jhtdUT-06q5p^],9kf>+h5_derrZ6a!id
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 70 c7 8c 4a 33 71 bf c1 10 3d 44 af 73 2a cb 33 03 e1 7f 8b ca e2 3e 6a 3e 79 07 19 f5 99 96 fc 77 91 51 a6 37 5e 46 31 70 a8 bc 7f ba cf fe 74 9f 05 ee 33 43 23 ff 22 7d c5 cd bf c6 7d e2 1b 9c 48 d7 a5 95 f7 c5 65 37 74 15 a2 5d a4 88 73 cf 21 ee fb 9b 05 2e 3a 1c ae ed 64 a7 d8 ad 2a 70 e3 db 49 f1 f3 e6 71 b2 49 50 8f 5d 68 6e a6 54 50 ad 43 d6 bf cf 5a f9 4e ba 5b 29 1e b7 b9 bd 0c 94 99 77 7c 95 3d 91 21 b0 d8 6a ad fa 31 c7 15 be 5f df e9 b7 01 a7 2c d5 df fa 26 1e 44 2f e2 e5 e8 f3 78 25 7a 1e af 46 df c4 83 a4 bb 5e 85 16 7c 55 d5 68 96 c5 38 9b 4d c7 68 11 cd 4e d9 69 46 fd 76 b3 6a fa db 85 05 fb 91 16 0d 0b fe 5a 15 24 94 69 bb 23 51 46 55 33 bf 18 c6 68 75 a2 2c 7e 39 2e 8f 7b 27 e3 73 95 6a fb e3 ec e0 2c 3d 28 8f 5b ed ee f2 c3 ac bd b4 8c Data Ascii: pJ3q=Ds3>j>ywQ7^F1pt3C#"}}He7t]s!.:dpIqIP]hnTPCZN[)w\|=!j1_,&D/x%zF^\|Uh8MhNiFvjZ$i#QFU3hu,~9.{'sj,=([
2024-10-24 09:44:01 UTC	416	IN	Data Raw: dd aa fe 2f ab 12 5b 5b 55 d5 68 a9 e6 3f 02 f7 3d 6a 6e 6f 55 9a ac 5a bc 94 db f8 2f f0 b3 d2 ce 31 82 10 89 32 ce 33 62 f8 5a ee 59 d1 19 b4 51 6a 8a 64 fc ce 77 98 b9 7a cf 84 e6 ea 26 90 4b 01 72 98 d9 40 d4 04 13 6b 79 f5 45 ef b4 c8 cb 5c b0 16 7f 19 5c 87 a6 c4 e1 17 51 1e c4 bb aa 9d c8 da 64 c5 f3 a6 fc 92 25 14 de bc 34 42 fe 32 6e 48 f7 f4 04 55 6d 76 3a 45 7d 5b fa fb 87 9f 67 9d a5 36 0b 84 d3 80 d5 82 7b 23 53 9b 4d 08 a4 ec a1 91 27 e7 18 7d 9a 04 99 8a 39 39 d9 8e fb ba 5c 70 5d 4c e8 62 0d 0b 78 0d 23 4c 48 f7 0a 31 9b 7d 73 96 59 5b 33 21 97 0b 08 84 6d 33 59 7e 96 d5 08 44 f7 ba 5c 2a c9 d0 2b c5 0e 96 67 5a 9d 13 98 c3 ea a1 5a 11 12 6d 7d 63 5b c3 d6 72 5b 7d b7 c2 13 ef c5 08 fe a6 23 a1 2a a4 3b 5b 40 a9 19 96 6f e2 78 25 b0 7a 9f Data Ascii: /[[Uh?=jnoUZ/123bZYQjdwz&Kr@kyE\\Qd%4B2nHUmv:E}[g6{#SM'}99\p]Lbx#LH1}sY[3!m3Y~D\+gZZm}c[r[}#;[@ox%z
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 90 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 30 30 30 30 30 31 0d 0a 06 0d 0a 30 30 30 30 30 30 30 31 0d 0a 27 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 30 30 31 0d 0a da 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 32 66 66 35 0d 0a 98 4e db 19 12 dc b7 0b be 6d 8c 9a 7e ad 46 20 56 a4 6b be 5a 4f 85 3f d0 57 bb e6 fd 2f 00 25 08 09 20 62 9e 8a 95 a3 70 80 61 ec 80 d6 52 22 97 d3 eb 80 25 58 2c d4 8e 99 95 f1 97 15 53 c7 b6 4b 08 bc 23 f0 06 ab a4 4a 17 71 7a 47 12 6c c3 f1 ca 91 62 e5 97 79 52 5c bc d2 85 23 18 13 bb bd 6f 49 d6 77 d6 f6 Data Ascii: 00000001R0000000100000001`00000001/00000001W0000000100000001'00000001000000010000000100000001a002ff5Nm~F VkZO?W/% bpaR"%X,SK#JqzGlbyR\#oIw
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 08 16 9a 56 46 bf 96 c3 5f ca f6 82 b6 3e 15 43 83 f2 4f f1 ea 3d c5 1f 88 a9 02 f1 58 a1 e3 6f b7 80 76 a3 52 19 90 ca 8f b7 54 92 31 11 79 ba 10 ca cd 1b 4d 5a 7b eb a8 d9 c4 c9 57 81 f4 17 0f 74 2a 1e a8 e7 af 5f 7e 55 03 f9 cb 5b be ae ed 57 55 42 80 bf b8 a5 ca 1d 00 ae 1a bc 05 dc bf 7a 70 c5 56 f2 2a dd 47 db 39 82 39 33 b0 a1 93 3b d0 43 75 a0 02 92 2c 89 52 31 a3 74 5a 10 43 93 cf 67 b7 b6 12 6a a1 76 bc af 7d 47 8d 52 aa ee 06 5f c8 c4 87 be 80 5a 6d ff a5 89 9a cc 11 5f 82 3c f4 2a 19 f6 a1 4d a7 41 61 0d 38 c7 63 20 11 36 46 12 59 13 58 ad b4 16 22 c2 66 82 33 a5 4c 6c 09 80 20 30 a7 f6 08 51 89 ea 12 72 ec e4 16 58 ed e7 15 ae 1a b0 37 1a fc 88 46 54 68 e3 a6 db aa 34 da 5e 31 b5 54 7b 1a 25 d9 30 cb 24 9c b8 a2 47 a2 34 3c ee 84 06 aa 37 73 Data Ascii: VF_>CO=XovRT1yMZ{Wt_~U[WUBzpVG993;Cu,R1tZCgjv}GR_Zm_<*MAa8c 6FYX"f3Ll 0QrX7FTh4^1T{%0$G4<7s
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 32 71 16 bf df d9 17 5e d1 e9 ec 53 a3 bd 79 82 b0 96 c0 00 0c 92 ba 22 b2 d1 72 2d 83 30 24 cd 58 ba d1 db 43 11 22 04 74 4a fa 89 3d d9 84 10 c3 4f c8 4d 28 0f 2b 72 f0 83 20 20 8b 90 53 16 aa 85 b0 6f ea 8d 61 7e 1a fa 76 ea 35 83 8a c9 4a d3 bf d9 1e 65 ee d8 9c 28 13 55 73 56 d3 37 6a a2 82 a3 a0 11 77 6e 94 7c 47 79 66 93 85 65 90 d5 6c f6 8a 63 89 8f 3e 96 bd 9d e2 62 28 d0 1a 0d e7 91 3d 00 b8 e6 e5 81 b1 10 98 e0 3f bb 71 9b 78 38 93 98 4a 6b a5 68 fd 61 2d 2d 24 16 f2 dc 07 c3 0f 93 96 e4 fc 23 7e 7e 54 d8 1d 0e a9 df 0c 22 b1 c1 ba 99 22 e8 5d 65 4c 53 47 48 e2 b6 a5 b0 86 76 d7 6c 4b 29 9d 41 60 cf ca 21 b1 de ba eb 14 85 d5 52 76 15 1d 45 f4 9f d9 cf 84 62 46 16 14 32 90 04 e4 9a ca 5c ea 6f 4e b7 64 b6 4c fd ca 46 82 30 92 9d e9 2e 11 18 85 Data Ascii: 2q^Sy"r-0$XC"tJ=OM(+r Soa~v5Je(UsV7jwn\|Gyfelc>b(=?qx8Jkha--$#~~T""]eLSGHvlK)A`!RvEbF2\oNdLF0.
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: bb 29 71 f3 5c 8b 91 5d 92 07 76 e3 eb 61 89 18 8e 6f 37 2a e3 ed 35 6a f6 0e c2 d1 58 98 91 56 9c 91 70 96 c5 97 93 f1 a9 a4 6f e4 7c 87 e8 94 c4 6a e9 7b 2e 07 41 4c df 9e 82 26 1e 85 44 1c 2a cf 4c 9c 13 eb 6e 89 e1 c9 4f 5f 9c 9c 24 07 29 be 65 89 c9 19 1f 49 c2 09 d4 cc ca fc bd 4f 75 25 34 fc 6b 4c 53 bb 3d 2f 34 69 8b 27 50 c1 31 f9 db c2 dd 8b e7 5a d9 29 6a 26 c9 a5 f5 ee 60 b8 f1 cd 55 8b 1c 4e 20 e0 bc 27 93 21 45 dc 96 8e 25 06 09 a0 5f 8a 3d 5e 77 88 3c c9 e2 de a3 e8 55 16 0f 96 9e 64 d1 eb 2c 6e fe fc f3 ec 61 6b a7 d3 dd 1d fd fc f3 41 a7 2d b7 cd e8 5d ed 05 27 75 f0 ee e1 cf 3f f7 da 5a 88 fb 9d e4 b3 dd aa d2 c8 56 7b fa 7b ab 7d 62 3e f7 75 16 2f fd fd 3f 5a 3b fd ee e3 71 f7 70 f7 72 25 da b8 6a df 5f 8a be 67 07 3e a3 f8 5d 72 f4 d9 Data Ascii: )q\]vao75jXVpo\|j{.AL&DLnO_$)eIOu%4kLS=/4i'P1Z)j&`UN '!E%_=^w<Ud,nakA-]'u?ZV{{}b>u/?Z;qpr%j_g>]r
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 86 e7 c5 3c 59 7e 1c 65 e3 f7 e3 b7 b9 9b c7 4c c5 75 e8 96 87 10 0d 42 88 f9 8c d8 93 06 60 c5 6b 6b f2 40 54 48 99 93 2b 50 bd de 1d 70 52 d7 f0 51 7f 95 f3 3a 1f 63 b0 77 2c 19 d6 c6 84 37 f7 0a 3e 3c e1 f1 0a 82 d4 e1 76 75 85 99 cc d0 9f 92 ab c6 53 3a 53 6f 7d ed d1 80 f1 d5 c7 ca f2 61 b2 cb 4c 27 f3 a8 c2 d3 60 00 4b 65 2c b4 64 80 a6 d5 95 0d 58 cd 0a 8f 4f c7 17 63 7a 76 aa bd 5d e9 3f 7a 14 9d ca 9a f5 74 7e 78 28 8f e4 7f 14 4b 8a b9 f0 8b f5 0d d8 7e e4 e6 c6 fa a0 0f 0d 9d 4e 59 a7 22 a3 97 57 d7 57 a8 9c 9f c1 1c 1c dd 22 23 98 89 96 24 84 ca 1e 31 93 61 b9 09 18 b6 4f d7 d7 21 09 c4 af ed 3e a4 44 27 18 90 0b ab 0f 2c 23 53 d7 10 35 45 7e 31 36 f3 81 79 86 04 58 8b 66 84 f5 4c 61 df a2 36 30 ba cc 86 47 3c 13 8d 03 c0 57 69 67 63 99 fb ec Data Ascii: <Y~eLuB`kk@TH+PpRQ:cw,7><vuS:So}aL'`Ke,dXOczv]?zt~x(K~NY"WW"#$1aO!>D',#S5E~16yXfLa60G<Wigc
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 3c cc bb f3 f6 43 3e b6 da 5d 7f 98 73 cf 5d d2 69 0d b8 32 6f f5 49 d1 99 3f 64 64 d7 af 30 09 bf cc a2 6f 38 dd 5b 93 f1 fa a9 d6 b0 06 5e b1 42 13 80 26 94 a8 ac 2b 30 0e 2b db 53 d7 b2 b8 06 a6 68 ef 84 ec 2f d4 ac 6a ef 71 65 26 e7 c3 cf 33 31 65 9c a8 be 55 bb d9 f0 ae 80 85 4d f9 4a 1b 12 de 60 ef 66 81 67 d4 f1 8a 86 4c 51 98 ad d7 eb 66 d3 aa c6 77 47 fb c3 e7 70 70 cb 37 b8 26 69 1d a8 f8 25 8b 7e cd 22 2c dd e0 e4 12 73 0c 6b 6d f6 c8 54 48 31 69 7f 84 db be ca 0c f7 63 95 d1 7a 45 4b 95 a4 53 06 cf e8 28 ba 8e dc c5 be bb 70 4c 40 fc 6a c5 bb 5b 5a 7f 12 b4 8e 39 fc 8f b4 ae dc c0 c9 65 81 45 1d f1 27 a7 15 56 ad 20 14 86 6a 84 52 e4 2e 09 a7 74 97 fb ed e8 ba e0 11 97 e0 82 01 ef f6 d6 b6 8c b7 8a 50 3b d3 e2 16 d4 df 5b 7b f0 a0 7a e5 36 01 Data Ascii: <C>]s]i2oI?dd0o8[^B&+0+Sh/jqe&31eUMJ`fgLQfwGpp7&i%~",skmTH1iczEKS(pL@j[Z9eE'V jR.tP;[{z6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
85	192.168.2.16	49849	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:01 UTC	676	OUT	GET /gui/58686.e43f75fcd3216c74cafe.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:01 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: bc4895817618010c4a4392a5e306f6b1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:11:03 GMT Expires: Sat, 18 Oct 2025 13:11:03 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 505978 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:01 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 66 66 34 0d 0a e9 7a 1b c7 d1 ee ff 73 15 63 38 51 00 67 30 02 c0 1d 34 a4 c8 5a 2c c5 5a 1c 91 76 16 45 0f 3c 00 1a c4 58 00 06 99 19 88 a2 21 dc d8 f7 f3 bb b2 ef ad aa ee 9e 9e 05 24 25 db 67 79 9e 63 26 14 d8 6b 75 55 75 6d 5d dd 68 ac 53 e5 a5 59 12 8d b3 c6 69 33 55 f3 69 70 a9 46 ab 70 fc ee Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000001000001}0ff4zsc8Qg04Z,ZvE<X!$%gyc&kuUum]hSYi3UipFp
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: fa e9 3d fa 00 18 c1 34 7d fe d0 6a 7d fc 98 b4 0c a5 50 7f e7 4e 72 e7 8e 5e e5 44 4d a3 a5 32 ab d4 fd fc 64 cb bc 3e cb 06 e3 79 98 a6 1e 68 a2 96 93 d4 1b 06 d9 78 c3 72 34 59 8f 09 17 ad 4d ba 06 7e 9a 41 10 58 9e 68 f9 c4 25 41 84 76 83 ab 60 1a cd 59 0a ea c2 f4 75 7c f9 48 61 23 a9 07 e0 f4 f7 6a f0 45 57 6a c6 f1 ea ea 3c 8e e7 59 b4 3a c7 74 83 c6 43 14 78 67 4f 1f f4 0e 0e bd 2c f6 c6 f3 68 35 8a c3 64 02 b2 d3 f0 e0 be 28 bb 3a 07 de 07 0d 9a a3 50 fc 43 32 2f 94 46 e9 a3 f8 72 39 8f c3 49 b4 bc 78 82 d6 98 76 9b 66 90 fe 63 0f 74 86 ea ba 9a ab 14 ab 11 76 7e d3 ec f8 69 b0 5e a6 e1 54 3d 3c 3b 6b 35 df d0 c2 03 69 e5 bf 0b 1e f8 7f 08 1e bc 6d bd dd ae 57 13 50 72 42 0c 9a 05 b3 30 6d 36 04 ac 06 51 85 c1 1c a6 cb 68 b5 52 59 fa 70 16 2e 2f Data Ascii: =4}j}PNr^DM2d>yhxr4YM~AXh%Av`Yu\|Ha#jEWj<Y:tCxgO,h5d(:PC2/Fr9Ixvfctv~i^T=<;k5imWPrB0m6QhRYp./
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 48 a5 15 9b 51 54 ec 2a 5e 89 b2 34 6e 8f d6 ad ba fc 26 d5 9b 6b e6 2c 5e d5 aa e5 73 6c 7e 31 e2 27 b1 4a 89 d4 6c 4d 92 99 41 80 26 e2 5f 18 0b 73 0d e7 e4 ca 33 46 32 bc 48 04 3c 3c 6d ec b3 7f d1 30 d6 82 de 68 55 75 5f 10 7b 05 3b 83 d0 50 6b ee 97 50 a1 db fc d6 98 60 5f 27 05 0e 92 f5 d2 83 cd 41 7b d3 43 b4 e7 4f 99 b7 4a e2 f7 d1 44 59 af c0 c1 cc a7 2e d8 58 1d 4c f8 1d 3b 92 69 a5 4d 37 c1 63 a1 e1 0d f6 54 11 c1 7a 3e 63 98 68 f5 52 76 94 3f 7e 74 24 4d d5 53 fe f8 91 c2 39 5f 0c 06 4d ed 56 ea 61 aa db 07 7e ba c4 8f d0 18 8e a4 d3 2d d0 e6 fd 90 90 57 6a 96 05 9a bd ef 37 1a fd 06 bc 05 d2 30 c5 c0 44 c5 b7 bf 35 c8 da c7 bc 15 c8 b0 66 0c c8 6a a0 76 82 8c 66 ca 82 cc 98 1b a6 30 b6 be 97 cd da af 68 8d 05 9c e9 52 ac db 37 f3 68 77 52 c0 Data Ascii: HQT*^4n&k,^sl~1'JlMA&_s3F2H<<m0hUu_{;PkP`_'A{COJDY.XL;iM7cTz>chRv?~t$MS9_MVa~-Wj70D5fjvf0hR7hwR
2024-10-24 09:44:01 UTC	372	IN	Data Raw: 76 9f ab 76 4b 5d d3 7a 2b 06 6c 14 8d 23 1c 46 69 d1 e0 f8 ef 86 8c fa f4 02 44 a8 61 ac b3 e8 97 92 4c 48 b9 c4 d9 2c 2f d1 f3 a5 90 cf 11 e3 05 5b d9 ca 74 a7 81 15 03 15 29 ac e5 c2 90 66 72 ad b8 8b e0 f2 04 b1 8a 05 ac f6 5f 10 c1 9f 2b 02 ae 80 5e ea 61 c5 60 91 3d 9f 44 09 b2 f8 52 58 13 60 4f fa 87 75 e5 54 0a 9c d5 fc 80 d5 fc 20 ab 59 cf 41 db 79 84 5f cc fa 8e 04 ab 2b b9 cb 2d ef a2 13 e4 1b 83 4a 8c 10 2d d4 ab e4 11 ce da 0b 70 4e 09 98 21 5b 35 69 8a 13 c5 21 ec 74 85 5d 83 df f0 51 3e af 73 86 a9 1a b4 78 9c 2b f2 31 b9 13 ed 45 30 96 0d 2d ed 15 21 c9 a4 e1 06 9f 79 fa 52 9b 1a b1 f6 f1 63 83 26 01 67 2e 56 37 b7 86 e5 5c c3 4f cf c1 e4 15 2a 20 69 89 c8 e2 50 e1 1b 50 e1 9b df 9b 0a bc 8b 3e 93 08 f5 7d 0d 0d 7e 47 22 88 27 22 bc fd 82 Data Ascii: vvK]z+l#FiDaLH,/[t)fr_+^a`=DRX`OuT YAy_+-J-pN![5i!t]Q>sx+1E0-!yRc&g.V7\O* iPP>}~G"'"
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a fc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 96 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 24 0d 0a 30 30 30 30 30 30 30 31 0d 0a e0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 20 0d 0a 30 30 30 30 30 30 30 31 0d 0a 34 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 18 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 30 31 66 62 66 0d 0a a5 54 88 21 8d e6 c6 3a 39 32 9b 84 97 c3 c5 e4 c0 8d 5b fc 0b 43 fe 4b 56 0e 99 65 6c 78 86 25 85 2a 98 33 80 ec de b7 69 5c fe 93 82 17 8e 5c 2e 09 ee af a3 c5 85 97 26 e3 41 63 96 65 ab b4 7f f7 2e 32 5a 12 d8 2e c1 45 1c 5f cc 55 Data Ascii: 0000000100000001000000010000000100000001$0000000100000001 00000001400000001L00000001000000010000000100000001001fbfT!:92[CKVelx%*3i\\.&Ace.2Z.E_U
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 8f b5 f3 e4 87 ca 74 1d a4 66 0a 6e 60 46 07 e7 d5 1f fd db d5 d4 8e 81 9b c1 b4 14 33 ca 2e 18 01 41 6d f7 02 08 04 c1 eb da db 5c 9a 9b ea c7 b8 3d a2 34 b0 ec 38 ec 82 94 80 c8 c5 38 1f 5d ba 27 ba 37 62 23 17 d3 72 c2 ba 6b 1e c0 b2 5c 2f 46 08 23 d9 cb d6 b5 34 2a 8f 07 01 e1 9c d3 3a 1b 10 12 e4 2b ec ce 9a d3 5a a7 11 0c 94 f8 49 f4 01 d7 76 7b a4 b9 34 ef ce 90 16 a7 33 15 a8 ad 71 17 a3 8b 0b 95 68 fe 86 25 82 bc 8e e6 4f 38 1c ee e3 a0 13 16 10 a7 0f 04 24 52 b6 8d 9f f2 c1 dc b4 87 9b 06 e3 81 8a 76 42 84 5b b8 09 5d 88 92 41 71 2b a0 0a 84 01 f1 06 cb 45 af 8e ee 78 00 f4 82 fd e2 5e 5e 74 ee 34 ca 9a c8 80 68 6d f9 3e 00 92 f0 28 f7 80 95 b9 9a 38 28 e2 9b 24 46 fa bb 09 a2 26 91 82 ba 61 53 e0 7a 82 c1 d4 02 08 33 ec fe 6c 02 3a 9c 61 71 9c Data Ascii: tfn`F3.Am\=488]'7b#rk\/F#4*:+ZIv{43qh%O8$RvB[]Aq+Ex^^t4hm>(8($F&aSz3l:aq
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 71 76 ac ef 5d ce a2 f1 8c cc 3d 5c 1a 99 23 e9 cb ec 5d 2b ca 4a 5b 17 bb d3 62 bd d6 81 cc 61 69 f8 88 70 e1 bd 0f 15 cc 43 24 94 51 ec 89 fe 25 c7 03 c5 9a 5c 0f e3 05 ee 5f b9 ba c5 5f d6 68 97 84 08 96 e4 da 05 c2 c2 11 1d 95 07 19 2a 72 fa 77 56 24 8e be b3 ca 22 f7 59 38 cd d5 64 11 b8 99 00 e6 ac fc 66 19 84 3d 8d 50 ab f6 13 44 42 51 f8 f1 a9 4e da 85 bf 8d 30 2f 3d 0b c3 32 4d fc 53 77 9f e9 7b 12 78 ee 10 ad f0 4b 53 82 ff 5a de 9f 90 83 26 cf 87 bd 8c 27 fa 31 4d b9 b0 85 40 ba 9b 19 59 da 5d 11 88 d5 a7 14 25 fd 12 12 05 83 5c 3f 2b 24 b2 85 ff a7 f7 59 8d a6 ca 41 de bd 05 a0 c5 c4 90 30 79 11 5a 44 90 fb 66 f7 80 46 a5 f3 b2 86 e1 6c 1b 0a cc 99 bb 86 b1 e7 84 21 e4 f4 19 b3 a9 c4 d8 da 23 9d b4 f1 8e e1 87 eb ad 86 df d9 60 02 8b 7f 0a 6c Data Ascii: qv]=\#]+J[baipC$Q%\__h*rwV$"Y8df=PDBQN0/=2MSw{xKSZ&'1M@Y]%\?+$YA0yZDfFl!#`l
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: 30 33 12 44 fb 9e e0 97 28 57 b8 2b a3 2d c0 5c 5a 93 c6 fe 94 bd af a5 a3 0c 5a d8 31 85 79 64 51 2e 26 6f 66 69 bb 2f 2b 50 7b 01 27 38 c8 a0 d7 0b 08 ad 78 34 63 e7 08 2b 42 c7 27 f1 d6 b3 11 30 b5 04 a9 99 1c f2 89 ee 8a 79 b9 a8 f2 cb 78 c5 d1 9a 6e b4 b1 ca af 02 83 23 53 cc 03 b4 c5 db 2a b2 40 8d 62 21 a3 bb 02 be 24 57 90 e8 9a 8e ae 24 26 ef 47 24 b1 15 f7 56 c4 d7 ca 66 2b 7f db b9 80 d6 56 15 c5 f3 78 3d 65 7e b1 96 88 56 f6 d6 0a a3 77 ab c1 15 d0 2f 62 51 5b 6b bd 6a 4d df 1a 18 c2 2c 3c c8 b6 4e 46 77 91 d4 f7 f6 31 15 94 b4 f9 bf 16 40 68 0e 4b 9f 3c 6b 6d eb ba e6 af 0c 60 bd 01 23 82 2b 7d c4 6f 32 46 1c e3 41 7b 6a 6d 8e f2 a7 7d 0f 09 12 98 d1 33 de 00 56 2e 00 fc f7 7f 79 fa 2e bc 03 43 71 3c d8 93 74 6c c7 c3 5e 03 8b e4 ab d0 b1 4f Data Ascii: 03D(W+-\ZZ1ydQ.&ofi/+P{'8x4c+B'0yxn#S*@b!$W$&G$Vf+Vx=e~Vw/bQ[kjM,<NFw1@hK<km`#+}o2FA{jm}3V.y.Cq<tl^O
2024-10-24 09:44:01 UTC	1408	IN	Data Raw: ae 99 5b 10 50 e8 3c 9e e2 c7 70 04 16 ef 56 ba 1b d0 2e 5c 8e 7f c4 e4 c7 f0 27 93 d1 f1 d4 2c cd 04 96 b5 db a0 1d 03 42 51 8f 7e 4a 08 28 8d 34 ea 4c d4 48 8b 2a 41 42 a9 c1 c9 c9 38 9c ea 85 5a 44 94 da 4c 0f c6 47 27 9a f5 0c 32 4a 4d d4 71 78 14 ea dd a3 11 52 6a e1 8a 29 e6 08 1d 4b b1 8b 76 45 90 98 49 bc 8d 7a 07 d8 5e e6 97 2c 96 05 ac dd 9f d8 a2 1a 55 62 7b e2 74 13 c1 df 24 42 f4 b7 21 d9 3a de 19 ca e8 1b 54 1b be f7 3a 46 0c 2d 36 ff 3e 4a c2 69 e6 7b 4f 15 be b2 95 4c 66 df 7b 90 c0 f4 f7 f1 d6 b2 19 45 a6 e4 a1 ed 31 6d 3e f2 43 64 58 e9 91 6d ad f4 b8 48 f0 7d 98 f0 a1 61 74 e2 8c 29 4c da a6 a0 89 28 c7 44 5d f8 1e 96 17 e2 ab 78 9d e5 61 25 41 17 5f f8 5b 5f 85 ac 08 d1 92 94 47 cd 00 d5 9f 26 e7 b0 57 3a 70 30 af 4b 76 79 69 24 73 c4 Data Ascii: [P<pV.\',BQ~J(4LH*AB8ZDLG'2JMqxRj)KvEIz^,Ub{t$B!:T:F-6>Ji{OLf{E1m>CdXmH}at)L(D]xa%A_[_G&W:p0Kvyi$s
2024-10-24 09:44:01 UTC	1266	IN	Data Raw: 0d f7 be da 30 44 e9 0c a6 c9 3b 08 05 31 4e f8 58 29 0f eb f3 9f 46 a5 ca 29 09 0f 5d 06 f5 43 eb ab 00 46 88 69 99 c3 b0 a3 a1 b3 fa 72 8b ab d6 f6 2f ef d4 d5 34 a1 87 2e e8 6b 33 11 52 4d d3 f6 08 9b 17 c1 e9 68 a5 d2 4d e7 8f 9b 3c 81 c2 7e 7f 29 28 c1 ca 7c 8b 87 49 62 bc 36 b6 12 32 99 6f 18 47 ca ec 84 72 f6 e1 28 69 56 32 35 f9 72 3d 87 fe a6 d6 ac 09 5d 5d 13 ba 5c 4d 04 77 0d 70 53 2f 2b ed 7b c2 6f a6 34 57 4b 1d b2 1c 2c f7 98 7a 51 bc b9 9d a0 1d 5e 6d 51 9b 56 e4 b0 58 f4 e5 6e 74 b9 55 41 c3 ba 1d 1c cd 5b ea e3 98 a2 da f3 35 73 f2 65 cc dc 92 3d ae 80 2e 0d cc c1 4f 27 d8 a7 16 bf 40 07 11 f6 2d b4 66 38 a1 4a eb d4 6c 15 39 71 d1 48 ab b4 96 f2 56 41 d3 db 46 82 53 1b 81 d1 ad 8c 92 c3 b7 d0 ce a5 9f b6 e7 28 66 e1 da 02 14 a8 60 03 40 Data Ascii: 0D;1NX)F)]CFir/4.k3RMhM<~)(\|Ib62oGr(iV25r=]]\MwpS/+{o4WK,zQ^mQVXntUA[5se=.O'@-f8Jl9qHVAFS(f`@

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
86	192.168.2.16	49853	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/34894.ada184a092746870eefc.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 0f1c8482986af67dfa39f955e1096748 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:12 GMT Expires: Sat, 18 Oct 2025 08:45:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521930 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a dc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 48 0d 0a 30 30 30 30 30 30 30 31 0d 0a 72 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7e 0d 0a 30 31 0d 0a cf 0d 0a 30 66 65 64 0d 0a af 80 11 1f 2d b0 03 40 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001[00000001[00000001w0000000100000001H00000001r00000001~010fed-@
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 0a 68 c9 a3 a5 95 20 8f 27 60 96 fd 21 9e f2 81 87 07 fb 5c 48 7e 3c 52 c2 35 2c 8b 09 d0 0c ed b7 e5 68 36 81 b1 a9 f4 c6 cd ff 74 8e c2 cf e9 c3 a9 9b 4b 3c ed 3d 74 5f 3d 6c 6f b9 78 3c ce e2 c9 54 24 ae 82 f0 72 33 90 b0 59 b8 d7 23 45 4d 78 53 a4 89 d5 59 67 8a 3b 57 9c cb c5 ad 75 01 46 9c 94 25 ee dc 3e cd 71 a5 38 11 4b 29 26 53 69 c9 c2 4a 00 90 0c e5 ac 14 56 5e e4 3e 8b 24 6c 9f 95 82 d6 38 1f 88 e0 4b 7e 9a 5b 45 99 88 92 f6 f7 f1 86 a4 18 5b 3c 3e 10 93 e2 58 05 4b 5c 65 4d 60 84 ad 71 7c 23 ac d8 5a 93 7a c7 b5 26 42 8e 8b 24 b0 dd 85 e3 2e 8c 52 59 8a 9a 39 6b 00 84 ec e1 41 1c 4a 2d 74 24 90 02 9c 56 22 e8 1e 90 ec 2a f5 eb 78 65 a4 b4 15 52 99 bf 11 07 f9 4f 3f b9 e5 65 7e 15 49 fc a1 af d0 2a 17 b4 fb 2c 32 df 52 0e c5 2b 95 96 41 c7 a2 Data Ascii: h '`!\H~<R5,h6tK<=t_=lox<T$r3Y#EMxSYg;WuF%>q8K)&SiJV^>$l8K~[E[<>XK\eM`q\|#Zz&B$.RY9kAJ-t$V"xeRO?e~I,2R+A
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 46 14 0a f9 fd b8 6c b4 c9 ac 5a ca 3f d5 ec 98 c4 35 6b 08 7f c8 4d 0c 96 28 0d 34 67 0c 37 2c 68 cd 63 74 2c e3 ed 3d 8a 36 b3 49 e5 6a 94 57 ce 82 df 3e 07 83 59 09 f1 90 9f 2b 48 76 8b 15 c8 83 72 04 12 aa 7e f0 76 80 50 6d c9 2b f5 41 74 7f 95 e8 6a d6 a7 40 b9 2f 4a 36 a0 64 af c8 3e 19 cb d5 36 e2 f5 4e 9f bd 8e 7d 78 5e af 54 66 bf 32 78 4c 6e 0b b2 8a 3a 97 28 29 9f bd d8 b2 91 82 32 2a 21 4c 19 19 e6 1e 25 6a 6d a2 b1 ad d4 c9 41 fb 86 ef 40 ec dd 2a b1 d3 7b bf 63 4d ef fc 5d 6b 42 7f b4 30 b4 8a 1b 51 0e b3 e2 d6 1f a7 49 22 f2 e6 fe f5 77 7d fa ae b1 a1 93 ca 8f 67 b2 80 15 55 fe ba 16 0a 59 c8 38 fb a4 30 fd 15 07 ea 17 1a 0a ad bd 4f 2b c4 8f c4 64 bb 16 98 f6 47 8c d0 80 89 54 34 60 49 e6 e8 d0 33 66 ad 78 9c 77 2d 1b 57 18 1b 57 40 7b 10 Data Ascii: FlZ?5kM(4g7,hct,=6IjW>Y+Hvr~vPm+Atj@/J6d>6N}x^Tf2xLn:()2!L%jmA@{cM]kB0QI"w}gUY80O+dGT4`I3fxw-WW@{
2024-10-24 09:44:02 UTC	452	IN	Data Raw: 70 d7 4d 22 d1 74 c7 75 d8 cd 39 a2 97 37 cd b2 3a fa 45 09 5e 83 77 1c 43 03 03 66 9c 71 0f 41 3c 9d 66 f7 dc 22 6b 7a f1 31 7d ab e7 a4 aa ea ed 55 9e 4d d7 8b f4 af 85 0f 27 36 4b 7b 58 ca 79 53 ec e8 c0 03 a9 c2 02 d9 17 9a 95 d6 71 34 ff 56 61 e6 02 fd 28 35 2f 61 a1 0c 69 9d 16 c7 95 15 57 d6 9f cf cf 7e b3 bd 41 75 f3 c4 fb e3 f3 bf a2 c7 24 d3 bb 27 de 9f 5f 9c fe 0d fd 21 43 a2 75 4a 14 90 29 17 0d 53 4c a2 ba d5 aa 98 d4 1d a2 cb ad ab a3 f6 8f f0 58 f3 d0 a9 57 cd f9 ee a3 e7 bb ed f3 dd ab f0 d2 26 72 6d cf 06 51 f8 93 70 b7 31 5d c3 e9 65 1e 1d 3a 73 f8 4c 2a ed 87 d2 2b d8 83 86 b9 97 c5 7d 0c 7b 08 24 74 10 7d 4e b3 6a 82 2e 88 20 c5 49 4e 65 a8 ec 8f 1b 47 52 a3 72 5a 4a 80 a0 c4 28 69 62 13 14 19 56 10 33 29 08 2e 21 8e dc 09 27 ef fc 6f Data Ascii: pM"tu97:E^wCfqA<f"kz1}UM'6K{XySq4Va(5/aiW~Au$'_!CuJ)SLXW&rmQp1]e:sL*+}{$t}Nj. INeGRrZJ(ibV3).!'o
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 10 0d 0a 30 30 30 30 30 30 30 31 0d 0a fe 0d 0a 30 30 30 30 30 30 30 31 0d 0a 53 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a c5 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a ad 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 31 0d 0a f4 0d 0a 36 62 39 0d 0a 89 13 94 e9 51 0e 58 65 05 8a 4b c0 71 34 12 ad 22 26 aa a6 b2 50 30 78 b7 49 5b 12 24 23 3e 8a 9e f7 Data Ascii: 00000001k0000000100000001O000000010000000100000001S00000001000000010000000100000001\|000000010000000100000001}0000000100000001R00000001W0016b9QXeKq4"&P0xI[$#>
2024-10-24 09:44:02 UTC	536	IN	Data Raw: 57 92 3c 4c cb 5a ee 15 31 4a 03 b5 2e f9 5b 4a 31 bf 0f 76 4e d2 aa cf 2d 2b 9b 65 ad 31 bf be df 36 4c 6e 02 e9 c1 bb a7 ae 71 55 7a 20 a7 b3 89 ba be 96 b0 91 a7 70 48 0a 2d df a2 eb c4 5f 64 4b 8c 3d d2 72 1c 2c 7d 10 8d 4a 9a f8 53 1f be 1d 43 10 7d 16 91 10 4d bc db 32 9e b2 88 b0 ce 98 b9 86 d0 12 59 86 1e 60 5a f1 bb 66 59 cd 3b f0 22 6b a5 1a f3 c1 d5 06 db 68 58 61 fd 49 aa 03 1a 86 5a a1 dd e8 b4 85 0c 2c 97 da 02 70 bf 71 4d 1b 96 09 62 58 3c 4e c7 60 2b 4b 8e 15 e8 76 42 8a 06 82 46 c8 34 53 e7 4b ce a1 56 ef a7 ef 10 88 ad e8 74 eb 56 6a d1 ec f0 15 30 53 78 3b 5c cb 2d 58 c2 0b 18 be 59 d1 71 88 52 9a 1b db d1 b8 00 cc 5d 20 2b 50 54 68 59 53 33 93 c6 79 10 67 4d 63 93 54 3c 5f b7 d5 f1 10 30 14 08 ed 42 42 eb 0f 0f 7f 60 44 96 9d 88 f1 47 Data Ascii: W<LZ1J.[J1vN-+e16LnqUz pH-_dK=r,}JSC}M2Y`ZfY;"khXaIZ,pqMbX<N`+KvBF4SKVtVj0Sx;\-XYqR] +PThYS3ygMcT<_0BB`DG
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
87	192.168.2.16	49851	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	1004	OUT	POST /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/submissions/add HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Content-Length: 192 sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTg0MzgyODcyNDQtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQxLjE3Mw== sec-ch-ua-platform: "Windows" Origin: https://www.virustotal.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	192	OUT	Data Raw: 7b 22 64 61 74 61 22 3a 7b 22 6e 61 6d 65 22 3a 22 75 70 64 61 74 65 70 6c 61 74 66 6f 72 6d 2e 61 6d 64 36 34 66 72 65 5f 64 33 66 36 66 38 33 30 30 38 35 35 65 35 36 62 38 65 64 30 30 64 61 36 64 61 63 35 35 61 33 63 34 63 62 66 38 63 32 30 2e 65 78 65 22 2c 22 75 69 64 22 3a 22 30 61 31 33 37 30 61 31 34 32 39 38 61 30 30 30 34 65 33 66 37 32 65 62 62 35 31 38 35 35 33 66 37 64 31 31 37 32 65 61 37 61 31 31 32 64 66 33 61 36 30 32 31 63 31 61 31 36 66 37 36 35 62 61 22 2c 22 63 68 61 6c 6c 65 6e 67 65 22 3a 22 33 62 6b 56 59 48 4a 4d 54 41 41 43 61 4a 65 43 22 7d 7d Data Ascii: {"data":{"name":"updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe","uid":"0a1370a14298a0004e3f72ebb518553f7d1172ea7a112df3a6021c1a16f765ba","challenge":"3bkVYHJMTAACaJeC"}}
2024-10-24 09:44:03 UTC	863	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 2117dc2e40036260ab6309db011d7cf5 Date: Thu, 24 Oct 2024 09:44:03 GMT Server: Google Frontend Content-Length: 0 Expires: Thu, 24 Oct 2024 09:44:03 GMT Cache-Control: private Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
88	192.168.2.16	49852	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/70520.2084d2d63c64ac00d8ff.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d3f05a4cc63b9680b0f47075b54c46c8 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:44:51 GMT Expires: Sat, 18 Oct 2025 09:44:51 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518351 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 37 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a fe 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7e 0d 0a 30 30 30 30 30 66 65 64 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001]00000001m00000001s00000001000000017000000010000000100000001~00000fed
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 19 06 52 61 e5 3a e7 56 96 94 e4 de f6 96 1d 32 e9 29 29 e0 c0 36 98 ae c6 d8 c2 a6 e0 b9 e5 66 95 41 76 66 2b 48 63 1a be 0a 25 65 f0 74 79 93 4e a7 18 5a 4b 77 57 d7 39 6c d7 a2 41 97 57 33 b6 a7 8f 8f 9c f6 cb cd 66 35 5d 00 73 1b 5d 1e 07 9c c9 99 62 86 7c a6 44 4b 3e 4a e9 68 9a 7e 37 4d 27 c5 c3 1a 4b 64 ec f9 02 01 50 d1 a8 4b ec f9 55 55 60 df e3 07 af f0 4d 0a 01 91 e5 38 96 67 fc fb 34 1f 96 96 0b a6 4d 2e 70 62 22 3c b7 70 1e 2d d7 49 76 bb 1a 67 53 9d d2 e6 d1 d6 d5 e7 b6 c8 37 eb dd bb bd a4 c5 d9 ab 79 99 16 e3 e4 16 1b 6f 9f 5e eb a4 2c b1 c9 f6 18 0f 08 03 26 ff fc 7c 72 0e a6 f9 fd 6a 91 27 cc 6f 3b 13 57 77 da 7f 60 41 df e7 91 ba f7 c4 2c b3 72 b2 d7 9a 49 87 fd 07 e7 fa ed 35 30 ee b5 f7 a0 b0 c5 f2 87 bd 46 65 7b ec 3f ac f4 13 64 42 Data Ascii: Ra:V2))6fAvf+Hc%etyNZKwW9lAW3f5]s]b\|DK>Jh~7M'KdPKUU`M8g4M.pb"<p-IvgS7yo^,&\|rj'o;Ww`A,rI50Fe{?dB
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: f7 d3 88 44 5c ef 70 51 74 a6 b3 d2 0b 8b 74 b5 11 27 ba 92 56 1f 81 64 67 07 6e 26 2d 00 7b 66 f0 14 38 47 b1 52 02 a9 1e c2 d2 8a 35 82 b5 d9 64 5c 6e 20 51 9d bb 43 2b ab c5 74 0c fe 2c 9d 84 d0 0a e0 80 f2 d7 94 a5 19 34 ac 69 06 f1 68 83 34 4d ca 25 e8 d1 2c 2f 52 c4 e6 0a 18 7d b4 0d dc 09 a5 13 4d 2b b6 e0 20 93 57 45 f1 80 32 03 f9 f0 d8 37 01 ba 11 b7 d4 4d 12 8a 6b 4e e0 b7 6e ab a4 89 ed ae 5e 7e ea ae 83 73 ad 13 6c 99 6f c1 19 f8 30 e8 07 d6 11 4e 1e 9a 45 10 03 dd 92 77 94 0e 52 57 81 5a 30 b1 50 da 68 3d 36 3c ed d2 21 6e eb a4 9f 56 70 fc af 16 72 f0 f1 21 dc 53 9f ca da 2c 19 d0 34 db 50 da 78 91 53 5c 08 c1 54 1b a6 96 5a 98 90 9c 87 40 10 5a 0e 1b ad 2e c7 55 5e 77 44 43 b2 e0 ec aa b7 74 4b 4a 87 a6 87 bf 41 6a 02 23 ef 7e e5 89 77 2d Data Ascii: D\pQtt'Vdgn&-{f8GR5d\n QC+t,4ih4M%,/R}M+ WE27MkNn^~slo0NEwRWZ0Ph=6<!nVpr!S,4PxS\TZ@Z.U^wDCtKJAj#~w-
2024-10-24 09:44:02 UTC	462	IN	Data Raw: a6 88 6d 66 47 cc 5e 88 09 e4 15 c6 02 c4 5e 90 22 c0 4b ce 7a 41 fb 15 30 32 30 8b d0 e6 79 44 6c 76 26 19 22 46 b2 3f 76 9f 44 db 0f 03 71 81 10 95 2b 36 ac 12 8d 4a 42 2e 38 05 51 0e 33 9e b2 5c 68 29 67 45 be 34 1a 68 30 9b 92 bc 34 34 f0 13 04 7a af 11 e8 dd 63 7a b5 8b 13 91 ec 2c f2 29 24 21 9d ac e0 6c 0c 68 23 91 8f 52 ab 9b fd be a4 59 5c 3e 51 bc 2b 7c 82 42 ea 98 5b bd ea df 7b f2 18 df 28 90 56 1a 9c e2 48 6b 34 79 c7 5c 68 e7 0e fb 11 53 dc ea a6 a4 51 52 3a 9d c8 c5 f7 1c 07 36 d2 19 93 a1 18 1a e1 2f 6f e0 af 7a c7 75 f5 73 11 7a 10 48 02 d4 a8 5b c2 69 01 ee 21 05 ff 49 b3 d4 20 f2 1e 8c 69 47 eb 40 8c 6c 1c da 61 a7 6d 6a 03 74 01 52 de be 1c 8c fe 02 b4 22 03 28 fc e7 f0 e1 06 a5 17 ed 0b 50 9e 5d 19 4b 2e b7 79 e6 3c 43 a5 86 b5 a0 32 Data Ascii: mfG^^"KzA020yDlv&"F?vDq+6JB.8Q3\h)gE4h044zcz,)$!lh#RY\>Q+\|B[{(VHk4y\hSQR:6/ozuszH[i!I iG@lamjtR"(P]K.y<C2
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 32 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a a0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a 35 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a f0 0d 0a 30 30 30 30 30 30 30 31 0d 0a d3 0d 0a 30 30 30 30 30 31 0d 0a 7d 0d 0a 63 64 36 0d 0a b6 af 86 97 80 01 5f 74 e9 2a c0 47 62 be 34 b6 85 b9 cf aa b9 55 a6 fc b9 fc 49 6e 6d c9 65 3a 00 84 e3 54 2d 09 1b 28 8e a7 11 16 Data Ascii: 00000001Z00000001000000019000000010000000120000000100000001\|0000000100000001>0000000100000001000000015000000010000000100000001000001}cd6_t*Gb4UInme:T-(
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: ce 57 f9 32 df 94 e6 ea 01 97 6a 96 e6 9c 03 f6 db 78 a8 5e 08 cf 1f 7d 7c 75 ce 08 34 4f 39 c0 f2 9e 72 97 35 03 a7 89 12 dc 47 67 39 ce 1d 5d 58 a7 cf 74 e0 32 0c 11 08 5d f2 73 80 8f 53 0b 0a 5c 5b db 7b 18 d2 f3 81 20 63 0f 70 f2 74 00 d9 a7 87 b4 45 6e 65 8e 0d bf 51 e3 54 a3 21 f5 35 c7 0e 0a 72 ad 77 80 f2 53 2b 94 9f 1c 14 a4 66 ef 00 65 d8 0a 65 08 28 9d 6f c4 89 08 be ce d7 d8 0e e4 a4 37 74 e1 92 9e 8f 8b 24 72 13 06 f7 b4 22 dc eb 4f c5 2d 7d a3 cb b3 82 f6 02 53 45 ef e8 90 5e 07 89 19 75 d3 5a 6c 22 72 e2 5a 6f b2 be 16 62 10 e2 a6 57 f5 50 43 22 90 58 bc f9 ac 9c a0 b9 b2 ee 65 58 e4 fc dc 5c 84 07 e9 79 d5 32 59 13 8f aa 23 da b5 04 2f 78 ae f1 e8 5d 39 81 1e fa ce 8f 2f 8f d5 a2 88 d0 fc 95 ab d8 43 cf 19 b8 24 0d 95 e7 6b 8f 10 54 9e db Data Ascii: W2jx^}\|u4O9r5Gg9]Xt2]sS\[{ cptEneQT!5rwS+fee(o7t$r"O-}SE^uZl"rZobWPC"XeX\y2Y#/x]9/C$kT
2024-10-24 09:44:02 UTC	683	IN	Data Raw: 3f 44 da d8 29 21 ec fd 66 c3 07 fd 95 26 05 04 f8 fb a5 41 1d 55 46 12 cd 1d d4 f5 32 7d 7d c2 e2 4d 13 10 b6 c7 9e f9 2a 94 4d dd db f1 96 95 df 1e d3 9d 32 a4 85 06 f1 b5 11 8a a1 37 4f d5 e5 b4 93 7e e9 3f 33 6f a1 23 6f 02 cb 02 65 3d 56 85 28 3d c4 d6 ec c3 91 d4 85 9f a5 17 f8 57 f2 33 06 ae c5 70 57 d3 27 5b e8 7d 13 a8 7a 88 3a d1 15 9c 3d 94 0c df 9f ad 1b 2e f0 9d 47 b3 16 d4 99 cd 9a 4c b1 bd 66 d0 21 e4 14 8a 36 94 ff ce 19 63 cd 60 a1 8f da b5 d9 67 ac f6 51 7d 99 d7 13 7a 61 3f 9e 55 29 dc 07 a6 3c bd 2f 20 2f f0 0c 7f 0c 91 cb f6 01 c8 f1 12 9d 16 1b 82 89 d6 c0 96 ee 03 55 9f f1 17 42 df f0 a3 fe 31 a9 b6 54 4d e1 ef 64 71 c9 e5 4d 8e ef 9d b6 07 19 ec 4a 3b 99 a7 0d 14 54 f6 25 08 e0 71 6a fb 64 80 9d 7f a9 34 a7 fc 3d 01 73 cd df 13 88 Data Ascii: ?D)!f&AUF2}}M*M27O~?3o#oe=V(=W3pW'[}z:=.GLf!6c`gQ}za?U)</ /UB1TMdqMJ;T%qjd4=s
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
89	192.168.2.16	49854	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/75884.d7767dd34ca82b896517.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 4db135353ebf51e7cb614dfe33e2b290 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:47:50 GMT Expires: Sat, 18 Oct 2025 08:47:50 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521772 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff cc 5c 7b 77 e2 46 b2 ff ff 7e 0a 85 64 67 21 47 92 01 1b 1b f0 e0 89 c7 33 93 78 33 8f ac ed d9 73 b2 b3 3e 44 48 0d 28 16 12 91 84 1f 61 f8 ee f7 57 d5 dd a2 25 c0 33 79 dd bd e3 c4 86 7e 56 d7 bb aa 4b aa 2d 32 61 65 79 1a fa 79 ed b8 9e 89 68 ec de 89 d1 dc f3 6f ce a6 8b f8 e6 36 1f 2e c2 e1 cc 0b e3 c1 23 7d 1f 3f 7e b8 6e b8 f3 45 36 ad 7f f8 70 d4 e9 76 0f ae ed 25 ff ed d7 73 5b d8 61 63 70 b2 bc f5 52 2b 19 84 f5 76 bb db 3b 68 d8 19 3e 76 0e bb 47 cd 86 9d 0e ea 61 bd d7 ed b5 1a 76 58 3f 40 d3 41 a3 61 c7 e8 6f 1d 1e 1e 74 1a b6 87 8f 87 ed ee 7e bb 61 47 f8 d8 ed b4 9b 98 e5 d3 ac 76 bb 4d cd 68 3c 6c 1f a2 11 eb 74 3a ed 2e 7d 68 75 f6 db fb Data Ascii: 00000001010ffe\{wF~dg!G3x3s>DH(aW%3y~VK-2aeyyho6.#}?~nE6pv%s[acpR+v;h>vGavX?@Aaot~aGvMh<lt:.}hu
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 3d f5 ac 69 2a c6 83 da 57 cb e6 aa 06 49 81 38 0e 00 07 a8 1c 78 e9 83 95 f2 ca 4e 84 a5 6b 56 18 b0 68 38 a5 c6 6f 20 5d fe 8d 5a e0 c4 a2 75 ac a7 7b de c9 4f 50 d7 7f e4 8c 4c de 54 fc b2 10 19 90 44 e7 7b 07 bc 85 f1 44 ca 30 21 a2 6f 1c e8 01 07 7a f8 ad 07 fa 4b 61 df c6 25 6b d8 15 e5 2e 17 23 e8 22 29 bf ac 66 6c f1 88 a2 31 ce 3b c4 79 87 38 af f5 34 08 6f 15 da 15 ee b9 01 e8 df ae 62 62 91 df 25 e9 cd 30 4a 7c e6 d1 92 72 79 f2 24 77 c3 e0 99 b1 cf 0d f6 b9 e1 7d 6e 73 67 11 3a f3 f0 36 c9 35 9f c4 de 4c d4 2c 77 0b 07 f1 b0 9a 55 42 b0 05 65 e3 39 d2 a4 b1 14 6b ae 33 db 89 c7 98 17 0b 56 32 f6 3d b1 9e aa 6f 8b f8 81 84 c2 9a ab 0f 7a d2 d3 bd f2 00 cc 00 3a 34 bc 3e 8c 82 03 7d 9c 27 71 4d 42 93 4b 9b e1 cc 93 2c 24 89 1d d4 d2 70 32 cd 2b Data Ascii: =i*WI8xNkVh8o ]Zu{OPLTD{D0!ozKa%k.#")fl1;y84obb%0J\|ry$w}nsg:65L,wUBe9k3V2=oz:4>}'qMBK,$p2+
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: d8 40 b7 28 e3 08 ef 1b 07 4f d2 6c 8b 77 2c b9 79 9e cc 65 be 62 bd 86 b2 15 aa c7 c8 85 8c 12 a4 4a 66 64 8b 55 5a 65 3d 47 42 65 38 ce ac 6c 86 a0 db 15 01 fa 32 9e 40 dd 65 f5 e5 6a 93 cf 3c c8 da 43 16 66 43 4a 62 67 9b 1a 52 5d 95 54 52 e3 cc a2 95 a9 1f 3f ca bc 38 b9 57 cf e4 c7 7e 0e 1f 10 19 c9 10 89 19 ed 92 92 73 f2 83 3c b6 26 9e f2 da 81 7a 86 bb 4c cb 4b c0 b5 20 3a 52 3a 1b f8 44 9e 89 35 a2 a4 65 d9 1c 32 58 e5 b4 37 4d 30 75 ed 0f d8 e5 07 26 b0 91 ca 2a 65 cd 0a 5d 68 0c a0 04 2a c3 66 26 7a 0a 24 73 ee 87 13 be b5 22 dd 4e fb 7e 16 70 1a 09 a6 da d8 3c 42 29 76 79 89 33 bc c4 19 1c c4 34 0a ae 32 ce 5e 85 29 a4 f7 12 31 1b f0 96 f1 1f 06 56 ed 31 a6 ee 21 47 73 59 06 29 19 c2 65 29 21 e9 14 1b 9c 32 92 16 11 b8 2a 0a f1 8b 45 ce 74 b6 Data Ascii: @(Olw,yebJfdUZe=GBe8l2@ej<CfCJbgR]TR?8W~s<&zLK :R:D5e2X7M0u&e]hf&z$s"N~p<B)vy342^)1V1!GsY)e)!2*Et
2024-10-24 09:44:02 UTC	248	IN	Data Raw: fe fa ea e5 c5 f0 f9 8f f8 7a 7e ee 5e be 7b 7f 71 f6 72 78 f6 ee f5 fb 37 6f 87 17 ef 5f bf bc 7c 79 35 7c 7b fa e6 25 fa a3 6f a9 14 52 e7 74 36 54 52 c6 3c 8e c4 3b f9 9b f5 9f be 5a 8a d5 4f f6 c2 7d 7b e7 7e b7 40 59 5f 3c 69 d4 e1 ea 52 3e f6 c1 4b 3d f2 7c 21 0d 9c 21 fd 73 21 fe bd e0 e6 db c1 cd 25 52 b7 54 11 6e 2d 36 a4 84 7f 12 4b 79 7f 21 40 f1 48 63 a4 86 1a 71 42 c3 50 11 bb 86 22 63 46 07 a7 a7 af 50 b9 cb 29 ea 57 69 32 bb fc 65 81 2b 41 46 51 4d 65 00 6d e8 0e 1d 28 c8 d5 33 95 50 23 ad a2 35 9a a1 53 be 83 4e f9 ce 30 ac 7f 35 f7 53 d1 00 17 0c cc 51 31 19 66 c8 85 50 c1 40 3e 05 a3 17 42 4d 45 8c 16 fd 72 e6 29 ae ec 71 95 69 ba 28 56 f5 7e 42 6a 06 08 b0 62 66 64 ad 2c b8 de 56 51 d4 5b 6c 21 af 7a 2d be a6 0d 0a Data Ascii: z~^{qrx7o_\|y5\|{%oRt6TR<;ZO}{~@Y_<iR>K=\|!!s!%RTn-6Ky!@HcqBP"cFP)Wi2e+AFQMem(3P#5SN05SQ1fP@>BMEr)qi(V~Bjbfd,VQ[l!z-
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 36 0d 0a 30 30 30 30 30 30 30 31 0d 0a a5 0d 0a 30 30 30 30 30 30 30 31 0d 0a ce 0d 0a 30 30 30 30 30 30 30 31 0d 0a b6 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 64 30 39 0d 0a a1 3f b5 1e 92 05 6a ad 23 04 cf 5a c4 d6 9e 6b 59 c2 20 44 05 ca b5 79 28 55 88 ae 61 a9 d9 54 52 d4 c0 ef c8 43 60 8e 42 53 fe 8b ba 58 6a 56 06 e0 2c 99 cd 34 3f 14 c5 df 9b 16 e0 47 50 eb 47 6d 01 d6 1a 8b 4b fd 1e d3 78 ff 17 ca 9e 34 5f f9 e6 b7 14 c5 91 c2 2a d4 92 d2 5e f4 47 bb 5b 9f 56 14 90 3c c4 e5 aa 1c 4e aa 11 b2 ea df 2d 66 5e 1c fe 0a b3 89 47 14 80 d2 d2 bd 83 29 61 cf b9 9e 10 d8 a5 51 f8 a5 c8 c0 df 92 67 74 8f 17 c7 d0 85 22 78 8b 40 2c 23 b1 ea cb 54 35 2a 81 cd 1c 5e 45 ae 42 3c 56 40 Data Ascii: 00000001600000001000000010000000100000001000000010d09?j#ZkY Dy(UaTRC`BSXjV,4?GPGmKx4_^G[V<N-f^G)aQgt"x@,#T5^EB<V@
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: b2 82 2d e4 13 22 aa 50 35 86 13 ed 64 a8 14 46 35 60 1a 8e fb 56 4d 86 2a d6 25 da 2c 3c ee 58 b3 ad 8b 04 99 82 44 ff c5 33 41 e3 dc b6 be 13 d1 ad c0 65 ab 67 5b a7 69 e8 45 b6 b5 5e 45 6e c9 4b 23 42 4d 94 c3 a3 57 a6 3b 2b b5 72 d1 2b 67 4c 52 2f 08 e1 7f f7 d9 ef f0 52 47 37 d4 5b 5d 10 65 62 5b 38 9e 57 d7 27 53 67 6c ba 2d 3c 12 be bd 0b 5e b6 b4 92 54 ef c8 00 8d bd 59 18 c1 92 a0 32 ad ce 5d 15 0c 6c 4c c8 10 27 f6 5b a9 98 55 57 ba 53 6e 11 44 df e8 2a 79 4c 2d 57 db 37 da 1f 3e 6a 42 2a 17 9e 02 4c b0 31 87 3b 24 71 f6 a1 52 49 01 1e 1c 18 fd 23 d2 de 85 25 e4 04 2c c4 63 17 a9 b5 4a 29 f6 2b 54 53 b9 67 0b 37 ac b5 86 86 75 ff 70 df 3f d0 2a b4 10 2b 03 e0 ce 81 6d 1d 82 9f 8e 94 25 5c 2f 21 a1 ee 8d bd f1 48 9e c5 ec 52 d0 1f c0 18 b4 3b 98 Data Ascii: -"P5dF5`VM%,<XD3Aeg[iE^EnK#BMW;+r+gLR/RG7[]eb[8W'Sgl-<^TY2]lL'[UWSnDyL-W7>jBL1;$qRI#%,cJ)+TSg7up?+m%\/!HR;
2024-10-24 09:44:02 UTC	607	IN	Data Raw: 7a 52 06 ad 2a ea cd c6 aa 83 66 ed b6 b4 8e d7 03 98 ad cc b5 70 b7 e0 8b 29 9b 50 07 05 ba 77 4b 73 a6 db 6c 95 36 36 07 df 79 b7 62 49 c9 fd 82 7b 67 5e 86 2b 6e f5 42 13 30 3d 25 fe 9b 7f 83 59 df d6 bc 5a b9 6c 16 55 ce 44 99 e7 8b 6f 9f 9f d2 ab c1 64 f8 ab f3 29 30 da 8f da 66 83 7b 8e 35 7f 57 6c a2 72 bb 3e 7f 7d 4e 85 b3 fe 37 bd 00 73 a7 bf 7c 87 32 86 a4 e5 b7 4b 58 93 f6 ce c4 1d 62 d6 43 84 e9 ad 23 84 be 05 1e 19 d1 bb 8e f1 19 08 db bd e8 1f c2 d2 1f 58 76 e5 ca c7 35 0b 25 42 57 90 c7 f4 cb 91 af b5 22 17 15 d2 71 cc 1e 86 ba 2b 93 8f 51 a9 26 7a 57 61 1f 12 2b a0 50 57 2e d3 52 57 9d 2d 8b 7b 2d 75 ad c5 bd 45 63 71 05 66 5e 99 c9 1b b3 95 ab aa c7 0b b8 b8 96 dc e0 1a 1a 41 32 58 0c a8 6a 3f b7 f0 c0 e9 11 38 ed f2 28 d7 b7 a0 a8 1a c4 Data Ascii: zR*fp)PwKsl66ybI{g^+nB0=%YZlUDod)0f{5Wlr>}N7s\|2KXbC#Xv5%BW"q+Q&zWa+PW.RW-{-uEcqf^A2Xj?8(
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
90	192.168.2.16	49855	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/59084.04d6b3360a5bc50128d1.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 44e8357da6c79cb094e50b581cb9047f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:20:18 GMT Expires: Sat, 18 Oct 2025 09:20:18 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519824 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 93 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8e 0d 0a 30 30 30 30 30 30 30 31 0d 0a df 0d 0a 30 30 30 30 30 30 30 31 0d 0a ef 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001=00000001k000000010000000100000001F00000001000000010000000100000001
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: fe 8a 2e df 90 b0 8c b7 b8 d9 ac a2 de 92 d2 fa ae 78 55 59 f7 69 bd b5 e0 af 56 05 0c 63 85 35 ac 22 cc 1b 78 83 0f ea 46 23 1c 8c 92 17 50 0e f8 2b 08 39 75 37 c0 06 67 d2 03 ea 3b b9 f7 a7 3f 79 48 d3 1f d9 8a 19 a8 c8 a0 0e 70 18 ec 25 dc 78 df 87 7b bb 7f 4c d2 2a 8c 32 92 04 cf ca 93 8d d0 d0 4b d7 df d0 ad 9b d8 fd 12 e4 24 df 1e 6c 32 b8 39 8e ca 98 03 7d 34 d8 c5 c9 b6 4f 27 27 f3 aa fa 21 23 d5 8a b2 f4 21 af c2 35 79 f5 e6 8d dd 4f bd 97 b6 93 d9 cb 7d ff 2d 80 6a 6f cf c5 20 8c 05 45 5d c0 a4 c7 c9 7e e7 dc 21 ac 2e b0 d4 e9 89 95 eb 39 77 45 9a 58 20 a9 ef 56 a2 89 f8 50 d5 c5 8e 8b 0e bb df 53 c6 e7 d6 e1 c6 95 75 b1 51 fb e4 4c e6 b3 f1 6f a0 44 40 87 8c fd 09 28 9c 4c d7 27 fe 6c 36 e4 fa 04 b4 89 b3 6f f4 c9 5d a7 4f fe 41 fa e4 b0 02 61 Data Ascii: .xUYiVc5"xF#P+9u7g;?yHp%x{L*2K$l29}4O''!#!5yO}-jo E]~!.9wEX VPSuQLoD@(L'l6o]OAa
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 3d 9c 20 06 86 2a a6 18 51 0c 04 55 04 51 89 c9 b6 d1 70 02 db 4b fc 87 4d 96 0a 58 b9 3f 61 8b 72 52 ad 8b bc 76 ab 30 af 5c 70 e9 a5 eb c0 ea bd a1 77 4d d6 1b 28 b3 e0 12 ac e7 58 3f 14 11 b8 b3 c5 ff bf 29 c3 75 ed 58 ff 45 b2 3b 52 a7 71 e8 58 2f cb 34 cc 1c b8 16 10 ad b0 2e 69 d3 bb 22 2f 2a b8 41 05 59 2e 5a 7e 55 24 84 b7 2c a1 ac c6 a6 0c 93 14 dc 8b 81 05 17 40 70 07 e1 8a 02 b8 db 84 45 d9 38 16 88 90 b0 2f 66 c6 e7 e8 7b 03 b8 37 6d 07 81 ba 67 5a 12 1d 2d 74 40 ec 84 1e 58 e0 1c ed 53 90 41 81 b3 0a 55 fa 0b 09 06 25 d9 99 2d dd 13 dc c6 81 05 5b 5f 01 e1 c8 dd 2d 07 0d 3c a1 df b0 7f 38 77 15 28 72 c1 52 00 15 ac d4 a1 00 b6 38 23 10 a9 28 00 c7 63 05 1e 6d a0 96 d4 84 d4 69 04 db 83 89 d3 f3 a5 16 02 50 f6 27 45 93 0e 69 e1 86 46 6a 88 b1 Data Ascii: = QUQpKMX?arRv0\pwM(X?)uXE;RqX/4.i"/AY.Z~U$,@pE8/f{7mgZ-t@XSAU%-[_-<8w(rR8#(cmiP'EiFj
2024-10-24 09:44:02 UTC	482	IN	Data Raw: 68 58 0a c0 86 c8 53 3c 7f 6a 70 ce 65 54 37 31 05 8a 76 39 81 a8 e1 36 b5 ba d4 35 d4 52 48 16 88 a8 2c c1 7f 80 52 84 ea b5 25 d5 23 2d a5 95 7b 56 78 56 c0 18 49 1f a6 ca e3 36 3b 74 e8 94 57 b9 cf 16 ba 8a 73 b0 36 61 8e 28 98 38 02 b7 f3 86 86 98 f2 5d a8 23 6f c0 26 c2 e3 4a 4a cd 31 4a 2c 0b bc 0d 10 fb 0b 21 b8 a0 22 5d b0 17 1c b3 8d 16 0c 65 d3 b5 41 c5 b6 38 83 3d 66 1f 32 7b d1 3e 52 49 a7 8c 94 aa 12 2a ff 34 63 4a 9b 9c 72 e4 04 8a 5d a5 03 df e1 40 0d 95 ce fa 12 9d 4b 01 9b 0d 80 ed 36 6e 61 71 13 f5 13 0f 64 29 cd 3a 98 80 20 b6 3e 7c 53 8a d8 27 6a 2c 21 61 dd 78 4b e2 5b fb 3f f0 f7 00 2e a3 d2 3b e2 d0 df d7 69 59 d5 00 4d b3 44 2d a7 91 ac 6d 13 65 75 19 a3 3d 46 72 8e 1b 5d a5 b9 40 52 d8 eb fa b8 75 73 f7 d2 2c 5a b0 e8 9c f4 f2 e3 Data Ascii: hXS<jpeT71v965RH,R%#-{VxVI6;tWs6a(8]#o&JJ1J,!"]eA8=f2{>RI*4cJr]@K6naqd): >\|S'j,!axK[?.;iYMD-meu=Fr]@Rus,Z
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 57 0d 0a 30 30 31 0d 0a bc 0d 0a 38 64 34 0d 0a 73 12 c1 5c d4 33 c3 56 62 22 e7 37 d4 43 67 39 ee 5c ea 72 68 70 94 4d aa 61 53 43 97 f6 75 a1 ca 93 4c 59 b3 9f 27 18 d4 b2 0a 3b 07 6a b6 45 00 39 1b 59 8c c9 4a ec 9a 41 03 da 96 ab 4e 57 b1 d4 cd 19 24 e9 5d 8a b9 31 06 81 2e 4f 59 54 60 8e 0b d7 38 d1 c8 11 2b c2 9b da ca 78 e8 79 c4 f1 28 eb 36 b2 4b 5b 06 71 c3 61 4e 81 a2 b7 8b a7 cb 0c a1 54 d2 a6 ae f8 f6 5b fb b9 20 ac 1e e9 48 08 2c 95 0b 1f eb 49 0a 22 93 cb 75 80 39 4a 4c 09 92 07 08 dc ca d2 17 2c e9 ab a1 d0 05 6c dd 5d 78 51 d1 5c 1a 28 8c 76 69 21 78 05 45 14 b4 74 6e 20 35 fc b3 2f b8 19 1c 46 e0 f5 07 ef cc f2 17 b0 80 51 1c c9 ae e5 0c 98 9c 6a 8e 54 68 8f 2e 1b 09 75 5e 41 c2 20 bf 86 bb 9c ce 91 c4 c0 d5 Data Ascii: 00000001W0018d4s\3Vb"7Cg9\rhpMaSCuLY';jE9YJANW$]1.OYT`8+xy(6K[qaNT[ H,I"u9JL,l]xQ\(vi!xEtn 5/FQjTh.u^A
2024-10-24 09:44:02 UTC	880	IN	Data Raw: bd 2a 4d 0b e6 55 84 c1 85 b6 a5 6e 37 5b d7 01 4a db 12 c0 25 f9 35 9a 28 f7 ef 5d 42 04 cd 6c c7 74 60 33 eb 41 44 e6 62 40 1a e3 27 19 33 d0 25 44 5c c8 5b 30 e8 a4 86 5d 89 40 df 2e 21 82 3f 21 62 ca 20 35 5a 48 5e 8b 98 79 03 4a 25 2d 28 49 8d 1f 31 16 81 56 e1 a2 c7 14 27 5d 42 04 bc e5 62 e4 3a b4 67 63 18 48 5d 42 04 cb 8c 63 b1 e2 5d 42 04 9c 03 ba 84 88 ca 95 1a b2 45 f2 9b 61 ec 32 28 b8 4b 88 50 09 d7 25 44 b4 24 40 a9 3a ec 3c 33 e3 d1 a8 d0 4f 11 fc d9 64 a7 74 09 11 9b 66 09 f5 b4 07 35 67 4f 87 40 ee 52 13 e4 2a 0f 53 0c 47 02 ba 84 88 2e 21 e2 53 26 44 1c 69 cc 20 cd 7a 90 4e 76 91 5e a3 5f 27 8b 94 06 28 55 3f ae a7 56 b5 f5 0c 05 0a 42 fb fb e9 9d 34 d6 ba 79 67 7d a5 1f 88 29 a2 f5 c4 09 81 75 07 a5 ca 8c 94 3c 1a 76 42 d0 27 27 aa 42 Data Ascii: MUn7[J%5(]Blt`3ADb@'3%D\[0]@.!?!b 5ZH^yJ%-(I1V']Bb:gcH]Bc]BEa2(KP%D$@:<3Odtf5gO@RSG.!S&Di zNv^_'(U?VB4yg})u<vB''B
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
91	192.168.2.16	49856	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/71254.89ea96287cbc8b900860.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 9ab382f696ec905311298cd5393c1530 Content-Encoding: gzip Server: Google Frontend Date: Sat, 19 Oct 2024 01:11:42 GMT Expires: Sun, 19 Oct 2025 01:11:42 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 462740 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 31 0d 0a e9 0d 0a 30 66 66 33 0d 0a 76 db 46 96 fe 3f 4f 01 33 89 9a 48 03 10 17 71 95 29 47 96 97 28 f1 d6 92 9c 4e e2 f6 61 40 a0 48 22 02 01 06 00 b5 84 e6 bb cf 77 6b 01 0a 20 65 d9 93 a4 a7 e7 9c b1 12 89 ac f5 d6 dd 97 02 6a ab 94 19 69 96 04 5e 56 3b ac a7 2c 9c 3a d7 6c b2 74 bd cb Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\0010ff3vF?O3Hq)G(Na@H"wk eji^V;,:lt
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 47 b3 5a ad 16 35 a3 b1 db ea a2 11 eb 90 ae a6 0f 82 e4 c4 7c 41 9d 33 94 69 4d f0 71 d0 ee 1f 60 c6 12 1f 39 33 98 d6 1c 1f 39 1d 4d 6b 85 8f 1c ef a6 75 45 63 81 18 d3 5a d0 a7 ee a0 df 33 ad 5b 1a da 69 1d 00 d2 19 ef ef f6 b1 d7 94 20 e9 37 9a 34 18 f3 9b 07 fd 03 d3 b4 6e 30 a0 d3 eb f7 30 76 8c 8f ed f6 a0 79 20 ac c2 a5 75 6d 7d 69 5d 58 27 d6 a9 75 66 bd b1 9e 58 c7 d6 b9 f5 d6 7a 61 7d 6f bd b6 9e 5a 8f ad 5f ad df ad 67 d6 73 eb a5 f5 ca fa d9 fa d6 fa c9 fa ce fa cd fa c1 fa 47 61 4b fe f9 ff b6 e4 4f b2 25 3f 56 6c c9 d4 c9 3c a1 23 93 15 c9 17 6c 40 ba 82 a9 ad 3b 8e 93 5b 69 a9 c3 bd 78 79 7b 11 c7 61 16 2c 2f 60 8b 46 b5 13 34 18 7e 4c 3e 88 91 c5 86 17 06 cb 49 ec 26 7e 4d e8 7c 98 a7 20 bb bd 80 9e 1c d5 c4 a8 52 c7 db 24 cc db 37 77 9b Data Ascii: GZ5\|A3iMq`939MkuEcZ3[i 74n00vy um}i]X'ufXza}oZ_gsGaKO%?Vl<#l@;[ixy{a,/`F4~L>I&~M\| R$7w
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: e1 58 e3 6c dd c1 94 46 9f ab 16 30 f1 6e 77 b3 e4 4f 7e ba a3 b9 ad ce 2b 4e 23 ce ef 6f 27 ce 08 7d a1 13 4c 9f f0 14 ac 8f e4 22 b1 0f 42 3a c9 80 c7 39 e7 68 b1 af ae 10 10 ee 55 98 a7 06 73 bb 65 05 94 93 45 81 48 d9 c9 fa 38 fa 29 49 59 f0 e9 9d bc a7 53 e0 1c 14 38 ff 0f a5 c0 dc d1 13 85 7f 02 f2 77 60 e4 5e fc 07 f7 e8 08 9d fd 83 bd 3d e4 62 95 9e d8 29 cc 3a ee df 02 f7 6f ff 43 71 bf 74 f4 a4 ef 9f 80 fb 0a 36 ee c5 7b fc 19 78 8f f7 f6 e2 02 ef 85 66 d4 91 fd 02 c8 7e f1 1f 8a ec 2b 07 30 97 b2 c9 7f 02 c2 09 0d 77 61 d9 84 22 b2 23 24 e1 61 25 e6 70 0f 7f 87 01 75 c3 9a 4a ba c0 a4 c2 86 68 a6 54 da cb 60 c4 55 15 14 de f3 2c 38 87 7f 5c f2 36 65 55 e1 50 28 bc dc 1a 49 dd 48 e1 27 56 b4 20 23 3b ac d5 f3 8b 53 83 2f 48 66 0b f6 98 91 fb 1d Data Ascii: XlF0nwO~+N#o'}L"B:9hUseEH8)IYS8w`^=b):oCqt6{xf~+0wa"#$a%puJhT`U,8\6eUP(IH'V #;S/Hf
2024-10-24 09:44:02 UTC	381	IN	Data Raw: 2d 5d 79 c5 45 53 66 3f 01 ef 3f 71 bc 93 86 91 7a 83 8b 2c a2 bd 88 92 fa 24 4b 1a 87 95 0b b0 47 a5 aa 1c 9f 37 89 fd 5b 1b 21 7c 16 40 f1 08 e9 d7 97 e2 72 2b f7 99 a6 76 a7 26 05 50 48 b7 e4 68 25 ea da be 80 62 4b 1a be d1 ef 40 60 80 76 84 39 1c 56 a1 39 f5 0d 2b 07 13 a2 2f 37 73 d5 e9 01 55 d7 58 a4 76 b3 66 24 31 55 ab 44 5e ba 52 7a c6 76 fa ca db 47 79 b8 0f 5d ab 30 27 62 54 5e ce 94 0e 0d 92 da 45 b9 92 00 21 3c f3 15 95 9a e7 b5 7b 6a e5 ba 9f ae ec 8e 6a d7 81 9f cd 87 70 5b 96 37 e8 b9 80 75 36 4e e3 13 03 17 65 a1 72 52 e3 a7 e3 b3 63 23 01 e1 81 2c 89 d7 c9 11 9c 1f e4 77 10 cd fb 06 77 cb ca 9d 34 1a 6c e2 28 ff a0 d0 b3 12 f9 02 74 80 21 15 6f 35 c4 22 43 02 d1 aa d3 75 d3 75 ec cc 0f e0 99 a0 fe 47 35 2f f5 a9 9e 38 df bd 75 4e 5f 9f Data Ascii: -]yESf??qz,$KG7[!\|@r+v&PHh%bK@`v9V9+/7sUXvf$1UD^RzvGy]0'bT^E!<{jjp[7u6NerRc#,ww4l(t!o5"CuuG5/8uN_
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 76 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 30 30 30 30 30 30 31 0d 0a fa 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 30 30 30 30 31 0d 0a f9 0d 0a 64 30 39 0d 0a 46 c8 a6 65 b8 dc 16 2f e9 32 b8 3b e3 21 37 b5 91 c7 16 47 42 ec 9f 30 10 3e 54 48 a9 e1 69 00 5e 89 92 34 af e1 62 3c c7 48 7e 05 96 5f 7f 7d 96 c4 8b f3 df 56 b8 f4 c4 b1 54 93 59 24 54 fa 99 4a 11 8a d5 53 99 7a 21 e5 b2 e3 ba d8 77 50 2d df 69 2a 5d e6 a7 fe 32 21 a0 7a 3e af e5 2f 57 93 30 48 11 50 50 2d 3f 9b 83 df 73 d9 c6 45 f6 4b 83 7e d9 cb 04 57 b6 e0 19 95 fc a6 0c 37 19 19 7c ac f1 24 74 Data Ascii: 00000001m00000001b00000001v0000000100000001000000010000000100000001000001d09Fe/2;!7GB0>THi^4b<H~_}VTY$TJSz!wP-i*]2!z>/W0HPP-?sEK~W7\|$t
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 52 ab d1 6d b4 72 c1 c1 19 aa 03 1a 8d 83 83 7e e5 24 d5 31 fd 06 38 a5 7c 9e ea 90 ae df 3c 68 ca 53 41 79 cf b3 ad 8d 74 0e 21 ae fe e8 00 45 aa c9 cc c6 95 6f 3c 5a 44 a4 9c fa fe 54 8a 5d 81 14 7d 04 6b d0 4f 19 21 a5 7e 6f 3a 60 4c f4 73 82 96 3a 3b d3 b6 92 46 45 52 bd 1f a2 da 62 52 9e 25 51 4b dd 2e 6b aa bd 05 02 4a bd de 14 3f 62 67 7e 78 bd 53 17 c0 fc e0 a2 c2 90 1f 7e e0 4f fa 53 75 b4 9c 23 64 1d 22 1f e5 b5 e8 a7 82 80 ca 4a 93 86 cf 26 52 55 09 24 54 06 0c 06 9e 3b 95 07 cd 11 51 19 33 ed 78 bd 81 64 3d 85 8c ca 10 d6 77 7b ae 94 1e 89 90 ca 08 5d 4d 09 a4 54 06 e8 2a 88 6b 4c 29 63 1d 88 57 4b fe 12 87 e5 0a 36 97 4f 88 a8 44 95 f0 d3 dd 28 b5 53 96 04 d3 a1 51 13 f1 a0 71 8e 36 03 29 99 9a 65 9c c5 48 9d c4 ea 2f 1e ed 99 66 96 f1 2d 0b Data Ascii: Rmr~$18\|<hSAyt!Eo<ZDT]}kO!~o:`Ls:;FERbR%QK.kJ?bg~xS~OSu#d"J&RU$T;Q3xd=w{]MT*kL)cWK6OD(SQq6)eH/f-
2024-10-24 09:44:02 UTC	643	IN	Data Raw: 3e 48 d1 4a 3e 46 a7 47 99 4c e1 9d 14 3d 0b e4 cb 7a dd fe 8e 1e 32 b1 83 01 25 73 ab 73 b8 d3 c1 6f 3f 6c 77 f1 3e c4 14 4b 58 87 4b 76 3b 4d f0 d8 78 6a e0 0d 5c c8 ae a5 a9 3d 01 c1 e9 1d 79 4b 96 ae 1b 5f ad 27 c8 9b cd 12 7a 6d 48 fe bc 84 7d 23 f4 ba 3e 9d 58 00 f2 82 0b 79 a4 70 d6 59 bc 2e 24 1d ef f6 82 7c d4 db 5d 0a b1 50 99 d2 76 55 d3 b0 c3 35 ed 56 4c 4a 91 85 66 f5 86 b9 e9 a0 59 d9 ee e6 61 31 80 73 8b be 16 5e c1 e6 b1 39 b7 23 36 ee 3b 5e af f5 99 4e 03 af 22 d3 36 d6 07 5f bb 57 6c 8d 74 de 57 39 53 2e dc 14 85 6f f9 de 8d 21 32 af 8d af 8c c6 57 b0 6d bb 9a 37 1b 87 9b 20 99 38 90 36 ea ec f9 e3 63 7a c9 9d a8 60 a9 a4 02 d9 8c 8f 19 28 8d 7b 0e 15 db 56 0c 83 f4 3d 3e 7d 7d 9e 0f e6 7a 59 37 85 fa 4e 7f f9 0e 65 0c 09 f3 67 95 b0 26 Data Ascii: >HJ>FGL=z2%sso?lw>KXKv;Mxj\=yK_'zmH}#>XypY.$\|]PvU5VLJfYa1s^9#6;^N"6_WltW9S.o!2Wm7 86cz`({V=>}}zY7Neg&
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
92	192.168.2.16	49858	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/58686.e43f75fcd3216c74cafe.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 29e120c32fbf02a87651a2940b1f44f0 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:44:16 GMT Expires: Sat, 18 Oct 2025 08:44:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521986 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 02 0d 0a 30 66 66 37 0d 0a ff ec 7d e9 7a 1b c7 d1 ee ff 73 15 63 38 51 00 67 30 02 c0 1d 34 a4 c8 5a 2c c5 5a 1c 91 76 16 45 0f 3c 00 1a c4 58 00 06 99 19 88 a2 21 dc d8 f7 f3 bb b2 ef ad aa ee 9e 9e 05 24 25 db 67 79 9e 63 26 14 d8 6b 75 55 75 6d 5d dd 68 ac 53 e5 a5 59 12 8d b3 c6 69 33 55 f3 69 70 a9 46 ab 70 fc ee e1 6c bd 7c f7 3e 1b ae a3 e1 22 8c 96 83 6b ea 3e 7e 7c f3 b6 15 ac d6 e9 ac f9 e6 cd c1 f1 e1 f1 a1 7f dc 3d Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000010ff7}zsc8Qg04Z,ZvE<X!$%gyc&kuUum]hSYi3UipFpl\|>"k>~\|=
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: cb bc 3e cb 06 e3 79 98 a6 1e 68 a2 96 93 d4 1b 06 d9 78 c3 72 34 59 8f 09 17 ad 4d ba 06 7e 9a 41 10 58 9e 68 f9 c4 25 41 84 76 83 ab 60 1a cd 59 0a ea c2 f4 75 7c f9 48 61 23 a9 07 e0 f4 f7 6a f0 45 57 6a c6 f1 ea ea 3c 8e e7 59 b4 3a c7 74 83 c6 43 14 78 67 4f 1f f4 0e 0e bd 2c f6 c6 f3 68 35 8a c3 64 02 b2 d3 f0 e0 be 28 bb 3a 07 de 07 0d 9a a3 50 fc 43 32 2f 94 46 e9 a3 f8 72 39 8f c3 49 b4 bc 78 82 d6 98 76 9b 66 90 fe 63 0f 74 86 ea ba 9a ab 14 ab 11 76 7e d3 ec f8 69 b0 5e a6 e1 54 3d 3c 3b 6b 35 df d0 c2 03 69 e5 bf 0b 1e f8 7f 08 1e bc 6d bd dd ae 57 13 50 72 42 0c 9a 05 b3 30 6d 36 04 ac 06 51 85 c1 1c a6 cb 68 b5 52 59 fa 70 16 2e 2f a8 69 0e 7c 30 14 95 62 db b8 2b 0b 86 c0 1f b0 9e d9 5a 8d 57 99 93 24 7c 61 2c e2 c0 61 16 5e 40 78 69 50 86 Data Ascii: >yhxr4YM~AXh%Av`Yu\|Ha#jEWj<Y:tCxgO,h5d(:PC2/Fr9Ixvfctv~i^T=<;k5imWPrB0m6QhRYp./i\|0b+ZW$\|a,a^@xiP
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: d4 6c 4d 92 99 41 80 26 e2 5f 18 0b 73 0d e7 e4 ca 33 46 32 bc 48 04 3c 3c 6d ec b3 7f d1 30 d6 82 de 68 55 75 5f 10 7b 05 3b 83 d0 50 6b ee 97 50 a1 db fc d6 98 60 5f 27 05 0e 92 f5 d2 83 cd 41 7b d3 43 b4 e7 4f 99 b7 4a e2 f7 d1 44 59 af c0 c1 cc a7 2e d8 58 1d 4c f8 1d 3b 92 69 a5 4d 37 c1 63 a1 e1 0d f6 54 11 c1 7a 3e 63 98 68 f5 52 76 94 3f 7e 74 24 4d d5 53 fe f8 91 c2 39 5f 0c 06 4d ed 56 ea 61 aa db 07 7e ba c4 8f d0 18 8e a4 d3 2d d0 e6 fd 90 90 57 6a 96 05 9a bd ef 37 1a fd 06 bc 05 d2 30 c5 c0 44 c5 b7 bf 35 c8 da c7 bc 15 c8 b0 66 0c c8 6a a0 76 82 8c 66 ca 82 cc 98 1b a6 30 b6 be 97 cd da af 68 8d 05 9c e9 52 ac db 37 f3 68 77 52 c0 73 f1 02 97 31 22 b5 9c 0e f5 7e 1b 82 f1 e1 8f a6 25 24 99 81 96 ae 35 e9 0e b4 c4 a2 ea 07 ba 05 e8 b3 e0 62 Data Ascii: lMA&_s3F2H<<m0hUu_{;PkP`_'A{COJDY.XL;iM7cTz>chRv?~t$MS9_MVa~-Wj70D5fjvf0hR7hwRs1"~%$5b
2024-10-24 09:44:02 UTC	335	IN	Data Raw: c4 d9 2c 2f d1 f3 a5 90 cf 11 e3 05 5b d9 ca 74 a7 81 15 03 15 29 ac e5 c2 90 66 72 ad b8 8b e0 f2 04 b1 8a 05 ac f6 5f 10 c1 9f 2b 02 ae 80 5e ea 61 c5 60 91 3d 9f 44 09 b2 f8 52 58 13 60 4f fa 87 75 e5 54 0a 9c d5 fc 80 d5 fc 20 ab 59 cf 41 db 79 84 5f cc fa 8e 04 ab 2b b9 cb 2d ef a2 13 e4 1b 83 4a 8c 10 2d d4 ab e4 11 ce da 0b 70 4e 09 98 21 5b 35 69 8a 13 c5 21 ec 74 85 5d 83 df f0 51 3e af 73 86 a9 1a b4 78 9c 2b f2 31 b9 13 ed 45 30 96 0d 2d ed 15 21 c9 a4 e1 06 9f 79 fa 52 9b 1a b1 f6 f1 63 83 26 01 67 2e 56 37 b7 86 e5 5c c3 4f cf c1 e4 15 2a 20 69 89 c8 e2 50 e1 1b 50 e1 9b df 9b 0a bc 8b 3e 93 08 f5 7d 0d 0d 7e 47 22 88 27 22 bc fd 82 73 4a 27 af cc c9 3a e3 7b b7 56 ad 90 1c 81 fd 4f 20 68 41 f1 7c e2 d4 76 9a 8a d0 a9 e1 91 33 6d ed 43 82 17 Data Ascii: ,/[t)fr_+^a`=DRX`OuT YAy_+-J-pN![5i!t]Q>sx+1E0-!yRc&g.V7\O* iPP>}~G"'"sJ':{VO hA\|v3mC
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a fc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 96 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 24 0d 0a 30 30 30 30 30 30 30 31 0d 0a e0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 20 0d 0a 30 30 30 30 30 30 30 31 0d 0a 34 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 18 0d 0a 30 30 30 30 30 30 30 31 0d 0a c9 0d 0a 30 30 30 30 30 30 30 31 0d 0a a5 0d 0a 31 0d 0a 54 0d 0a 31 66 62 64 0d 0a 88 21 8d e6 c6 3a 39 32 9b 84 97 c3 c5 e4 c0 8d 5b fc 0b 43 fe 4b 56 0e 99 65 6c 78 86 25 85 2a 98 33 80 ec de b7 69 5c fe 93 82 17 8e 5c 2e 09 ee af a3 c5 85 97 26 e3 41 63 96 65 ab Data Ascii: 0000000100000001000000010000000100000001$0000000100000001 00000001400000001L00000001000000010000000100000001000000011T1fbd!:92[CKVelx%*3i\\.&Ace
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: e5 78 75 4d 2b 04 d5 74 33 73 84 bb b3 e5 c7 8f b5 f3 e4 87 ca 74 1d a4 66 0a 6e 60 46 07 e7 d5 1f fd db d5 d4 8e 81 9b c1 b4 14 33 ca 2e 18 01 41 6d f7 02 08 04 c1 eb da db 5c 9a 9b ea c7 b8 3d a2 34 b0 ec 38 ec 82 94 80 c8 c5 38 1f 5d ba 27 ba 37 62 23 17 d3 72 c2 ba 6b 1e c0 b2 5c 2f 46 08 23 d9 cb d6 b5 34 2a 8f 07 01 e1 9c d3 3a 1b 10 12 e4 2b ec ce 9a d3 5a a7 11 0c 94 f8 49 f4 01 d7 76 7b a4 b9 34 ef ce 90 16 a7 33 15 a8 ad 71 17 a3 8b 0b 95 68 fe 86 25 82 bc 8e e6 4f 38 1c ee e3 a0 13 16 10 a7 0f 04 24 52 b6 8d 9f f2 c1 dc b4 87 9b 06 e3 81 8a 76 42 84 5b b8 09 5d 88 92 41 71 2b a0 0a 84 01 f1 06 cb 45 af 8e ee 78 00 f4 82 fd e2 5e 5e 74 ee 34 ca 9a c8 80 68 6d f9 3e 00 92 f0 28 f7 80 95 b9 9a 38 28 e2 9b 24 46 fa bb 09 a2 26 91 82 ba 61 53 e0 7a Data Ascii: xuM+t3stfn`F3.Am\=488]'7b#rk\/F#4*:+ZIv{43qh%O8$RvB[]Aq+Ex^^t4hm>(8($F&aSz
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 3d 7b 1b 9d af 75 d0 14 a2 c7 e8 9d 25 dc 0c 71 76 ac ef 5d ce a2 f1 8c cc 3d 5c 1a 99 23 e9 cb ec 5d 2b ca 4a 5b 17 bb d3 62 bd d6 81 cc 61 69 f8 88 70 e1 bd 0f 15 cc 43 24 94 51 ec 89 fe 25 c7 03 c5 9a 5c 0f e3 05 ee 5f b9 ba c5 5f d6 68 97 84 08 96 e4 da 05 c2 c2 11 1d 95 07 19 2a 72 fa 77 56 24 8e be b3 ca 22 f7 59 38 cd d5 64 11 b8 99 00 e6 ac fc 66 19 84 3d 8d 50 ab f6 13 44 42 51 f8 f1 a9 4e da 85 bf 8d 30 2f 3d 0b c3 32 4d fc 53 77 9f e9 7b 12 78 ee 10 ad f0 4b 53 82 ff 5a de 9f 90 83 26 cf 87 bd 8c 27 fa 31 4d b9 b0 85 40 ba 9b 19 59 da 5d 11 88 d5 a7 14 25 fd 12 12 05 83 5c 3f 2b 24 b2 85 ff a7 f7 59 8d a6 ca 41 de bd 05 a0 c5 c4 90 30 79 11 5a 44 90 fb 66 f7 80 46 a5 f3 b2 86 e1 6c 1b 0a cc 99 bb 86 b1 e7 84 21 e4 f4 19 b3 a9 c4 d8 da 23 9d b4 Data Ascii: ={u%qv]=\#]+J[baipC$Q%\__h*rwV$"Y8df=PDBQN0/=2MSw{xKSZ&'1M@Y]%\?+$YA0yZDfFl!#
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: d9 88 f2 72 6d db a5 53 6e 34 d8 31 1d e3 d9 30 33 12 44 fb 9e e0 97 28 57 b8 2b a3 2d c0 5c 5a 93 c6 fe 94 bd af a5 a3 0c 5a d8 31 85 79 64 51 2e 26 6f 66 69 bb 2f 2b 50 7b 01 27 38 c8 a0 d7 0b 08 ad 78 34 63 e7 08 2b 42 c7 27 f1 d6 b3 11 30 b5 04 a9 99 1c f2 89 ee 8a 79 b9 a8 f2 cb 78 c5 d1 9a 6e b4 b1 ca af 02 83 23 53 cc 03 b4 c5 db 2a b2 40 8d 62 21 a3 bb 02 be 24 57 90 e8 9a 8e ae 24 26 ef 47 24 b1 15 f7 56 c4 d7 ca 66 2b 7f db b9 80 d6 56 15 c5 f3 78 3d 65 7e b1 96 88 56 f6 d6 0a a3 77 ab c1 15 d0 2f 62 51 5b 6b bd 6a 4d df 1a 18 c2 2c 3c c8 b6 4e 46 77 91 d4 f7 f6 31 15 94 b4 f9 bf 16 40 68 0e 4b 9f 3c 6b 6d eb ba e6 af 0c 60 bd 01 23 82 2b 7d c4 6f 32 46 1c e3 41 7b 6a 6d 8e f2 a7 7d 0f 09 12 98 d1 33 de 00 56 2e 00 fc f7 7f 79 fa 2e bc 03 43 71 Data Ascii: rmSn4103D(W+-\ZZ1ydQ.&ofi/+P{'8x4c+B'0yxn#S*@b!$W$&G$Vf+Vx=e~Vw/bQ[kjM,<NFw1@hK<km`#+}o2FA{jm}3V.y.Cq
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 52 b7 1e 5b b5 a7 f4 7e 2e db d7 80 6e 1a aa ae 99 5b 10 50 e8 3c 9e e2 c7 70 04 16 ef 56 ba 1b d0 2e 5c 8e 7f c4 e4 c7 f0 27 93 d1 f1 d4 2c cd 04 96 b5 db a0 1d 03 42 51 8f 7e 4a 08 28 8d 34 ea 4c d4 48 8b 2a 41 42 a9 c1 c9 c9 38 9c ea 85 5a 44 94 da 4c 0f c6 47 27 9a f5 0c 32 4a 4d d4 71 78 14 ea dd a3 11 52 6a e1 8a 29 e6 08 1d 4b b1 8b 76 45 90 98 49 bc 8d 7a 07 d8 5e e6 97 2c 96 05 ac dd 9f d8 a2 1a 55 62 7b e2 74 13 c1 df 24 42 f4 b7 21 d9 3a de 19 ca e8 1b 54 1b be f7 3a 46 0c 2d 36 ff 3e 4a c2 69 e6 7b 4f 15 be b2 95 4c 66 df 7b 90 c0 f4 f7 f1 d6 b2 19 45 a6 e4 a1 ed 31 6d 3e f2 43 64 58 e9 91 6d ad f4 b8 48 f0 7d 98 f0 a1 61 74 e2 8c 29 4c da a6 a0 89 28 c7 44 5d f8 1e 96 17 e2 ab 78 9d e5 61 25 41 17 5f f8 5b 5f 85 ac 08 d1 92 94 47 cd 00 d5 9f Data Ascii: R[~.n[P<pV.\',BQ~J(4LH*AB8ZDLG'2JMqxRj)KvEIz^,Ub{t$B!:T:F-6>Ji{OLf{E1m>CdXmH}at)L(D]xa%A_[_G
2024-10-24 09:44:02 UTC	1281	IN	Data Raw: 2d 69 08 43 ae d2 f4 43 de 94 15 df b5 2d 79 0d f7 be da 30 44 e9 0c a6 c9 3b 08 05 31 4e f8 58 29 0f eb f3 9f 46 a5 ca 29 09 0f 5d 06 f5 43 eb ab 00 46 88 69 99 c3 b0 a3 a1 b3 fa 72 8b ab d6 f6 2f ef d4 d5 34 a1 87 2e e8 6b 33 11 52 4d d3 f6 08 9b 17 c1 e9 68 a5 d2 4d e7 8f 9b 3c 81 c2 7e 7f 29 28 c1 ca 7c 8b 87 49 62 bc 36 b6 12 32 99 6f 18 47 ca ec 84 72 f6 e1 28 69 56 32 35 f9 72 3d 87 fe a6 d6 ac 09 5d 5d 13 ba 5c 4d 04 77 0d 70 53 2f 2b ed 7b c2 6f a6 34 57 4b 1d b2 1c 2c f7 98 7a 51 bc b9 9d a0 1d 5e 6d 51 9b 56 e4 b0 58 f4 e5 6e 74 b9 55 41 c3 ba 1d 1c cd 5b ea e3 98 a2 da f3 35 73 f2 65 cc dc 92 3d ae 80 2e 0d cc c1 4f 27 d8 a7 16 bf 40 07 11 f6 2d b4 66 38 a1 4a eb d4 6c 15 39 71 d1 48 ab b4 96 f2 56 41 d3 db 46 82 53 1b 81 d1 ad 8c 92 c3 b7 d0 Data Ascii: -iCC-y0D;1NX)F)]CFir/4.k3RMhM<~)(\|Ib62oGr(iV25r=]]\MwpS/+{o4WK,zQ^mQVXntUA[5se=.O'@-f8Jl9qHVAFS

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
93	192.168.2.16	49860	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/30592.64f38a11064ff2dd4b23.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: cca0a4fed5a7397b6a34550860a903a7 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:44:10 GMT Expires: Sat, 18 Oct 2025 08:44:10 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521992 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 66 66 36 0d 0a ec 7d 6b 77 db 46 d2 e6 f7 fd 15 30 93 38 a4 03 c2 24 75 27 4d 2b 8e ed 39 f1 79 9d 49 d6 97 9c 9d d5 68 65 90 04 25 c4 14 c1 01 40 5d 42 f1 bf ef 53 97 6e 34 40 52 92 93 cc 7b 66 f7 28 9e b1 a5 be 54 77 57 57 57 d7 ad 0b b5 79 16 79 59 9e c6 c3 bc d6 ab 67 d1 64 1c 5c 46 83 59 38 fc fc f2 6c 3e fd 7c 91 9f cc e3 93 f3 30 9e f6 6f a9 bb b9 39 3a 6e Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000ff6}kwF08$u'M+9yIhe%@]BSn4@R{f(TwWWWyyYgd\FY8l>\|0o9:n
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 32 8d 88 0b 84 c2 62 93 e0 22 9c cc a3 86 1f 2a d3 00 b0 1c 8c 12 73 69 f4 96 c3 30 1f 9e 11 ee 30 2d 1c 83 7e b4 c4 e2 31 9d eb 85 4e f1 11 16 ae 2b 0a 64 06 cc 60 40 bc cc 3f ea 0d 5f 67 39 a5 59 4e 0d c2 2d 18 2c 63 d0 c8 cf 40 0e 5e bc c4 99 67 a6 13 2e b1 1d d8 81 ea 86 a0 b1 6c 63 8d ee 98 e9 69 c1 2d 23 b3 91 21 77 64 c6 9e f6 17 cb 20 4f e4 a4 1a 24 06 d9 24 1e 46 f5 7d bf d9 36 3c ae 26 33 04 b0 7e 8a 5d 0c f8 64 a5 f3 21 76 10 6b 49 c1 4d 9d 92 60 1a 9e 03 59 b5 9f c2 19 77 b8 b9 a9 bd 8f 72 fe f1 50 88 6b 0c 6a c6 34 bb b5 17 e6 f2 d0 86 4f ff 4f fd b0 fb 31 be 79 d3 98 e6 f8 69 ff a6 bd 7b b3 d5 69 e0 c7 97 93 f0 7c 16 8d 1a 02 e1 eb a7 41 1e 65 39 f6 f5 50 56 d3 15 7e b2 8a 94 c6 42 30 37 8d 2e bd 0f e0 3f af 71 ac d2 7a ed cd 14 5b 0a 0e 14 Data Ascii: 2b"*si00-~1N+d`@?_g9YN-,c@^g.lci-#!wd O$$F}6<&3~]d!vkIM`YwrPkj4OO1yi{i\|Ae9PV~B07.?qz[
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 46 41 b4 48 8f f2 e3 06 fe 23 a5 84 16 67 05 9a c2 ec 62 e0 91 32 ae f0 e4 10 14 f2 0a 77 dd cc dc 61 67 14 3d 9d db 19 d2 59 9e 54 d9 87 5a c9 bc fc 19 a9 a3 b5 49 72 19 a5 a4 51 62 1f cd e4 20 6e 7d 9c e9 af 2e 26 69 b1 50 50 e7 33 48 db d5 2e 2a a2 69 2f 67 fb 68 fd 8d 65 45 cc c4 24 36 df 0d a4 7a 45 3d 22 2a 55 ed fa 75 15 28 dd 2d 84 36 2f 7a 2c cd fd 50 7e ec 1a 34 5a 54 13 6d c8 f9 93 2d 5f b9 35 a5 52 ee 68 17 bc 61 7c 74 ed 9c 0c c9 a2 f5 4b 49 06 c7 29 26 fe 1a b1 6a d9 d3 f9 55 4e 63 90 9d c5 63 9c f7 1e 4e 3c 9b d7 a0 92 ca e5 ed 62 b5 97 c3 a6 0a bc dd c2 a5 85 6c dc e9 81 a2 1c 1a 3e 8a 54 c3 a9 a0 b9 b1 e4 2d 55 64 7f 64 49 1f c6 c2 92 bc a6 ab fb 60 b4 1e 32 a4 ca 6c 75 51 2b da ca 33 19 d9 5d 83 f0 72 ab 39 f9 b9 34 31 5d df e2 54 bd c1 Data Ascii: FAH#gb2wag=YTZIrQb n}.&iPP3H.i/gheE$6zE="Uu(-6/z,P~4ZTm-_5Rha\|tKI)&jUNccN<bl>T-UddI`2luQ+3]r941]T
2024-10-24 09:44:02 UTC	352	IN	Data Raw: c1 fe 5e c3 9f e1 47 8d 45 39 a3 d2 9d dd 7d dc a9 73 6a 2b 77 ea 29 7e dc df 39 d8 46 db 73 fc b8 bb bb d5 da 95 eb 75 ec 5f f8 d7 fe a5 7f e5 7f f6 4f fc f7 fe 6b ff a5 ff b5 ff c6 ff e0 bf f0 7f f6 7f f7 7f f3 df fa ef fc 57 fe 2f fe af fe 0f c5 35 fc a3 ff f1 e1 22 fe 0b 2e e2 b2 8f 3b f8 71 0e 82 9c 9e e2 0a 91 1f e0 e8 0e de cf 07 d0 07 11 c5 07 2f 68 d6 af 65 ee af f0 7a ff 08 d6 fc a3 78 bd c1 2c 10 10 f1 53 7f a1 bd 4f d2 39 22 dc a2 bc 1b 06 d7 61 1a 12 ef c5 99 07 4f cb 4f 42 ba 34 51 ce ff 72 05 98 21 5d a5 18 04 c5 c5 2f 6e 27 8a fe ea 0e 02 13 04 06 4f 4d 9e 26 34 d6 c9 6f c9 00 bd ec ef d4 69 d9 93 30 bc 7f d9 40 bc f9 fd 05 0c 98 6d e1 fd a1 20 a2 d2 2d 66 7f e7 90 35 91 35 54 91 1c 25 f9 1b 38 bb 21 dd 27 a9 6d 46 2c e2 25 5d b5 b8 77 6d Data Ascii: ^GE9}sj+w)~9Fsu_OkW/5".;q/hezx,SO9"aOOB4Qr!]/n'OM&4oi0@m -f55T%8!'mF,%]wm
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3b 0d 0a 30 30 30 30 30 30 30 31 0d 0a ba 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 30 30 30 30 31 0d 0a e1 0d 0a 30 31 0d 0a 08 0d 0a 30 66 66 38 0d 0a d1 ae b7 7b 51 b5 11 f9 3c 71 35 b0 d7 33 63 c3 07 cc 7d 12 26 55 6b 91 4d 97 e7 86 28 83 10 e4 26 9e 7f 6e 4c 1b f0 63 14 22 9c a7 08 b4 14 2c 9d 4c c8 65 79 8b 9c b8 12 8f 79 74 1a bc f0 cf 83 17 c7 1c 95 c9 76 e0 77 d1 2c 49 f3 9f 21 59 e0 d0 58 87 9b 30 f5 e0 64 4c d6 36 20 0a a6 f5 3c 99 fd 82 d0 c9 f0 94 3d 8a 70 f8 47 b8 c0 e0 a2 9d e6 af a2 71 38 9f 50 08 c3 8c 1c 4f 44 1c 6f a6 af d2 10 e6 6d b6 68 09 2a 0d 48 0e af 14 c3 05 df 1c 41 3c 02 Data Ascii: 00000001;000000010000000100000001X00000001`0000000100000001010ff8{Q<q53c}&UkM(&nLc",Leyytvw,I!YX0dL6 <=pGq8PODomh*HA<
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 0c a1 cb 0b 06 11 ee ad 88 c4 79 52 ba 6d e7 21 de 97 7c 36 bf c9 0c 0a d8 30 63 ca 49 17 48 30 3e b2 fd d8 fc 23 d7 ac b3 9c 3c 3c cd d6 10 a4 95 3e 04 e3 a2 8c bd 05 6a c0 32 81 de 29 a2 f8 a0 5d d1 2b a5 86 44 41 0c 93 d9 b5 a3 7f 38 2a 97 96 fa 13 e1 19 53 e8 2d b3 6b 35 3d 40 9e 39 c9 10 44 43 6b fc 90 bc 9c c4 b3 41 12 a6 23 bd cb a4 90 01 db 2a c3 b2 65 5e b0 9f c8 49 2e 17 7f c0 a2 c0 b5 fd da a8 89 a7 28 11 1e 89 20 e8 90 5e c2 91 59 81 a4 4e 91 73 59 2a 0f ac bd e1 30 32 cf 60 4e 48 f4 f8 25 99 d1 0e 59 21 f5 0e 01 00 41 e4 d4 bc 74 fb 17 d7 75 e9 16 17 75 be bb d0 2e 50 a6 44 39 b4 8a a1 56 f8 52 6c eb 7d e1 bd 72 4b c9 cf be 21 3a db a8 0a c4 04 d9 73 68 f3 09 d4 46 46 04 6f 25 c5 61 18 54 9c 05 ff 7b 9f 02 d6 df b3 f1 f4 63 3a a9 2f 56 47 23 Data Ascii: yRm!\|60cIH0>#<<>j2)]+DA8S-k5=@9DCkA#e^I.( ^YNsY*02`NH%Y!Atuu.PD9VRl}rK!:shFFo%aT{c:/VG#
2024-10-24 09:44:02 UTC	1378	IN	Data Raw: 11 d6 a0 1d b5 c9 28 e7 e4 7f 08 9f 36 b0 47 b4 68 60 77 18 5c 1e 90 a2 44 91 f3 3f a7 af f8 d9 30 14 4d e2 fd 9b 2a 29 e8 be c6 4e d6 8f b7 87 df c0 eb ce e9 7a d8 22 7b ec ff cb 8d c4 51 d7 73 11 0b b3 09 56 11 89 53 ea 2f a7 ee ee ee 26 be f7 96 a9 a8 75 f5 2f 81 65 b5 ef 7b 43 a3 18 a3 d2 ca 5c a9 eb 8f 43 71 5d 18 b7 41 a9 8e be d6 4b b1 0a 80 23 1a 91 96 e7 ab b2 ed 9f 62 92 4a 8b a9 54 9b 44 3f 4b 7f ef e0 60 67 4d d4 d2 ff e2 58 a5 cb 7b c6 2a 21 2a 69 bb 75 70 b0 4b c1 48 12 80 24 61 4b 1a 60 54 8a d4 a5 b6 94 26 87 da ee ee b4 10 c1 e4 04 ed fa 33 ff 0c 41 48 9c e2 ca a4 72 f0 e0 a6 27 89 93 5c 89 a9 49 5a f5 39 ba a6 07 31 c4 41 85 30 e9 ec 38 69 ac 24 a1 4d 26 bd 36 a4 ba d2 36 04 06 6c 1b b9 66 92 40 a4 c1 7a dd 8c 8d 3c 46 e6 16 5e 3b 8c 93 Data Ascii: (6Gh`w\D?0M)Nz"{QsVS/&u/e{C\Cq]AK#bJTD?K`gMX{!*iupKH$aK`T&3AHr'\IZ91A08i$M&66lf@z<F^;
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 16 0d 0a 30 30 30 30 30 30 30 31 0d 0a d0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9e 0d 0a 30 30 30 30 30 30 30 31 0d 0a c2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 87 0d 0a 30 30 30 30 30 30 30 31 0d 0a b0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 01 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 07 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 31 0d 0a 6e 0d 0a 31 62 30 62 0d 0a 9b 2f 3c fb 3c 5f Data Ascii: 0000000100000001z000000010000000100000001!000000010000000100000001j00000001000000010000000100000001}00000001`00000001b00000001000000010000000100000001>0001n1b0b/<<_
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 8e ba 1b c4 a6 b9 58 a3 ff 2a 08 1b bd 51 b0 22 4e 93 56 5a 8b 5b b7 42 a1 16 c2 ca f5 51 e5 76 a6 81 de e0 76 32 4b 9f bf 30 b6 e6 ab 45 fb 88 0c 41 f6 17 64 1a 85 2d 25 91 6f 16 6d ed 23 d7 0c 07 77 a0 2c 43 86 9d 7a 0c b3 50 0f d9 83 f8 ab 67 11 85 81 d5 42 6f f1 cf a9 47 21 58 48 18 02 4f 7f 5a 6f 36 07 19 bf 0a a6 38 ad 04 ee 58 aa 27 71 aa a9 5f 09 a3 1c 22 e4 f3 8c b8 06 71 f0 19 75 9d 25 31 04 a4 14 65 d0 8d c3 ee 19 45 72 ad 87 4d 81 05 88 2d ff 43 80 e1 51 a8 1d c3 3c 10 bc c0 43 31 9f 73 de fc 95 d8 78 72 24 72 ee b1 cc 9c ac 2e b8 ce 65 b5 de a3 18 af 70 53 7c c8 26 97 45 aa da 47 79 85 d6 2f 94 9e 56 bb 48 9c 21 77 02 2e d3 ae b7 33 bb f2 5a 8c 3d 3b 02 82 be ae b8 44 5f 69 cb 53 ec ae d7 46 d3 2c a1 0f ed 38 7b 43 1f d0 71 01 e3 f1 cc e9 54 Data Ascii: X*Q"NVZ[BQvv2K0EAd-%om#w,CzPgBoG!XHOZo68X'q_"qu%1eErM-CQ<C1sxr$r.epS\|&EGy/VH!w.3Z=;D_iSF,8{CqT
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 80 25 62 a5 7a 8c 91 61 7c f8 f9 1a b4 00 74 25 d0 e0 45 17 12 8a 26 5b 02 bf db c7 e7 27 a8 15 bc 3f 33 1f 5f 60 e7 d6 bf d3 73 7d 63 23 28 1f 15 1d a9 aa 41 5f 50 e6 c5 78 c2 c6 0e ab 19 15 aa fb ba 43 67 20 61 9b 61 ad a0 2d a1 04 e7 3c 27 59 48 85 4d 00 06 a9 7d 6c c6 28 6c 19 85 74 6a d6 07 83 9f 55 8b 9b 56 38 5d 23 c9 5f 9e c1 2b df 64 03 04 a9 6b 64 e5 c0 ea d7 2f 57 27 e9 66 10 93 49 3a ac 65 db ae b2 6c d8 eb 6c 6d 1d b8 df 95 c7 36 f0 57 e8 ff b0 99 f3 7b 3c 42 1b d3 97 26 33 ef 34 8d ae 9b f8 da 6b 16 c9 74 5a df c8 bf 6a d8 e1 2f 10 e0 1e d6 3f e9 e9 20 ac b7 db bb 3e d4 19 f3 57 2b d8 97 4d c7 c2 3d 6f ef 36 00 64 40 f2 d6 c2 70 20 20 a7 fe 97 cf c1 f6 c7 24 9c d5 65 9f e1 8a 41 62 aa 66 89 ff 3a f0 37 df 18 96 71 19 0a e0 e5 41 59 b2 f8 d9 Data Ascii: %bza\|t%E&['?3_`s}c#(A_PxCg aa-<'YHM}l(ltjUV8]#_+dkd/W'fI:ellm6W{<B&34ktZj/? >W+M=o6d@p $eAbf:7qAY

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
94	192.168.2.16	49857	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f138fcc87f6270653d9adfe94cf75c91 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:16 GMT Expires: Sat, 18 Oct 2025 08:55:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521326 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 66 66 66 0d 0a 8b 08 00 00 00 00 00 02 ff cc 5c 7d 77 da 46 d6 ff ff f9 14 aa da 7a a1 47 92 01 03 06 1c 9c 3a 8e 9b a6 cd db b1 9d 9e d3 cd e6 b8 42 1a 40 b5 90 58 49 d8 71 08 df 7d 7f f7 ce 8c 18 01 8e db dd f4 3c 8d 5b 1b cf 9d 97 3b f7 fd de 99 b1 bd c8 85 95 17 59 14 14 f6 51 2d 17 f1 d8 bb 15 a3 b9 1f 5c 9f 4e 17 c9 f5 4d 71 b5 88 ae 66 7e 94 0c 3f 03 fb f4 e9 dd fb ba 37 5f e4 d3 da bb 77 dd c3 7e ab f1 de 59 f2 cf 41 ad 70 84 13 d5 87 c7 cb 1b 3f b3 d2 61 54 6b b5 7a fd 76 dd c9 f0 b1 d3 ed 1d 36 ea 4e 3e ac 45 b5 7e af df ac 3b 51 ad 8d a6 76 bd ee 24 80 37 bb dd 76 a7 ee f8 f8 d8 6d f5 0e 5a 75 27 c6 c7 5e a7 d5 c0 a8 80 46 b5 5a 2d 6a 46 63 b7 d5 45 23 c6 74 0e 5a 07 18 3f 42 cf 83 de c1 61 bf Data Ascii: 000000010000fff\}wFzG:B@XIq}<[;YQ-\NMqf~?7_w~YAp?aTkzv6N>E~;Qv$7vmZu'^FZ-jFcE#tZ?Ba
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 2c 9a 4c 0b db fa 7e 96 c2 49 a5 37 22 53 fd 8f 1f ed 9b 18 1c 5b 20 c0 c8 0b e2 74 11 3e 55 ec a6 65 89 7e b1 17 8d 9f b2 51 08 eb 52 e2 a1 55 a7 52 76 4e 4a d1 31 74 59 76 92 42 e6 d8 9b d2 63 c3 d6 df 78 3f ff ec e5 d3 f4 56 8d aa 0f c0 3e 4d ff aa 76 00 89 0d 21 35 e9 2f f6 f6 c4 9a fe f7 0a 9f c9 82 6f c0 82 6f fe 8e 2c 00 07 a6 de 7c 9a 26 e2 f5 82 79 fe 05 88 bf 83 22 0f d2 3f fa 13 f2 1f ed ed 45 6b fa ef d4 66 93 f6 57 a0 fd d5 df 94 f6 73 4f 84 51 f1 03 0c dc 17 12 fc 0d 6a 3c 48 f7 f4 4f d0 3d dd db 4b d7 74 5f 9b 46 93 d8 a7 20 f6 e9 df 94 d8 0b 0f 38 3f 65 07 03 33 f5 85 08 4e 64 b8 8f ca 75 18 22 37 81 6e c1 4d 4c d3 2c fa 08 b3 e2 c7 76 5d f9 d4 8b c5 08 a1 85 19 26 58 a6 a7 bc 1a c3 e3 85 26 71 9f 83 b8 cf 89 b8 ec 4c a0 ba 66 f7 44 14 b7 Data Ascii: ,L~I7"S[ t>Ue~QRURvNJ1tYvBcx?V>Mv!5/oo,\|&y"?EkfWsOQj<HO=Kt_F 8?e3Ndu"7nML,v]&X&qLfD
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 51 fa 30 92 95 cf d8 55 22 92 16 8b bf a5 f6 5c 51 ed e7 8d dc b6 66 a4 8a 12 41 fa 1d 92 75 02 17 95 a4 54 c4 b2 2e ee f2 42 cc c0 5e 58 0e e9 8a 34 07 79 9c 52 03 00 4d a5 fc 88 69 3f 6e d9 44 33 f1 b2 36 c2 44 e9 8f fe 0a eb f7 d5 06 9e 15 63 76 bf 39 34 62 a5 d7 d8 cd eb 52 3e 5d a9 15 08 a5 95 6d aa aa 84 32 26 48 ce 42 4a 7e 95 7d b8 9f 72 aa 83 49 bd 67 58 ef 59 b9 9e d6 07 e9 57 4c 1a 96 81 89 74 e2 d2 57 40 52 4d 79 7c c8 65 a8 e5 ab 6e 43 35 ea 0d 2a 1e eb 56 33 1f 7b 09 54 5f 96 a8 be 4d ae 11 45 25 1a 03 a2 10 08 b0 59 50 b4 23 08 d2 ba 2e 8e b3 1a e4 58 d1 98 8b d8 69 72 45 a7 00 1b 5d 64 12 59 29 9d 57 0c e2 4b bf 40 68 12 be 4e 4e 39 ac 34 e3 8e 1d 43 bd ad e5 14 23 95 4a 54 a6 56 33 52 b9 9b 8d 6b 84 fd 58 32 c3 71 47 22 4e 6f dd 26 8e f6 Data Ascii: Q0U"\QfAuT.B^X4yRMi?nD36Dcv94bR>]m2&HBJ~}rIgXYWLtW@RMy\|enC5*V3{T_ME%YP#.XirE]dY)WK@hNN94C#JTV3RkX2qG"No&
2024-10-24 09:44:02 UTC	245	IN	Data Raw: 1c 69 6b 4c eb 9e 31 1e f8 bb 9b 0a 87 ed dd 58 a1 34 c6 c9 8e 0b cb bf 89 59 a3 b3 7b 8c 26 3b 91 7b 73 d0 e1 7a 0c 6d d6 f7 64 9e c9 53 73 50 4a b5 92 31 dc c4 c0 12 31 ce ea 50 f4 03 b1 2c f2 22 85 70 61 78 03 f0 5b d6 ce b9 7d dd 5d 66 49 dc b8 53 bc 48 d2 2d 5f e2 53 76 88 12 38 43 21 8f 0c 30 14 62 b8 ff 1d 87 89 28 82 f3 bd 9d dc fa 6e 1f b2 f9 e5 c5 0a b4 e1 fd 4a 99 94 ca 28 e3 eb 77 d4 f4 5e 22 ea ba 26 c4 cd 6f 26 2e 1d 8c 69 d5 a8 00 59 69 f8 d6 90 3b 25 b2 38 6b fd 61 ff c4 70 68 25 6f 13 09 a6 fd 9e 3c e7 c9 30 59 39 fd 2e ae 63 7e 41 5d ff c7 fe 77 5f 81 6b df 59 4f d2 b4 c0 ed 41 1c 74 58 37 1d ef c0 6b 59 35 9d 21 22 d0 18 69 28 b4 74 b6 5f e7 11 74 72 cb d7 9a ac 56 a3 d9 74 5b 8d d6 01 c2 7b 61 cc 84 0d 0a Data Ascii: ikL1X4Y{&;{szmdSsPJ11P,"pax[}]fISH-_Sv8C!0b(nJ(w^"&o&.iYi;%8kaph%o<0Y9.c~A]w_kYOAtX7kY5!"i(t_trVt[{a
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 11 0d 0a 30 30 30 30 30 30 30 31 0d 0a ce 0d 0a 30 30 30 30 30 30 30 31 0d 0a f8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a fd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 22 0d 0a 30 30 30 30 30 30 30 31 0d 0a 42 0d 0a 30 30 30 30 30 30 30 31 0d 0a 79 0d 0a 30 30 30 30 30 30 30 31 0d 0a 28 0d 0a 30 30 30 30 30 30 30 31 0d 0a 47 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 83 0d 0a 30 30 30 30 30 30 30 31 0d 0a 23 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 31 0d 0a 91 0d 0a 39 66 31 0d 0a 59 2f 9f 5f 1a 0b 44 c5 74 81 5b 4f 98 ba b8 1d e5 fb e5 6a fb b0 3a a3 7d 92 87 fd 17 cf 4f Data Ascii: 00000001j00000001000000010000000100000001s000000010000000100000001"00000001B00000001y00000001(00000001G000000010000000100000001#000000010000019f1Y/_Dt[Oj:}O
2024-10-24 09:44:02 UTC	1363	IN	Data Raw: 0c d9 87 d4 80 ef 8a d4 78 a6 32 73 71 7b 32 0a 4b 45 30 43 63 03 6c ca 23 2c eb 56 af 28 a9 4e 63 66 43 3c 8d ee b0 31 91 ec b7 fa ce f9 6e 30 90 cf 66 e8 13 dc a5 c8 96 a3 14 54 8c 3e 52 24 ae 46 a1 65 f5 fd 0c b7 c2 fc 1a ce 0b f0 fe 08 84 12 21 14 23 c4 0d 43 2a 1a 93 95 40 f5 9b 40 22 09 50 b8 97 69 1f 9e fb a1 ae 8c 43 d6 a9 7f 13 a1 f8 94 cf 90 0c 4e 57 2b f5 bc 6b 89 62 39 ee 27 a9 5b 86 03 96 6d e9 e3 e8 fd d9 20 01 95 fc f8 08 66 45 b8 ca 4d 29 13 b7 5a c4 cb 39 26 21 66 c5 62 5c 0c 48 f2 a9 51 4d 88 03 8c 41 e3 68 7b 76 74 b1 d6 bd e4 19 c4 a0 b1 1a 2d 79 55 e5 25 47 69 8c b4 77 c5 07 bd 8e c7 3f 24 9c dd ab d7 3b ec 60 2d 1f 4f f8 a8 9c c6 6c 2e 55 8b 2d 20 03 c8 f6 c1 d3 57 21 4a 70 60 ff e1 ec 39 ea 36 ec 2c 99 d9 95 8f 7a 1e aa 0c 4b b6 5f Data Ascii: x2sq{2KE0Ccl#,V(NcfC<1n0fT>R$Fe!#C*@@"PiCNW+kb9'[m fEM)Z9&!fb\HQMAh{vt-yU%Giw?$;`-Ol.U- W!Jp`96,zK_
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
95	192.168.2.16	49859	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/88687.cca6b938f5ec6b221b34.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 3941fc4feafc7fd2bc96f6734b8f6ac1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:07:07 GMT Expires: Sat, 18 Oct 2025 09:07:07 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 520615 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 59 0d 0a 30 30 30 30 66 66 33 0d 0a 93 db 46 92 7e df 5f 51 a6 66 64 c2 0b a0 71 1f ec a6 64 4f cb 11 ea 08 79 c6 e1 63 1f ac 51 f4 80 40 b1 89 69 12 e0 02 60 1f 43 f1 bf ef 97 75 80 20 d9 6d 79 b4 da b7 15 65 11 59 47 56 de 95 95 05 7a dc f2 e5 dc be e7 b3 75 96 df Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\00000001Y0000ff3F~_QfdqdOycQ@i`Cu myeYGVzu
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 07 82 8e a5 a2 47 90 48 08 93 5e 03 f6 74 6c 37 da d5 86 7a 9b 83 de b9 a0 57 12 45 82 af b2 15 d1 01 a5 0d 55 24 ad 54 88 1e a8 61 8b 9f 2f 78 b3 b0 f3 0c 71 b5 c8 9a 2b 84 09 65 9e 9a c3 37 10 83 6c 1a 3a fe eb d1 68 32 90 f3 0d e8 be 11 74 f7 e2 23 2d 59 65 d1 4b b0 b7 b9 25 2c 9e b5 88 a6 b4 e0 e3 81 e1 31 58 1b e2 88 16 aa d2 8f 34 30 29 cd de e9 4a cc 27 23 78 9a 6f 5a fc d7 66 69 98 8a 74 e9 a3 af 0f cc 67 d2 43 b0 bf de c5 94 3f 1e 78 58 1f 03 87 aa 7a 04 cb 8f c7 a6 45 bc b5 a4 2c 69 2f b3 4d d7 d5 d2 9a 66 5d 65 09 3c 7c c4 88 76 66 cf 38 36 0a fe 0b 82 34 49 5d f1 cc 16 f5 1d 6f 2c 3e 9f 63 3f 62 df e6 cb 32 bf ed c5 a1 5d 4f a2 1d 1a 54 61 cf ca 6a a0 3c b9 d2 4f fc bf 37 bc ed 84 73 6d d6 64 cf c5 98 ab e0 6f ef 1b 4c 6e 2f b2 76 3c 12 06 4f Data Ascii: GH^tl7zWEU$Ta/xq+e7l:h2t#-YeK%,1X40)J'#xoZfitgC?xXzE,i/Mf]e<\|vf864I]o,>c?b2]OTaj<O7smdoLn/v<O
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 56 2f 0b 81 f5 d3 c2 20 92 61 0a 38 92 ff 31 c2 e5 e9 5d e0 35 95 d1 41 82 eb 06 3b 73 f3 68 b2 17 5e 1c 7b c5 0c 36 2d 8c 2c b3 fb fa 9b 44 2f 6b 71 bd de 5f 90 af 53 f9 87 29 b9 3d c5 06 48 7c 21 f6 0b 7c d3 86 81 9a 8b 44 d6 7b 47 6f 8e d9 b2 bc a9 2c 1a 04 d3 c8 91 c2 0a 79 c1 69 16 68 b3 90 11 e4 9c 24 4b d5 56 49 a0 2d ea 19 12 9d 32 4a 6b c9 e7 50 b4 b2 2b 35 40 aa 50 a4 1b b2 36 61 fe bd 52 5d f6 5d dd f1 56 a2 a8 b1 42 d9 c1 5f a5 99 f7 04 96 15 99 ab b5 f7 62 a1 ee ae c9 aa 16 25 92 d5 40 db a2 ad a4 1c 6a c2 14 36 e6 d8 1e 4a dd 59 cb 2d 78 57 bd e9 0e 48 57 cb 4b 02 55 39 66 4b 3e 76 24 ea e7 18 b1 d7 65 55 f1 e2 98 1f d5 7c c4 96 2b 97 96 b1 43 9a 8d c1 9e c3 0c 94 4f 0e 7c 52 60 0a f3 0b b5 ef eb 82 f8 81 66 26 cc 73 b4 9f 1d 0f 7c 2f 32 c4 Data Ascii: V/ a81]5A;sh^{6-,D/kq_S)=H\|!\|D{Go,yih$KVI-2JkP+5@P6aR]]VB_b%@j6JY-xWHWKU9fK>v$eU\|+CO\|R`f&s\|/2
2024-10-24 09:44:02 UTC	389	IN	Data Raw: 39 22 5f 93 ca f1 11 52 29 00 06 c1 a0 7f 86 b2 c9 7e 27 14 e9 12 dc e3 39 55 eb 30 a9 f3 2c da de 25 b2 c3 9e 27 ac 61 1f 35 54 0a f9 c2 8f fc 3c d0 21 b4 77 ab 01 c1 61 60 b2 08 f6 14 ab 9d 70 8f 42 52 9d ce b3 f9 4c 2e 3f ec 52 d4 07 d8 0c bc 10 d3 bd 50 a5 24 87 c5 1b f0 1d 79 51 9e 28 69 1c 76 4a 1c 69 82 fd c4 a1 7f f4 a6 d1 8f 12 14 f0 9c f3 f9 f1 fc 5e 7c 24 6b cf c7 6c 4f 4b 9c aa 5f d8 2f b5 f4 ca 6a 01 c7 e8 24 07 e2 4c a3 45 33 54 e3 be 43 12 75 ac 46 d1 7f 52 eb 11 a6 29 ba 06 35 16 b0 3c dc e7 8f bb 25 fe 93 cd 39 87 53 69 92 0f f2 b9 05 f6 1a 19 5d 9e a2 7b df 2b b5 c5 e7 33 ae 14 a1 62 8d ae 8a e1 dc a3 3c 89 5e ad c2 55 0d de 8a 9b c8 c3 dc 41 87 5e 85 87 3c d5 f1 58 a1 92 56 23 ca 1d cb 0d 95 6a 26 d2 69 29 1a c9 bf b6 1b 87 bd 03 8a 75 Data Ascii: 9"_R)~'9U0,%'a5T<!wa`pBRL.?RP$yQ(ivJi^\|$klOK_/j$LE3TCuFR)5<%9Si]{+3b<^UA^<XV#j&i)u
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 11 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a 35 0d 0a 30 30 30 30 30 30 30 31 0d 0a e8 0d 0a 30 31 0d 0a de 0d 0a 39 66 37 0d 0a d7 d1 30 40 5a d4 a0 57 59 95 08 ff 03 db 87 d5 60 b4 12 35 95 d5 ac 3b 14 4c 8a de 11 86 a9 f1 a0 7b 68 8f 70 b7 93 51 65 75 88 66 98 23 0b 34 7a c0 11 22 39 6e f7 8d f9 cd 64 22 df 84 a2 27 6c 97 bc d9 ce 6a 48 b1 fc 17 65 e2 6a 16 5a 76 df ae 78 51 66 e3 35 de 53 e4 0d 04 c5 0b 38 46 81 22 af ac 08 a1 94 2a bb 78 95 e3 b2 48 1e fb e4 6b 9e d6 8c 2f b2 bb 12 65 e2 76 85 c3 e0 62 b7 cb 70 87 44 17 03 42 48 bd 61 1e 46 26 ec 93 87 3d 4a ec 88 9e d8 2a 45 ce 3a 88 52 54 90 de a9 5a f1 76 1f ac a4 1f 8b ed e7 10 d9 20 8a 51 98 32 Data Ascii: 00000001000000010000000100000001500000001019f70@ZWY`5;L{hpQeuf#4z"9nd"'ljHejZvxQf5S8F"xHk/evbpDBHaF&=JE:RTZv Q2
2024-10-24 09:44:02 UTC	1222	IN	Data Raw: 25 11 5e 77 22 e2 54 04 4b 92 94 d8 42 a4 0b 85 55 3b 49 0a ec 01 68 87 64 43 db 8b 70 3d e6 7b 76 ec 78 f0 7d df 86 cb a3 1b 58 10 ca 2e 5d cf f6 e2 08 44 20 a0 46 b1 d0 84 54 26 d0 05 49 4a 6a 1a 2a f7 b7 1f 7a fd 05 38 ff 91 95 e2 ed 2c 8f b9 04 09 e4 64 09 08 87 7e 48 d1 18 8b 1d 58 86 86 49 fe 64 03 a0 31 f1 20 4f c8 39 82 4b 81 d8 04 13 c9 17 50 52 02 76 c0 61 00 e2 00 87 11 c6 03 8e c1 0c c1 62 57 00 9c 90 7e 52 1b 97 09 44 0c 68 86 64 5c a8 c9 15 9b 40 e2 01 3d f1 9e 44 a9 88 d6 74 55 08 d1 40 fe c9 a5 07 de f0 43 57 82 53 b2 0a 88 02 67 6f b2 17 2c 06 4f 85 a5 a6 2e 44 15 d9 4e 14 fa ef 08 f6 53 0c 87 75 00 2d 29 26 89 41 2d 60 27 82 06 08 76 22 61 7f 41 42 54 63 d9 00 b2 81 79 e2 22 15 56 45 2a 08 a1 57 44 00 fc d2 55 8e c7 3a 80 51 83 83 dd 20 Data Ascii: %^w"TKBU;IhdCp={vx}X.]D FT&IJjz8,d~HXId1 O9KPRvabW~RDhd\@=DtU@CWSgo,O.DNSu-)&A-`'v"aABTcy"VEWDU:Q
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
96	192.168.2.16	49861	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e8c16d95a84387479d8345fe90ecfc3d Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:13 GMT Expires: Sat, 18 Oct 2025 08:57:13 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521209 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 31 0d 0a ec 0d 0a 63 66 37 0d 0a 5a 6b 73 db 36 16 fd be bf 82 e6 76 3d e4 16 cb da 8e ed d8 f2 b2 6e 1a c7 69 d2 34 c9 d8 49 66 76 3d 1e 0e 25 c2 12 1d 8a e4 00 a0 1c 55 d6 7f df 73 01 f0 61 4b 7e 24 75 db ec ce e6 43 0c 81 20 70 df f7 dc 0b ba 95 e4 8e 54 22 1d 28 77 cf 93 3c 3b 0b 2e 78 bf 8c 07 1f 9f 8e aa fc e3 44 45 55 1a 8d e3 34 0f 6f 79 76 79 79 72 Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000001cf7Zks6v=ni4Ifv=%UsaK~$uC pT"(w<;.xDEU4oyvyyr
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 3e 8b 09 45 3c 5e df c0 b0 c2 f0 f1 da da 16 60 c6 08 c3 47 8f d7 b7 d6 7c 36 c0 d0 e2 90 84 d6 6a c4 c1 4a 1a 6e 6c 6c 6e fb 6c 42 0b 08 1c 75 70 08 64 46 38 44 a7 df f0 6a 7e d8 03 d7 76 06 32 7c 73 91 bf 15 45 c9 85 9a 1e 4f c7 fd 22 93 e6 ad b4 7e 6b e9 1a 68 64 8f 60 4a 1a a6 88 4a 99 e2 c2 f3 6a 58 e1 e1 dc ab 89 e9 ea 16 07 5c 0e 44 5a aa 42 68 1a 03 9e 03 7a 88 b8 9f 21 5d 13 3e d1 0e 15 c4 65 99 4d 3d b8 9a 3f b7 9b 75 80 4b 44 6f 02 05 da 73 3c 1e 36 87 23 84 10 d3 dd 19 12 04 78 76 0b 8d b2 dc 95 50 4d 4b 5e 9c 39 ea f2 b2 f1 72 47 19 d7 0e d5 89 11 43 a0 8a b7 22 1d a7 2a 9d f0 53 12 59 03 87 70 ac 45 8a 30 a5 2c 23 52 2e 2f dd 84 9f c5 55 a6 5c 9f d6 2e 1c 95 d6 a9 1a 91 43 1b 56 ce 2f 9c 77 20 e3 99 10 90 83 fb c3 0f 9d e3 9c 71 85 38 6e b9 Data Ascii: >E<^`G\|6jJnllnlBupdF8Dj~v2\|sEO"~khd`JJjX\DZBhz!]>eM=?uKDos<6#xvPMK^9rGC"*SYpE0,#R./U\.CV/w q8n
2024-10-24 09:44:02 UTC	1001	IN	Data Raw: 13 5a 82 2e 34 89 4a ef e4 9f b2 3a 86 f1 5b 9d 17 f5 f2 0a 6f fb ea b6 36 b6 19 4a 84 7a 47 70 77 55 39 d2 43 11 1b 90 b2 bc 6e 4b 67 06 e1 e3 26 08 19 ce ca 97 6e 0a e8 27 64 18 44 67 45 95 27 b5 2e 54 d8 3e 49 13 14 e2 20 7c 51 c5 6f a9 2e c0 5d 0d 98 4b 83 27 90 30 55 2b a6 40 41 65 6a 92 69 d0 94 12 d2 6c b3 c4 54 42 6b e3 dc d8 b8 2a 54 9c 3d cb 87 28 aa a5 09 ca e0 f0 5d 67 d2 e3 d7 12 09 75 a4 24 34 d5 59 03 9f b0 25 cb d2 2d da c7 37 6d 46 ec d6 5a 3e 40 f2 69 b6 59 6c 37 5f 27 07 32 d5 c6 a3 c5 96 17 2a 3d 9b 7a 54 e0 19 0b b9 49 8e d4 57 13 8a 64 8a f0 86 f5 54 11 22 d6 96 cd 8c 06 2c 6a af 36 1c 65 b4 7f d3 76 dd a8 88 f6 0d b5 ed 3a 7b cd 97 19 8d 6e 29 fc f6 1b 2e b8 63 19 8c 5e a3 5d 41 8d c4 d6 0b 17 fb 0b 8d 3f 30 37 69 c2 4b 84 2e 19 47 Data Ascii: Z.4J:[o6JzGpwU9CnKg&n'dDgE'.T>I \|Qo.]K'0U+@AejilTBkT=(]gu$4Y%-7mFZ>@iYl7_'2=zTIWdT",j6ev:{n).c^]A?07iK.G
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
97	192.168.2.16	49862	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	518	OUT	GET /ui/files/submission/challenge HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	225	IN	HTTP/1.1 429 Too Many Requests Content-Type: application/json X-Cloud-Trace-Context: 14d0866d1d99016332af75d61635071b Date: Thu, 24 Oct 2024 09:44:02 GMT Server: Google Frontend Content-Length: 153 Connection: close
2024-10-24 09:44:02 UTC	153	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 20 7b 22 63 6f 64 65 22 3a 20 22 52 65 63 61 70 74 63 68 61 52 65 71 75 69 72 65 64 45 72 72 6f 72 22 2c 20 22 6d 65 73 73 61 67 65 22 3a 20 22 50 6c 65 61 73 65 20 72 65 2d 73 65 6e 64 20 72 65 71 75 65 73 74 20 77 69 74 68 20 61 20 76 61 6c 69 64 20 72 65 43 41 50 54 43 48 41 20 72 65 73 70 6f 6e 73 65 20 69 6e 20 74 68 65 20 5c 22 78 2d 72 65 63 61 70 74 63 68 61 2d 72 65 73 70 6f 6e 73 65 5c 22 20 68 65 61 64 65 72 22 7d 7d Data Ascii: {"error": {"code": "RecaptchaRequiredError", "message": "Please re-send request with a valid reCAPTCHA response in the \"x-recaptcha-response\" header"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
98	192.168.2.16	49864	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/70520.2084d2d63c64ac00d8ff.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 88a9d1470ffa83ada6493b348235927a Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:53:57 GMT Expires: Sat, 18 Oct 2025 09:53:57 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517805 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff b4 5d 6d 73 1b 37 92 fe 7e bf 02 e1 5d e5 a4 2a 2e e3 f5 6d 72 39 bb b4 57 0a 29 3b aa b5 64 95 a4 f8 6e cf 95 e2 8e c8 a1 38 1b 92 c3 9d 19 4a 56 79 f5 df ef e9 6e 34 06 c0 cc 50 a4 ec 7c b1 45 bc 74 37 80 46 a3 df 80 e9 6d ca d4 94 55 91 4d aa de eb 83 32 5d cc 06 f7 e9 cd 3a 99 fc 36 9c 6f 56 bf dd 55 e3 4d 36 5e 26 d9 ea 68 4b dd 3f ff f9 f1 d7 c3 c1 7a 53 ce 0f 3e 7e fc cf 17 df bf 7c f1 6b ff 33 ff ff ea 20 ed 67 fd ea f0 e8 cf 9f ab 41 71 90 1d f6 ab c1 f4 20 eb 7f 3e 3f 3e 3b 19 8f 4e ae 86 e3 b3 e3 8b 8b d3 f3 b7 af 0e d0 68 d5 3f 3f fe c0 7f 25 fd ab 93 e1 f5 e9 fb f3 f1 f1 f9 68 7c 71 fa e1 fd f5 55 d0 b4 7c 3c 7c 7d 97 14 26 3f aa 0e Data Ascii: 00000001000010ffe]ms7~]*.mr9W);dn8JVyn4P\|Et7FmUM2]:6oVUM6^&hK?zS>~\|k3 gAq >?>;Nh??%h\|qU\|<\|}&?
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: da 7f 60 41 df e7 91 ba f7 c4 2c b3 72 b2 d7 9a 49 87 fd 07 e7 fa ed 35 30 ee b5 f7 a0 b0 c5 f2 87 bd 46 65 7b ec 3f ac f4 13 64 42 55 40 6c e5 ab bd 30 86 1d bf 14 31 fa ef 35 af 01 f6 fd e7 f7 36 19 43 6b d9 7d fb 4d 57 25 3a 14 38 49 77 de 48 d4 3c 9b 6c 51 c6 23 89 55 a4 b7 a4 42 3d 8c 7f 4b 9d 82 fe e4 16 77 9d ee 92 c5 66 77 5c e9 dd 3e f2 6a 9d ad 77 07 bd dc 54 e9 a7 9d 27 69 96 2f a6 7b cc 29 1d 5f 3b c3 5e 17 f9 04 4a 20 f4 38 52 12 c7 55 52 c0 f6 db b9 37 9f 71 f9 5e 8b 01 15 78 0d 45 0b c7 2c f4 c5 12 67 c2 ce c8 a0 26 55 e3 75 5e ec 4e de b4 c8 d7 6b 7b a0 ef 8c c6 ef 04 75 b0 9a ef dc 93 ad ab f1 3c 29 bb bb 78 6a c4 55 06 5b 34 29 48 e5 a3 2e 69 6c 51 9c 4e c1 7e d9 2c 4b 0b e8 82 f3 a4 32 93 05 ec ca b4 30 a5 74 34 54 5d 65 69 59 5b 0e 64 Data Ascii: `A,rI50Fe{?dBU@l0156Ck}MW%:8IwH<lQ#UB=Kwfw\>jwT'i/{)_;^J 8RUR7q^xE,g&Uu^Nk{u<)xjU[4)H.ilQN~,K20t4T]eiY[d
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 54 1b a6 96 5a 98 90 9c 87 40 10 5a 0e 1b ad 2e c7 55 5e 77 44 43 b2 e0 ec aa b7 74 4b 4a 87 a6 87 bf 41 6a 02 23 ef 7e e5 89 77 2d 40 dd 24 df d0 81 a6 f0 7b f6 37 d5 40 8c 97 e3 44 6b 74 f2 a4 f8 a6 bd 78 12 17 eb 71 ec 84 17 66 d9 f1 8e 82 8c 1b 79 3e 9b 9e ed c8 ca cf e3 e3 af fd d5 11 12 39 0e 3e bb 44 06 de cd bd 2b c9 6b 88 6c 76 97 34 21 76 5b 49 66 de 0c c1 28 8a 4e 97 30 0a b1 61 30 4e 89 ab 0b 9c 6b c4 d8 43 20 7f a3 22 84 42 11 da 5a 22 30 5c f7 87 a1 4d 61 4a f3 6f 9f d3 c7 bf d5 4e 22 81 33 7a c0 ff 9e 51 69 66 50 5d 29 64 4e 3e 17 73 20 2e a4 c3 10 53 6f c7 4e ad 66 85 45 7b f2 93 b9 10 eb 23 1a 46 6f e4 55 71 98 0e 7a 25 a8 c7 c0 68 36 58 78 60 2e c4 6a 8e 6d 11 0b 9c 2c 6a 44 06 c5 4e 31 6f 7f 39 1d 35 90 b4 34 c1 8c 21 f6 68 a6 50 98 6e Data Ascii: TZ@Z.U^wDCtKJAj#~w-@${7@Dktxqfy>9>D+klv4!v[If(N0a0NkC "BZ"0\MaJoN"3zQifP])dN>s .SoNfE{#FoUqz%h6Xx`.jm,jDN1o954!hPn
2024-10-24 09:44:02 UTC	251	IN	Data Raw: da 61 a7 6d 6a 03 74 01 52 de be 1c 8c fe 02 b4 22 03 28 fc e7 f0 e1 06 a5 17 ed 0b 50 9e 5d 19 4b 2e b7 79 e6 3c 43 a5 86 b5 a0 32 16 7f c7 17 db e4 9a 58 80 f9 af 88 99 98 4b aa 10 b7 51 2d f8 e1 06 94 3b 62 90 17 d0 5f 70 23 89 fd 06 b8 ed 52 3d 28 47 0d 3d 1c a6 06 85 21 53 6f 96 35 f5 8d 9e 00 ef 48 f2 55 04 29 cb 76 d7 83 b0 91 30 b2 7e 4f 39 08 b2 ca dc 27 b4 0b 49 c3 17 cf 5b 82 16 7c 1f 10 89 a3 77 59 91 af c8 db e1 28 53 fc 7a 5b 09 34 05 77 b7 9e a0 06 d7 2e f8 ae 8a 5e 6e 50 6a 14 fe e9 ca 5c 83 c6 ff c1 21 e8 61 70 63 40 6c 08 4e 81 00 07 2e 4b b9 6b 3a 3b 0f fb 19 e3 f5 2f 65 61 d0 ce 59 ed ae 18 05 54 35 d7 c1 cb 74 e4 23 18 9e e9 95 78 f1 91 35 83 a8 08 85 71 79 7d 48 b8 e8 74 9c a8 fb db c2 f3 11 d7 61 32 0a 02 05 d8 7d 0d 0a Data Ascii: amjtR"(P]K.y<C2XKQ-;b_p#R=(G=!So5HU)v0~O9'I[\|wY(Sz[4w.^nPj\!apc@lN.Kk:;/eaYT5t#x5qy}Hta2}
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 30 30 30 31 0d 0a f9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 32 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a a0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 12 0d 0a 30 30 30 30 30 30 30 31 0d 0a 35 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 63 64 39 0d 0a f0 d3 7d b6 af 86 97 80 01 5f 74 e9 2a c0 47 62 be 34 b6 85 b9 cf aa b9 55 a6 fc b9 fc 49 6e 6d c9 65 3a 00 84 e3 54 2d 09 1b 28 8e a7 11 16 32 4b 7a 0d f1 e8 71 4e 85 06 bb 26 81 c7 5a ae 14 ea 7a a1 87 16 19 7b 59 12 98 da a3 f8 2d 23 80 ca Data Ascii: 00000001Z00000001000000019000000010000000120000000100000001\|0000000100000001>000000010000000100000001500000001cd9}_t*Gb4UInme:T-(2KzqN&Zz{Y-#
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 72 97 35 03 a7 89 12 dc 47 67 39 ce 1d 5d 58 a7 cf 74 e0 32 0c 11 08 5d f2 73 80 8f 53 0b 0a 5c 5b db 7b 18 d2 f3 81 20 63 0f 70 f2 74 00 d9 a7 87 b4 45 6e 65 8e 0d bf 51 e3 54 a3 21 f5 35 c7 0e 0a 72 ad 77 80 f2 53 2b 94 9f 1c 14 a4 66 ef 00 65 d8 0a 65 08 28 9d 6f c4 89 08 be ce d7 d8 0e e4 a4 37 74 e1 92 9e 8f 8b 24 72 13 06 f7 b4 22 dc eb 4f c5 2d 7d a3 cb b3 82 f6 02 53 45 ef e8 90 5e 07 89 19 75 d3 5a 6c 22 72 e2 5a 6f b2 be 16 62 10 e2 a6 57 f5 50 43 22 90 58 bc f9 ac 9c a0 b9 b2 ee 65 58 e4 fc dc 5c 84 07 e9 79 d5 32 59 13 8f aa 23 da b5 04 2f 78 ae f1 e8 5d 39 81 1e fa ce 8f 2f 8f d5 a2 88 d0 fc 95 ab d8 43 cf 19 b8 24 0d 95 e7 6b 8f 10 54 9e db 5b 5c f1 c6 2a d8 f0 1e 2e 43 72 56 27 19 61 f4 ba 1d 8d 34 20 0a 49 06 fe 8b 75 2d 54 21 d7 60 c9 be Data Ascii: r5Gg9]Xt2]sS\[{ cptEneQT!5rwS+fee(o7t$r"O-}SE^uZl"rZobWPC"XeX\y2Y#/x]9/C$kT[\*.CrV'a4 Iu-T!`
2024-10-24 09:44:02 UTC	649	IN	Data Raw: 13 10 b6 c7 9e f9 2a 94 4d dd db f1 96 95 df 1e d3 9d 32 a4 85 06 f1 b5 11 8a a1 37 4f d5 e5 b4 93 7e e9 3f 33 6f a1 23 6f 02 cb 02 65 3d 56 85 28 3d c4 d6 ec c3 91 d4 85 9f a5 17 f8 57 f2 33 06 ae c5 70 57 d3 27 5b e8 7d 13 a8 7a 88 3a d1 15 9c 3d 94 0c df 9f ad 1b 2e f0 9d 47 b3 16 d4 99 cd 9a 4c b1 bd 66 d0 21 e4 14 8a 36 94 ff ce 19 63 cd 60 a1 8f da b5 d9 67 ac f6 51 7d 99 d7 13 7a 61 3f 9e 55 29 dc 07 a6 3c bd 2f 20 2f f0 0c 7f 0c 91 cb f6 01 c8 f1 12 9d 16 1b 82 89 d6 c0 96 ee 03 55 9f f1 17 42 df f0 a3 fe 31 a9 b6 54 4d e1 ef 64 71 c9 e5 4d 8e ef 9d b6 07 19 ec 4a 3b 99 a7 0d 14 54 f6 25 08 e0 71 6a fb 64 80 9d 7f a9 34 a7 fc 3d 01 73 cd df 13 88 49 80 6f 8a 20 44 8d f6 19 a4 ff e1 01 41 3c a4 cf ed e4 86 82 3b d1 52 79 35 fb a0 68 f9 50 81 60 1a Data Ascii: *M27O~?3o#oe=V(=W3pW'[}z:=.GLf!6c`gQ}za?U)</ /UB1TMdqMJ;T%qjd4=sIo DA<;Ry5hP`
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
99	192.168.2.16	49863	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	675	OUT	GET /gui/8405.86474e95af8bef65079f.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: bc63b0b32a3d9af7552bc8ad41f624ee Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:02:09 GMT Expires: Sat, 18 Oct 2025 09:02:09 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 520913 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 31 0d 0a 8b 0d 0a 61 35 31 0d 0a 08 00 00 00 00 00 02 ff ec 5b 69 6f db 38 1a fe be bf 42 d1 62 0b 69 2b 68 9c 4c 4e 67 d5 4c d1 6b 07 e8 64 82 a4 ed 02 13 18 86 2c d3 16 a7 ba 40 52 4e 0d c7 ff 7d 1f 52 94 25 3b 76 e2 34 95 e1 16 ed 97 ca 14 45 be f7 1d 33 e7 c4 e0 82 d1 40 98 a7 16 27 d1 c0 bd 21 bd cc 0f 3e bf 0a f3 e4 f3 48 74 73 da 8d 7d 9a 78 f7 bc bb bd bd ee d8 6e 96 f3 d0 ba be 3e de 6f 1d 74 9c c9 ee fe f1 ee 49 db 12 0e 71 a8 ed bd 98 50 b7 6f 11 67 42 db 16 7e 8d a7 f6 e9 c8 67 06 f3 a8 75 b2 77 bc 7b 60 3b 09 1e f7 f6 8e 4f f6 6d 27 c5 e3 61 6b ef d7 5f 6d 87 e3 71 ff 68 77 0f 8f 3e 1e 8f 5a ad 83 5d db 89 f0 78 72 78 72 7c 64 3b a1 7c 3c 38 3c 3e b6 9d 40 ee dd db db 3f b4 4f 07 79 12 08 Data Ascii: 00000001000001a51[io8Bbi+hLNgLkd,@RN}R%;v4E3@'!>Hts}xn>otIqPogB~guw{`;Om'ak_mqhw>Z]xrxr\|d;\|<8<>@?Oy
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 9c f4 ac 54 61 c9 1d df 31 13 38 78 18 cc 1a 3c fe 9d 3d 2a 06 52 9b b8 8e ab 94 9f d0 31 c2 78 21 46 d8 45 8c 00 77 31 e7 d3 11 95 e2 54 7b de 8f b8 7d 5f f8 ca 99 e0 f5 4b ce d3 80 16 4e 5f 63 2f 3c 89 7d 89 f1 b0 c2 f3 df d8 a0 fc 0f 9c bd 8c cc b8 9b 27 96 70 69 bf 8c 9b 8c 31 25 51 df 90 94 af e2 08 fe 4a c6 0e a4 ef 2c 2c bb 08 74 66 57 c3 ff 59 f6 b4 ee dc 40 30 c5 8a d3 c2 c7 09 db 21 0a ae c2 c9 04 be ff 2a 4d 04 88 f8 b2 f4 55 17 3e f3 63 ee 4d 06 91 3f 6c 03 ce 28 8f 93 73 3f 26 6d f3 2d 56 cc a9 23 16 d7 3f 14 cb 22 9a df fe e1 c3 7b d3 89 68 f2 b9 0d 72 86 ee 5f c7 2e e8 74 45 7c 16 84 1f 59 64 4d 10 71 51 31 6e 9b 85 03 34 1d c0 d2 15 38 44 b8 80 5f 82 d4 9d f9 4f 38 62 11 4d ed 29 2e 97 5e 39 fe b2 0a 68 44 af 29 02 c2 f1 3c 24 6f be 64 94 Data Ascii: Ta18x<=R1x!FEw1T{}_KN_c/<}'pi1%QJ,,tfWY@0!MU>cM?l(s?&m-V#?"{hr_.tE\|YdMqQ1n48D_O8bM).^9hD)<$od
2024-10-24 09:44:02 UTC	206	IN	Data Raw: 1f ac 3e d9 c4 54 c5 37 41 ed ee 80 c5 83 58 56 e3 68 db 28 99 15 74 4f 92 cd 98 c4 29 1b 5f a8 39 c1 04 83 c7 b2 f6 bf 65 1e a2 00 b1 9b 15 30 e2 7f 05 e4 52 67 f1 b0 b1 41 5c 53 eb d4 c5 cb 46 c2 cb 4e dd db 0b ab 16 88 36 d1 b0 6b b6 65 a0 f5 a6 6c fc 3c c2 6b d5 ba 07 5a 4b 1e d3 3d 50 31 fa d2 9e 01 fe d6 4d f5 0c ca e0 1e ad 03 f0 e3 c1 c1 fd a5 5c 2a 07 f7 c1 25 0c ee cf 4e 2c 87 fd 9f 38 bf 8f 96 46 c7 3e fd c7 2f bf fc d3 e0 69 ce 02 f2 07 fe 3e 15 f3 39 1f 2f df 7b f2 ef 7e dd 63 34 3c f6 c9 c9 81 3f 38 ee 91 c1 e1 41 eb e8 64 e0 fe 8d c1 78 3f fb 3f 00 00 00 ff ff 03 00 b4 ee 92 58 6a 3c 00 00 0d 0a Data Ascii: >T7AXVh(tO)_9e0RgA\SFN6kel<kZK=P1M\*%N,8F>/i>9/{~c4<?8Adx??Xj<
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
100	192.168.2.16	49865	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/71288.1829e1a8db7a3e06e295.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b52b1b74a55f81eb69051193a96dd6e3 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:04 GMT Expires: Sat, 18 Oct 2025 08:55:04 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521338 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff ec 5c 5b 97 db 36 92 7e df 5f c1 68 36 3d 62 96 64 53 54 4b 2d 51 96 13 8f 93 ec e6 9c 64 b2 6b 7b f6 c5 eb 33 a1 48 48 62 9a 22 79 48 aa 2f 91 f5 df f7 2b 5c 48 f0 d2 dd ce 65 f7 29 56 62 ab 51 85 42 a1 50 a8 1b 80 1e 1d 4b 66 94 55 11 87 d5 68 35 2e 59 b2 75 ee d8 26 0f c2 9b d7 fb 63 7a 73 5b fd f3 18 ff f3 10 c4 e9 fa 09 d8 c7 8f ef 3f 98 4e 7e 2c f7 e3 f7 ef af 27 de 62 f1 c1 3a 79 b3 e5 72 e1 8f 0b 8b 59 95 b9 7e 79 aa c6 cb c5 72 62 ae 6e 83 c2 c8 d6 d5 f8 6a 71 ed 5e 99 56 80 af 93 f9 fc 6a 66 5a 1b 7c 9d 7b 8b a9 67 5a 25 b5 ce a6 de d4 b4 d2 f5 b8 1a cf 26 93 e5 dc b4 d0 6b 3a 9b 5e 99 e6 2a 61 95 11 5b 91 15 5a 89 95 5b 3b 6b bf 2e d6 Data Ascii: 00000001000010ffe\[6~_h6=bdSTK-Qdk{3HHb"yH/+\He)VbQBPKfUh5.Yu&czs[?N~,'b:yrY~yrbnjq^VjfZ\|{gZ%&k:^*a[Z[;k.
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 80 f4 47 24 7e 7b cf 02 6c 41 03 0a 0b 5d 7e 20 ad e5 02 ae 95 d6 1a 6d b2 02 18 d8 9d d8 f0 07 23 1f 56 ec de aa b4 8d ae be 46 09 d6 28 e1 ba 65 c0 46 f5 ad 47 5e da 9e 30 33 6d 5b d0 a8 d4 e0 6c 74 3b 23 27 a1 ec dd af d9 78 d4 87 6f bb d2 c9 59 1a c6 c9 77 d0 12 6d d3 68 5f fb 06 81 4b 74 93 45 0f 10 13 94 b7 2d 49 70 c1 1b ea ed 0a 17 ca 1b 14 9b 72 bf 0e 3b 13 53 17 61 0e 11 e6 24 c2 5c 29 58 9e 04 21 db c3 80 62 a5 76 49 76 c7 55 54 53 40 0d 6e 84 59 62 4f 3c ae 4f 42 e5 2e 73 e8 dd 9f a4 06 64 39 28 ab 9f 4c d3 d7 1c 26 ec ec 78 47 8b c1 f7 bd dc fe c0 11 ab dd 75 c8 e6 f9 bc ba 1d bf 47 ff c0 c9 65 94 07 5f 42 7e d4 ff 1b 76 3a 0b 52 0b 96 84 e2 39 ff 33 20 55 08 92 e1 e9 98 2f b6 2b 0f 22 46 67 f3 83 75 a0 ee 55 46 1d 2d 0e e3 e1 ce c8 ba cd e2 Data Ascii: G$~{lA]~ m#VF(eFG^03m[lt;#'xoYwmh_KtE-Ipr;Sa$\)X!bvIvUTS@nYbO<OB.sd9(L&xGuGe_B~v:R93 U/+"FguUF-
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 91 1c 08 a8 e7 2d 01 9f cc 2c 43 42 05 27 72 cc 25 c8 4e e7 f8 5f 69 ad a8 2d db bc 44 07 4b bd 0f ca 98 e6 ec ce bd cd b5 5c 57 98 d7 2c 85 1a 20 d1 a1 0a b4 86 e5 2d e9 d3 e6 be 87 e3 ce 5d af de 38 98 43 17 01 99 d2 d5 a2 33 93 2e ce c2 85 a6 b4 e7 d3 45 99 47 93 ab 89 9c 55 42 56 a3 37 90 ae 21 a4 d5 4f 22 a8 a5 da ec ec f2 b8 41 8d 92 96 72 1b 45 5b b9 ed 1a a1 e8 18 cc a5 4f 5b 20 2d 78 b8 5d 32 26 e0 7c 41 5b c0 d9 76 aa 76 a3 5a 52 1d 8e ad ea 31 b9 9f e5 a2 b6 c0 01 9b a8 b1 85 00 5a d0 70 8b 8f 18 99 4f 5e 07 ea 1b b0 9e b8 a8 5c d6 93 5f 46 9b c5 56 4d ad d6 08 59 df ac b1 42 8f 3e 1d 01 74 28 6d dc 88 6d a4 a9 12 42 e8 20 2c 97 61 b0 95 13 ad 05 d1 c1 d9 ce c2 eb a5 54 3d 25 8c 0e 0a 5b 04 d7 81 dc 3d 52 20 1d 0c dd 4c 09 a1 74 10 74 13 c4 2d Data Ascii: -,CB'r%N_i-DK\W, -]8C3.EGUBV7!O"ArE[O[ -x]2&\|A[vvZR1ZpO^\_FVMYB>t(mmB ,aT=%[=R Ltt-
2024-10-24 09:44:02 UTC	251	IN	Data Raw: 32 98 68 5a c9 89 cf ae e7 75 98 d1 40 0e 28 48 5d cf 17 03 10 f2 61 cb 25 3c 50 8f 1a f7 ea a8 f5 0c 81 38 0c 41 7b 7e 7f 46 c9 8d ae 4b 9c 70 24 7f ef c3 ff 1a b4 2a 2b e1 a9 50 40 fa fc ec e0 aa 9b b0 6b 74 e7 4d ea ba 7d 8f 90 a1 15 6f 68 30 ee c1 b4 60 03 20 dd 30 18 92 55 d5 dc cd 2e 54 bb 4a 2e 50 6a 6a 7a e8 b6 03 1c a8 dc 02 7d 84 29 6c 2c 37 cf 11 78 a3 8a 43 80 44 21 1e 37 2f 38 7b 43 f4 d5 d0 95 3b 57 7a e8 da fc eb cd 3a 19 61 32 e5 90 4f 11 54 c1 5b 97 a2 68 d7 48 8a f0 57 8e f7 34 61 15 8b 7c 7a bc 84 99 2b 83 66 6b 51 86 26 3d 61 cf b8 87 6e 62 31 1e 8f 89 c0 aa ed 2f 49 13 44 0f 11 b9 51 44 0e af e9 20 0e c1 38 b8 8c f3 80 8d c5 97 0a d5 db f0 66 a5 2c 64 23 05 10 50 aa f4 60 6a 8b a6 b5 df 9b 2d 7f d2 ea ab e9 93 c4 e2 0d 0a Data Ascii: 2hZu@(H]a%<P8A{~FKp$*+P@ktM}oh0` 0U.TJ.Pjjz})l,7xCD!7/8{C;Wz:a2OT[hHW4a\|z+fkQ&=anb1/IDQD 8f,d#P`j-
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a c7 0d 0a 30 30 30 30 30 30 30 31 0d 0a a1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a f5 0d 0a 30 30 30 30 30 30 30 31 0d 0a a9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 23 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 38 0d 0a 30 30 30 30 30 30 30 31 0d 0a bb 0d 0a 30 30 30 30 30 30 30 31 0d 0a d7 0d 0a 30 30 30 30 30 30 30 31 0d 0a fc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 52 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4b 0d 0a 30 30 30 30 37 34 39 0d Data Ascii: 00000001Z00000001000000010000000100000001f0000000100000001!00000001000000010000000100000001#0000000100000001800000001000000010000000100000001R0000000100000001K0000749
2024-10-24 09:44:02 UTC	715	IN	Data Raw: f3 d3 e9 d7 8f 75 55 89 ac 37 d2 ff f9 08 6d 09 89 aa 83 d5 92 9a 08 bf 74 d9 21 68 9b e3 c6 c4 e4 1a 99 c9 1f 26 b0 c7 89 fe 2e 29 fd 0e b2 67 47 3c 58 ad f7 ce 90 2b 86 91 58 f1 02 9c 0d 9d 3f 94 be 2c c3 89 26 fa 55 0b 3e 0c 17 c3 59 c1 d9 11 ef 70 fb d4 fc da 61 0d bb f9 21 5a 5c 2f d4 8b d7 13 c5 1c 5b ba 19 ba c7 31 1b 4b 45 3c 5d 37 e2 d2 28 2e 35 c7 e5 4a 5c 56 12 17 83 d2 8c 0e 82 90 58 09 33 2e 7c 85 32 ea 5d cf d1 76 1a f5 92 cb 66 7e f6 a4 d9 77 d9 2c 7c 96 b6 6d ce ce 23 cf 84 4f 9d 76 9f b3 a8 1e 11 b7 28 c8 47 f3 f2 fc cf 4e d8 b6 f2 f9 2b fa 66 77 c2 94 d9 5e ed 9b f9 15 84 16 09 3c 24 ad a1 e4 33 da 40 3c 33 57 50 9c a0 d3 55 a3 2e 85 95 8a 53 f9 e0 5d 28 46 c7 c3 df 0e 89 ce 30 6d 0a 1d 20 08 e0 d1 70 4d 80 8e 95 bb 63 d4 fd e5 3a 75 e1 Data Ascii: uU7mt!h&.)gG<X+X?,&U>Ypa!Z\/[1KE<]7(.5J\VX3.\|2]vf~w,\|m#Ov(GN+fw^<$3@<3WPU.S](F0m pMc:u
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
101	192.168.2.16	49866	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/75884.d7767dd34ca82b896517.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:02 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 4db135353ebf51e7cb614dfe33e2b290 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:47:50 GMT Expires: Sat, 18 Oct 2025 08:47:50 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521772 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:02 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 66 66 37 0d 0a ff cc 5c 7b 77 e2 46 b2 ff ff 7e 0a 85 64 67 21 47 92 01 1b 1b f0 e0 89 c7 33 93 78 33 8f ac ed d9 73 b2 b3 3e 44 48 0d 28 16 12 91 84 1f 61 f8 ee f7 57 d5 dd a2 25 c0 33 79 dd bd e3 c4 86 7e 56 d7 bb aa 4b aa 2d 32 61 65 79 1a fa 79 ed b8 9e 89 68 ec de 89 d1 dc f3 6f ce a6 8b f8 e6 36 1f 2e c2 e1 cc 0b e3 c1 23 7d 1f 3f 7e b8 6e b8 f3 45 36 ad 7f f8 70 d4 e9 76 0f ae ed 25 ff ed d7 73 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000ff7\{wF~dg!G3x3s>DH(aW%3y~VK-2aeyyho6.#}?~nE6pv%s
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: e2 16 c7 7b 21 c6 de 22 ca d1 04 81 8f eb 53 f7 df 5d 52 01 17 22 08 53 88 34 2d 51 93 0b d7 6c ee 04 e1 5f 24 8b 51 04 b0 fc 24 10 12 4f 68 84 9a ab 0d 47 91 17 df d4 1a ab 14 72 23 d2 0b 31 4f d2 fc 75 18 df 14 6c 60 72 9b e6 53 66 85 69 3e 8b 1a f5 c9 c7 8f f5 c9 e0 1f 3f 3d f5 ac 69 2a c6 83 da 57 cb e6 aa 06 49 81 38 0e 00 07 a8 1c 78 e9 83 95 f2 ca 4e 84 a5 6b 56 18 b0 68 38 a5 c6 6f 20 5d fe 8d 5a e0 c4 a2 75 ac a7 7b de c9 4f 50 d7 7f e4 8c 4c de 54 fc b2 10 19 90 44 e7 7b 07 bc 85 f1 44 ca 30 21 a2 6f 1c e8 01 07 7a f8 ad 07 fa 4b 61 df c6 25 6b d8 15 e5 2e 17 23 e8 22 29 bf ac 66 6c f1 88 a2 31 ce 3b c4 79 87 38 af f5 34 08 6f 15 da 15 ee b9 01 e8 df ae 62 62 91 df 25 e9 cd 30 4a 7c e6 d1 92 72 79 f2 24 77 c3 e0 99 b1 cf 0d f6 b9 e1 7d 6e 73 67 Data Ascii: {!"S]R"S4-Ql_$Q$OhGr#1Oul`rSfi>?=i*WI8xNkVh8o ]Zu{OPLTD{D0!ozKa%k.#")fl1;y84obb%0J\|ry$w}nsg
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: cd c7 50 41 8e 62 e4 64 34 bf 64 d9 2e c1 f7 97 da b2 9d 3c 9d e4 a1 1c 64 b9 48 7c 21 6a a3 dc bd 0e e5 9f ee 15 dd b0 fb 3a f8 0e 35 d2 cb 10 bc 10 39 cc 16 32 08 19 40 08 8a 2f 96 01 cd ba b5 04 d2 0b 80 f4 a2 00 49 e7 0f d6 83 1d 24 f3 c3 04 fe 6f ee 21 35 4d 86 05 ba bd d8 40 b7 28 e3 08 ef 1b 07 4f d2 6c 8b 77 2c b9 79 9e cc 65 be 62 bd 86 b2 15 aa c7 c8 85 8c 12 a4 4a 66 64 8b 55 5a 65 3d 47 42 65 38 ce ac 6c 86 a0 db 15 01 fa 32 9e 40 dd 65 f5 e5 6a 93 cf 3c c8 da 43 16 66 43 4a 62 67 9b 1a 52 5d 95 54 52 e3 cc a2 95 a9 1f 3f ca bc 38 b9 57 cf e4 c7 7e 0e 1f 10 19 c9 10 89 19 ed 92 92 73 f2 83 3c b6 26 9e f2 da 81 7a 86 bb 4c cb 4b c0 b5 20 3a 52 3a 1b f8 44 9e 89 35 a2 a4 65 d9 1c 32 58 e5 b4 37 4d 30 75 ed 0f d8 e5 07 26 b0 91 ca 2a 65 cd 0a 5d Data Ascii: PAbd4d.<dH\|!j:592@/I$o!5M@(Olw,yebJfdUZe=GBe8l2@ej<CfCJbgR]TR?8W~s<&zLK :R:D5e2X7M0u&*e]
2024-10-24 09:44:02 UTC	340	IN	Data Raw: 12 26 22 b3 7e 3c bd 38 b5 52 10 de 7a 3a 52 d7 10 b0 fd b4 23 d8 09 f7 a8 5c 88 58 ee a4 d1 60 13 17 e6 49 fa 1b 85 5d 55 c8 97 b9 13 1c 45 f7 97 89 c2 ad d0 6f 74 f1 b6 4c dc e9 01 dc 6c dc 5e d2 ad 9d fe 54 cf dc 7f bc 77 cf df 9d 0d 2f af 2e 5e 9e be b1 33 77 f8 dc 7d 75 fe fa ea e5 c5 f0 f9 8f f8 7a 7e ee 5e be 7b 7f 71 f6 72 78 f6 ee f5 fb 37 6f 87 17 ef 5f bf bc 7c 79 35 7c 7b fa e6 25 fa a3 6f a9 14 52 e7 74 36 54 52 c6 3c 8e c4 3b f9 9b f5 9f be 5a 8a d5 4f f6 c2 7d 7b e7 7e b7 40 59 5f 3c 69 d4 e1 ea 52 3e f6 c1 4b 3d f2 7c 21 0d 9c 21 fd 73 21 fe bd e0 e6 db c1 cd 25 52 b7 54 11 6e 2d 36 a4 84 7f 12 4b 79 7f 21 40 f1 48 63 a4 86 1a 71 42 c3 50 11 bb 86 22 63 46 07 a7 a7 af 50 b9 cb 29 ea 57 69 32 bb fc 65 81 2b 41 46 51 4d 65 00 6d e8 0e 1d 28 Data Ascii: &"~<8Rz:R#\X`I]UEotLl^Tw/.^3w}uz~^{qrx7o_\|y5\|{%oRt6TR<;ZO}{~@Y_<iR>K=\|!!s!%RTn-6Ky!@HcqBP"cFP)Wi2e+AFQMem(
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 36 0d 0a 30 30 30 30 30 30 30 31 0d 0a a5 0d 0a 30 30 30 30 30 30 30 31 0d 0a ce 0d 0a 30 30 30 30 30 30 30 31 0d 0a b6 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a a1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 31 0d 0a ad 0d 0a 64 30 31 0d 0a 23 04 cf 5a c4 d6 9e 6b 59 c2 20 44 05 ca b5 79 28 55 88 ae 61 a9 d9 54 52 d4 c0 ef c8 43 60 8e 42 53 fe 8b ba 58 6a 56 06 e0 2c 99 cd 34 3f 14 c5 df 9b 16 e0 47 50 eb 47 6d 01 d6 1a 8b 4b fd 1e d3 78 ff 17 Data Ascii: 00000001600000001000000010000000100000001000000010000000100000001?0000000100000001000000010000000100000001j0000001d01#ZkY Dy(UaTRC`BSXjV,4?GPGmKx
2024-10-24 09:44:02 UTC	1408	IN	Data Raw: 9a 02 58 1c 5c 5e 28 15 87 ef 05 a3 ee 58 1f 4d 3f e2 86 fb 26 be 76 2a 46 f9 6d fa a9 20 a0 32 66 d4 0c c4 48 a9 2a 89 84 ca 80 5e cf f7 c6 ea a0 05 22 2a 63 c6 1d ff a8 a7 58 4f 23 a3 32 44 74 bd 23 4f 49 8f 42 48 65 84 a9 a6 24 52 2a 03 4c 15 24 9d 0b 16 dd 76 07 e2 a5 7f c9 c3 b2 82 2d e4 13 22 aa 50 35 86 13 ed 64 a8 14 46 35 60 1a 8e fb 56 4d 86 2a d6 25 da 2c 3c ee 58 b3 ad 8b 04 99 82 44 ff c5 33 41 e3 dc b6 be 13 d1 ad c0 65 ab 67 5b a7 69 e8 45 b6 b5 5e 45 6e c9 4b 23 42 4d 94 c3 a3 57 a6 3b 2b b5 72 d1 2b 67 4c 52 2f 08 e1 7f f7 d9 ef f0 52 47 37 d4 5b 5d 10 65 62 5b 38 9e 57 d7 27 53 67 6c ba 2d 3c 12 be bd 0b 5e b6 b4 92 54 ef c8 00 8d bd 59 18 c1 92 a0 32 ad ce 5d 15 0c 6c 4c c8 10 27 f6 5b a9 98 55 57 ba 53 6e 11 44 df e8 2a 79 4c 2d 57 db Data Ascii: X\^(XM?&vFm 2fH^"cXO#2Dt#OIBHe$RL$v-"P5dF5`VM%,<XD3Aeg[iE^EnK#BMW;+r+gLR/RG7[]eb[8W'Sgl-<^TY2]lL'[UWSnDyL-W
2024-10-24 09:44:02 UTC	701	IN	Data Raw: 3d ca e1 56 7b d8 df e2 02 87 cd 2e ee 43 38 05 4a 7e 73 23 1e c6 29 8a 6d 32 0b 77 3e 48 2c 66 48 75 82 b1 e8 1d 69 73 91 2d 9b 7f 5b 8e 90 32 9c a4 f4 8a 9e e2 a9 16 e7 5e 9a 34 73 3a b1 1a e4 52 a5 02 96 79 b2 5c 6b 14 dc 26 d1 73 04 fb 87 14 5d e2 0e ca d8 55 4f c3 0e 77 b4 db 7a 52 06 ad 2a ea cd c6 aa 83 66 ed b6 b4 8e d7 03 98 ad cc b5 70 b7 e0 8b 29 9b 50 07 05 ba 77 4b 73 a6 db 6c 95 36 36 07 df 79 b7 62 49 c9 fd 82 7b 67 5e 86 2b 6e f5 42 13 30 3d 25 fe 9b 7f 83 59 df d6 bc 5a b9 6c 16 55 ce 44 99 e7 8b 6f 9f 9f d2 ab c1 64 f8 ab f3 29 30 da 8f da 66 83 7b 8e 35 7f 57 6c a2 72 bb 3e 7f 7d 4e 85 b3 fe 37 bd 00 73 a7 bf 7c 87 32 86 a4 e5 b7 4b 58 93 f6 ce c4 1d 62 d6 43 84 e9 ad 23 84 be 05 1e 19 d1 bb 8e f1 19 08 db bd e8 1f c2 d2 1f 58 76 e5 ca Data Ascii: =V{.C8J~s#)m2w>H,fHuis-[2^4s:Ry\k&s]UOwzR*fp)PwKsl66ybI{g^+nB0=%YZlUDod)0f{5Wlr>}N7s\|2KXbC#Xv
2024-10-24 09:44:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
102	192.168.2.16	49867	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/45428.d50e11e1e27c0917ea14.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 1df190aa5f3f823d498bc95c08de0039 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:10 GMT Expires: Sat, 18 Oct 2025 08:55:10 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521333 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 31 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 02 ff ec 5c f9 73 db 46 96 fe 7d fe 0a 18 4e 14 22 01 20 f0 26 21 d3 8e 22 cb b3 aa 91 ed ac ad 64 6b 56 ab 92 01 a2 49 22 06 01 2e 00 ea 08 cd ff 7d bf d7 07 d0 20 a5 d8 93 f5 ee d6 56 8d 69 49 60 9f af 8f 77 7d fd 1a e6 ba 60 46 51 e6 f1 b4 34 8f 5a 05 4b 66 ee 2d 0b 57 c1 f4 e3 c9 62 9d 7e bc 29 af d7 f1 f5 32 88 d3 c9 1f e4 7d fa 74 79 65 b9 ab 75 b1 68 5d 5e f6 fa bd ce e8 ca de f4 bd 4e df f3 5b a5 cd ec cc 9a 3c df 64 6e d4 62 f6 e6 5f fd 16 be c5 5b eb 28 61 a5 91 1f 4d b3 b4 28 8d 78 d2 f2 ec ac d5 1b 0d bd 9e e5 16 37 73 ab 95 7f fa d4 ca 27 ad 72 f2 bc b4 3e fc c5 30 9e 21 d5 b8 5b 26 69 31 31 17 65 b9 f2 0f 0f 6f 6f 6f dd db ae 9b e5 f3 c3 8e e7 79 87 28 61 1a b3 38 49 26 e6 74 9d e7 2c 2d Data Ascii: 00001000\sF}N" &!"dkVI".} ViI`w}`FQ4ZKf-Wb~)2}tyeuh]^N[<dnb_[(aM(x7s'r>0![&i11eoooy(a8I&t,-
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 65 12 01 26 f6 8d fc 4a bd 6a 5f 65 3f 58 0e 6c be 8a e0 83 03 fe 48 65 e5 a3 2c 27 bf f1 39 50 15 f8 97 af 37 62 c9 be 2d 39 7f bc 75 90 2f b6 08 f8 9a 7d fa c4 dc 9d 19 c1 84 40 bb 46 2c c7 4a 4b e6 a8 17 63 bb b5 e4 fe 9d 6c aa 0d ec d3 e3 4f e7 bf 9c 5e b7 7d f3 69 77 dc 3b 7d f5 ca b4 91 f6 f7 d3 f3 f3 b7 ff c6 53 5f 1d bf ec f4 5e ea a9 1d 94 3d 39 39 ee 79 1e 4f fd e9 fc f8 e4 6f a2 81 6e 97 a7 fc f5 dd e9 df 79 c2 b0 47 9f 3a 8d 6a be 1c d1 a7 4e eb 22 ed d5 31 7d 54 da e9 1b 5e b9 73 f2 d3 ab 5e 87 27 be 7d 77 fc e6 af 82 c8 57 a0 47 76 fc ee f4 a5 a0 f0 95 e7 b5 5f 99 5b 22 5c 30 a6 18 d3 cf c7 e7 a7 17 17 a7 fe a5 f9 b4 dd 6e 0f 7b 53 b0 c6 d3 f6 b0 e3 0d 02 fe 14 75 86 23 0c c1 7c da 09 bb 61 38 a3 a7 6e d0 63 33 fe 34 f0 86 6d f1 34 1a 8d fb Data Ascii: e&Jj_e?XlHe,'9P7b-9u/}@F,JKclO^}iw;}S_^=99yOonyG:jN"1}T^s^'}wWGv_["\0n{Su#\|a8nc34m4
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: fa f4 a4 94 ee b6 21 cc 8f 0c b0 81 d8 43 6e 99 fd 9c 13 44 08 29 ca 3d 73 61 b6 3d 99 4c 32 b5 03 33 77 4a ce 2f 76 c9 a7 4f 26 66 30 58 27 a5 c9 f7 af c2 3e aa ae 72 d5 4d 7e 54 2e f2 ec d6 20 6f f7 02 a6 e2 69 9e 43 05 9b 3f fe a8 75 67 2c 61 90 19 0a 92 30 56 8a 0c e3 26 48 d6 cc 85 4b 2e f2 5a 26 60 01 d8 99 80 51 26 ec 85 10 73 fe 9b f5 32 64 39 64 ba b5 05 65 aa 84 72 f7 cd 82 33 51 0d bc 30 c0 3b ec 07 d3 dc 82 2d ac 38 35 ca 07 77 84 58 30 4c 2c fa f7 b1 2e 15 4b f8 4f 3c 1b b6 c4 2c 9e af 39 8b d0 f7 db 3c 86 98 4c 18 9e b7 96 5f 62 2b 4e 32 bb dc d2 aa bc d3 d6 89 50 e3 7f a2 4f 7f 06 7d 12 20 d2 f9 64 03 d1 c6 7c 93 7e 17 a6 1d af ae 83 28 ca 01 7a fb 66 fd 4c 39 eb 3c f1 4d fc c2 63 94 11 d2 ef 9b e2 2f 12 78 65 d1 86 de 04 6b 34 c2 9b 40 0a Data Ascii: !CnD)=sa=L23wJ/vO&f0X'>rM~T. oiC?ug,a0V&HK.Z&`Q&s2d9der3Q0;-85wX0L,.KO<,9<L_b+N2PO} d\|~(zfL9<Mc/xek4@
2024-10-24 09:44:03 UTC	234	IN	Data Raw: 5f 9e be 3f b9 7e 7d fc f3 cf 67 6f fe 2a 51 24 ad 3a ef 0e 95 1b d2 42 99 0a a5 4b 3a 07 d0 b0 12 36 ec bf d5 2e 53 ed 32 5d 6f 02 da d8 95 3d f5 98 a4 90 d4 56 ff 1e ab 7f 8f d5 37 9e 09 04 5c c4 91 90 2b 63 24 31 c2 46 a6 b0 be 78 80 89 c4 f6 60 64 06 ab 82 f2 81 d0 d1 36 31 08 05 43 ec 0a 0b 70 70 56 81 7f 0b 20 a7 d3 8f c6 ad d3 f6 3c 63 1e ac 38 14 f9 2c 8a 6f 14 3a 88 00 14 1c 0b 3a 25 0e 24 29 7c 85 8e 7b 85 6d e9 c0 4c 02 a3 c8 8d 88 1a 0f e0 8d 12 ee 94 9d cc 0a a7 5f e1 8b 62 14 65 96 25 65 bc 32 b0 89 e0 cc 66 e9 c4 cc 09 7d 32 8d 20 8d 21 44 91 e2 44 2c 09 ee 27 a6 27 7a 02 da d8 a8 a9 30 c8 60 07 db 6c e2 9e fb 74 18 cb c2 09 d6 25 b0 4c 08 67 0e bc 72 24 93 f3 93 c1 c7 2f 0d 0a Data Ascii: _?~}go*Q$:BK:6.S2]o=V7\+c$1Fx`d61CppV <c8,o::%$)\|{mL_be%e2f}2 !DD,''z0`lt%Lgr$/
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 66 66 65 0d 0a 36 32 99 bc 04 a6 6a 93 b2 bc 77 3a d4 42 8f d2 05 3d 00 88 1c 18 cd 04 e9 62 49 14 4e 08 b4 42 a2 ad c0 4c 1f 28 48 e4 8b a9 53 7f 44 a1 7a 75 89 bb 33 98 0e 09 c4 eb 2c 7b bb 2e 01 d5 b2 33 90 05 63 42 9c 52 bb 38 20 59 51 1c 40 20 55 bf d4 73 ba 1f 10 93 4d 0e 0d e2 ca f1 9c c0 47 e0 8d 44 35 a7 6a 76 8b f0 1b 38 00 86 60 8d 50 4a 69 9c 84 ec 28 4b b5 61 45 78 c0 0a 48 38 3a 80 03 73 70 b0 72 0b 28 f0 16 4e f7 21 9b 26 cf 99 48 77 4a f1 17 c2 15 3b 69 3e c7 a6 82 99 29 55 63 12 84 2c 21 e7 bf 29 06 d6 13 2e 27 17 eb 25 f6 c4 ef ec 17 3a f7 2d a0 e6 70 ce 5f 5a f6 62 c2 fd 07 48 7c d8 8c ff 18 f3 97 0d e6 cf 14 93 66 9c f9 21 17 d6 f6 ac 6e 9c 47 88 fd 03 Data Ascii: 000000010000000100ffe62jw:B=bINBL(HSDzu3,{.3cBR8 YQ@ UsMGD5jv8`PJi(KaExH8:spr(N!&HwJ;i>)Uc,!).'%:-p_ZbH\|f!nG
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 43 ff 7d 66 51 c6 01 dc 12 ba 8c 04 bd 0c 48 c3 df d0 52 fb ed 36 0d ec fe 4b 06 54 00 86 e0 07 4f 04 f5 fd 7f 19 1a ad 9b 65 23 1e 48 33 c1 be 81 3e fe a6 d6 c7 ba 38 90 92 5a d7 ff 27 28 7d 82 d2 0a e6 a9 81 99 af 01 bb fd 29 c0 4d 01 56 c2 c6 db 0d f1 db 87 ba 2a 2b 4f b8 89 5f 0d 72 13 e0 f3 23 60 99 e8 8b 8b 25 43 5c 16 90 41 87 5c 73 28 1b 12 87 37 84 f1 29 8c 4c c4 6e 4e 4c 21 c7 f9 38 bf 3d aa a1 4a 61 d8 50 f4 9e d6 fa 67 dc e0 cc ae 84 f2 57 05 87 21 d4 33 5c 4b 80 e8 9b b2 d6 61 eb 32 70 7e 3f 76 fe fd ca 6a bd 98 5c f2 87 c3 b9 6d 7e d3 36 c0 6f fb c8 5d 45 d2 ff 04 ae bc 87 2a 65 40 95 1e 32 48 f8 b2 3c 98 41 4a fe c1 0c b9 5c 8d bc 3d 1d 0a 24 19 b7 ac dc 34 03 6b a5 38 c7 a8 ae 6a 10 f2 2f 4e ce 34 c7 53 5e 31 d1 ec c5 37 b0 f9 70 38 c8 19 Data Ascii: C}fQHR6KTOe#H3>8Z'(})MV+O_r#`%C\A\s(7)LnNL!8=JaPgW!3\Ka2p~?vj\m~6o]Ee@2H<AJ\=$4k8j/N4S^17p8
2024-10-24 09:44:03 UTC	1313	IN	Data Raw: 8e fc 25 06 cb 05 6c c5 9f 60 51 39 55 84 87 39 30 7e 0a b8 54 79 3c 03 08 f8 9e c7 3f 1b 00 1a 0b 03 e8 b9 69 1b ef b2 10 17 a5 d5 df 97 79 30 2b 6d e3 5f 58 72 c3 80 d8 05 b6 71 9c e3 e0 df 36 ea 56 44 97 bc e9 65 96 66 f0 b5 10 21 5b b5 7c 02 bb 50 b6 5c e5 8a 1a f3 3c 88 62 20 f9 3e e0 a5 14 f1 c9 8e 4a 68 b5 47 58 94 b9 6d f0 77 62 a8 91 c9 31 e2 35 31 78 7d ca c3 59 30 35 84 96 a4 93 42 4e d0 2c 58 c6 09 34 09 6c 98 16 cf da 99 81 bd 0a 02 2b cc d9 72 b7 a5 5b 01 4d 1b 60 7d 2d 8b 28 87 ab cc 51 6b a3 ed 2a fd 46 fd 0b 60 93 74 21 94 ab dc eb fc 08 93 67 88 c5 e9 42 a4 92 00 ec f5 b4 36 43 92 de 95 26 e4 55 c0 1e 5c 4a 37 e6 42 54 51 62 b2 ea af 12 4d cd 9c 07 76 43 2d 35 14 ad dd 41 77 da 53 22 b4 62 2b 8d e0 7e cf 36 06 d8 4f 43 a9 09 eb 26 04 d5 Data Ascii: %l`Q9U90~Ty<?iy0+m_Xrq6VDef![\|P\<b >JhGXmwb151x}Y05BN,X4l+r[M`}-(Qk*F`t!gB6C&U\J7BTQbMvC-5AwS"b+~6OC&
2024-10-24 09:44:03 UTC	965	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 07 0d 0a 30 30 30 30 30 30 30 31 0d 0a a3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 07 0d 0a 30 30 30 30 30 30 30 31 0d 0a 72 0d 0a 30 30 30 30 30 30 30 31 0d 0a 48 0d 0a 30 30 30 30 30 30 30 31 0d 0a df 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 31 0d 0a c7 0d 0a 33 35 62 0d 0a 98 f1 bd d6 b8 05 c4 59 63 3f 8b e7 c1 c1 c1 42 fd 88 4b 1e b3 9c 8e 27 f1 de 83 0c 50 5f 51 d0 0b 57 60 09 e2 05 93 ac d8 78 df 6e ea 70 2a 47 dd 69 71 ee 7c b2 ae b6 5b 84 c7 f2 db 2e 42 65 c8 2f 0e f4 21 8e d8 60 81 79 0a 62 51 39 08 5b 53 7c ab d1 a6 72 a5 b8 40 eb b0 00 6a d3 6e 37 5b 9a 13 95 b9 a5 f2 a5 94 36 c4 80 55 6a 2d 65 f0 e2 57 cd da 54 f9 d2 08 a9 74 a5 74 c4 a4 f9 a1 4a 91 21 dd 2c c2 eb ed 96 6a 68 1a bd 82 a6 81 76 ea 68 26 92 f4 Data Ascii: 00000001000000010000000100000001r00000001H000000010000000100135bYc?BK'P_QW`xnp*Giq\|[.Be/!`ybQ9[S\|r@jn7[6Uj-eWTttJ!,jhvh&
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
103	192.168.2.16	49870	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/88687.cca6b938f5ec6b221b34.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 24351857b114a06794f7be32c0ea774e Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:38 GMT Expires: Sat, 18 Oct 2025 08:57:38 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521185 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 31 0d 0a 00 0d 0a 30 66 66 39 0d 0a 00 02 ff ec 5c 59 93 db 46 92 7e df 5f 51 a6 66 64 c2 0b a0 71 1f ec a6 64 4f cb 11 ea 08 79 c6 e1 63 1f ac 51 f4 80 40 b1 89 69 12 e0 02 60 1f 43 f1 bf ef 97 75 80 20 d9 6d 79 b4 da b7 15 65 11 59 47 56 de 95 95 05 7a dc f2 e5 dc be e7 b3 75 96 df 5e 2e 36 d5 ed 5d 77 bd 29 af 57 59 59 4d 7f a7 ef e3 c7 f7 1f 0c 7b bd 69 17 e3 f7 ef 93 24 4a e2 0f e6 56 7c 4f c6 dc ec cc c6 98 be da 8e 36 2d 67 6d d7 94 79 37 3a bf cb 1a 56 4f 9b 71 9a a4 ae 61 56 78 0a 92 d8 09 0c b3 c5 a3 1b 45 41 Data Ascii: 0000000100000001000000010000000100000001000000010010ff9\YF~_QfdqdOycQ@i`Cu myeYGVzu^.6]w)WYYM{i$JV\|O6-gmy7:VOqaVxEA
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 74 f7 e2 23 2d 59 65 d1 4b b0 b7 b9 25 2c 9e b5 88 a6 b4 e0 e3 81 e1 31 58 1b e2 88 16 aa d2 8f 34 30 29 cd de e9 4a cc 27 23 78 9a 6f 5a fc d7 66 69 98 8a 74 e9 a3 af 0f cc 67 d2 43 b0 bf de c5 94 3f 1e 78 58 1f 03 87 aa 7a 04 cb 8f c7 a6 45 bc b5 a4 2c 69 2f b3 4d d7 d5 d2 9a 66 5d 65 09 3c 7c c4 88 76 66 cf 38 36 0a fe 0b 82 34 49 5d f1 cc 16 f5 1d 6f 2c 3e 9f 63 3f 62 df e6 cb 32 bf ed c5 a1 5d 4f a2 1d 1a 54 61 cf ca 6a a0 3c b9 d2 4f fc bf 37 bc ed 84 73 6d d6 64 cf c5 98 ab e0 6f ef 1b 4c 6e 2f b2 76 3c 12 06 4f fb 92 10 cc f5 d0 00 a4 e3 5d 43 37 bf 2a c3 27 b3 90 03 69 1a f2 01 85 44 3b e7 68 8f 48 ab 4a 21 41 64 5b 6f 3a 4e d4 92 02 25 12 3d 8d 14 71 3c 00 24 cb fd 64 34 2f 97 9c c2 00 7f 5d d8 45 9d 7f bf 5a 77 8f 84 67 b2 8f 10 d4 25 c2 85 68 Data Ascii: t#-YeK%,1X40)J'#xoZfitgC?xXzE,i/Mf]e<\|vf864I]o,>c?b2]OTaj<O7smdoLn/v<O]C7*'iD;hHJ!Ad[o:N%=q<$d4/]EZwg%h
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: d9 b2 bc a9 2c 1a 04 d3 c8 91 c2 0a 79 c1 69 16 68 b3 90 11 e4 9c 24 4b d5 56 49 a0 2d ea 19 12 9d 32 4a 6b c9 e7 50 b4 b2 2b 35 40 aa 50 a4 1b b2 36 61 fe bd 52 5d f6 5d dd f1 56 a2 a8 b1 42 d9 c1 5f a5 99 f7 04 96 15 99 ab b5 f7 62 a1 ee ae c9 aa 16 25 92 d5 40 db a2 ad a4 1c 6a c2 14 36 e6 d8 1e 4a dd 59 cb 2d 78 57 bd e9 0e 48 57 cb 4b 02 55 39 66 4b 3e 76 24 ea e7 18 b1 d7 65 55 f1 e2 98 1f d5 7c c4 96 2b 97 96 b1 43 9a 8d c1 9e c3 0c 94 4f 0e 7c 52 60 0a f3 0b b5 ef eb 82 f8 81 66 26 cc 73 b4 9f 1d 0f 7c 2f 32 c4 0f 47 e3 43 e5 bd 3a 32 ca 72 af d5 96 ff 82 1d 04 3d 32 95 1d 1c 4c d6 9e fd e9 25 7f 6f b6 bb 5f 43 15 65 e5 22 bd 65 f4 a6 4b 0f 56 51 36 a8 8a 09 e5 c3 c5 36 ab 0a f2 66 0c ce 89 fb 07 a4 c4 c2 bc 27 ac ab c9 7a 11 c6 30 05 11 49 3c 9f Data Ascii: ,yih$KVI-2JkP+5@P6aR]]VB_b%@j6JY-xWHWKU9fK>v$eU\|+CO\|R`f&s\|/2GC:2r=2L%o_Ce"eKVQ66f'z0I<
2024-10-24 09:44:03 UTC	309	IN	Data Raw: 0c bc 10 d3 bd 50 a5 24 87 c5 1b f0 1d 79 51 9e 28 69 1c 76 4a 1c 69 82 fd c4 a1 7f f4 a6 d1 8f 12 14 f0 9c f3 f9 f1 fc 5e 7c 24 6b cf c7 6c 4f 4b 9c aa 5f d8 2f b5 f4 ca 6a 01 c7 e8 24 07 e2 4c a3 45 33 54 e3 be 43 12 75 ac 46 d1 7f 52 eb 11 a6 29 ba 06 35 16 b0 3c dc e7 8f bb 25 fe 93 cd 39 87 53 69 92 0f f2 b9 05 f6 1a 19 5d 9e a2 7b df 2b b5 c5 e7 33 ae 14 a1 62 8d ae 8a e1 dc a3 3c 89 5e ad c2 55 0d de 8a 9b c8 c3 dc 41 87 5e 85 87 3c d5 f1 58 a1 92 56 23 ca 1d cb 0d 95 6a 26 d2 69 29 1a c9 bf b6 1b 87 bd 03 8a 75 28 22 6c b0 e3 3b b6 1f 87 03 27 1c 74 e2 36 88 fa bd e7 ba 97 54 74 b4 9f eb 7d 40 76 3a f4 ee 21 e2 07 ea f4 9e 59 d5 a3 ce 3e 8a 28 16 25 b9 16 26 3e c5 86 b5 16 55 c8 d0 19 a0 7c b0 da 45 56 50 2a ed 28 2a 05 39 a7 92 d9 0b 46 4f 91 8c Data Ascii: P$yQ(ivJi^\|$klOK_/j$LE3TCuFR)5<%9Si]{+3b<^UA^<XV#j&i)u("l;'t6Tt}@v:!Y>(%&>U\|EVP(9FO
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 11 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a 35 0d 0a 30 30 30 30 30 30 30 31 0d 0a e8 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 30 30 30 30 31 0d 0a d7 0d 0a 30 30 30 30 30 30 30 31 0d 0a d1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 30 0d 0a 30 30 30 30 30 30 30 31 0d 0a 40 0d 0a 30 39 66 33 0d 0a 5a d4 a0 57 59 95 08 ff 03 db 87 d5 60 b4 12 35 95 d5 ac 3b 14 4c 8a de 11 86 a9 f1 a0 7b 68 8f 70 b7 93 51 65 75 88 66 98 23 0b 34 7a c0 11 22 39 6e f7 8d f9 cd 64 22 df 84 a2 27 6c 97 bc d9 ce 6a 48 b1 fc 17 65 e2 6a 16 5a 76 df ae 78 51 66 e3 35 de 53 e4 0d 04 c5 0b 38 46 81 22 af ac 08 a1 94 2a bb 78 95 e3 b2 48 1e fb e4 6b 9e d6 8c 2f b2 bb 12 65 e2 Data Ascii: 0000000100000001000000010000000150000000100000001000000010000000100000001000000001@09f3ZWY`5;L{hpQeuf#4z"9nd"'ljHejZvxQf5S8F"*xHk/e
2024-10-24 09:44:03 UTC	1277	IN	Data Raw: 1b 84 cc 07 99 69 ec 13 ec 46 e0 1c b0 ef a5 fe 25 2c 22 f1 10 b3 00 87 11 05 97 c0 f6 13 47 f4 47 0e e8 07 bb 69 1a 60 75 c8 26 80 88 c8 1d 22 74 27 88 2d 08 79 88 25 11 5e 77 22 e2 54 04 4b 92 94 d8 42 a4 0b 85 55 3b 49 0a ec 01 68 87 64 43 db 8b 70 3d e6 7b 76 ec 78 f0 7d df 86 cb a3 1b 58 10 ca 2e 5d cf f6 e2 08 44 20 a0 46 b1 d0 84 54 26 d0 05 49 4a 6a 1a 2a f7 b7 1f 7a fd 05 38 ff 91 95 e2 ed 2c 8f b9 04 09 e4 64 09 08 87 7e 48 d1 18 8b 1d 58 86 86 49 fe 64 03 a0 31 f1 20 4f c8 39 82 4b 81 d8 04 13 c9 17 50 52 02 76 c0 61 00 e2 00 87 11 c6 03 8e c1 0c c1 62 57 00 9c 90 7e 52 1b 97 09 44 0c 68 86 64 5c a8 c9 15 9b 40 e2 01 3d f1 9e 44 a9 88 d6 74 55 08 d1 40 fe c9 a5 07 de f0 43 57 82 53 b2 0a 88 02 67 6f b2 17 2c 06 4f 85 a5 a6 2e 44 15 d9 4e 14 fa Data Ascii: iF%,"GGi`u&"t'-y%^w"TKBU;IhdCp={vx}X.]D FT&IJj*z8,d~HXId1 O9KPRvabW~RDhd\@=DtU@CWSgo,O.DN
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
104	192.168.2.16	49869	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	522	OUT	GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 7ff1e498d08e962cefb9ee7c5dd6fbba Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:59:01 GMT Expires: Sat, 18 Oct 2025 08:59:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521102 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 31 0d 0a da 0d 0a 30 66 66 31 0d 0a 46 d6 ff ff f9 14 aa da 7a a1 47 92 01 03 06 1c 9c 3a 8e 9b a6 cd db b1 9d 9e d3 cd e6 b8 42 1a 40 b5 90 58 49 d8 71 08 df 7d 7f f7 ce 8c 18 01 8e db dd f4 3c 8d 5b 1b cf Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\00000001}00000001w000010ff1FzG:B@XIq}<[
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 43 7c 1c 47 20 e5 55 90 2e 92 02 22 c4 db a9 f6 05 05 66 8b 24 0a 40 fd 64 f2 70 f7 4c 8c 45 96 fd a1 ae 8b 2c 56 2b 83 58 bc 8d 92 1c 8b 59 52 b3 6d c7 0e d2 d8 55 9b 72 23 da b1 ed 30 b3 a7 c5 2c ae d7 6e 3f 7d aa dd 0e ff f9 9b f5 cd b2 b1 da fc f6 1b ac a5 e2 4e f1 00 91 4c 5e 41 b1 8b 87 08 f5 d8 c0 e1 1a 38 5c 13 0e 8f 6e 0a 77 11 b9 a0 7a 91 26 16 21 0b 69 87 66 0d ed 1c 5c 8b 6d cb 1b 09 68 bb 20 dd 20 36 0f 6d c2 da b6 20 92 be 5b 48 bd 71 89 7b 3b 01 f3 34 8f c8 dc 0d ed 2c 9a 4c 0b db fa 7e 96 c2 49 a5 37 22 53 fd 8f 1f ed 9b 18 1c 5b 20 c0 c8 0b e2 74 11 3e 55 ec a6 65 89 7e b1 17 8d 9f b2 51 08 eb 52 e2 a1 55 a7 52 76 4e 4a d1 31 74 59 76 92 42 e6 d8 9b d2 63 c3 d6 df 78 3f ff ec e5 d3 f4 56 8d aa 0f c0 3e 4d ff aa 76 00 89 0d 21 35 e9 2f f6 Data Ascii: C\|G U."f$@dpLE,V+XYRmUr#0,n?}NL^A8\nwz&!if\mh 6m [Hq{;4,L~I7"S[ t>Ue~QRURvNJ1tYvBcx?V>Mv!5/
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 2a eb 82 11 6c db da 37 c3 ca e4 85 25 86 ec f7 40 dc 67 45 74 81 d8 41 45 5a 72 9e fa 11 0b 5d 59 62 39 95 69 38 45 4c 98 c8 41 de 5d 85 73 09 e6 d9 e5 73 8b 67 a2 5a 0c db 3a c4 24 b1 9b d3 e4 95 52 cc 13 d0 e8 09 d3 88 cc d6 a3 49 11 c9 4e 16 04 24 47 f1 8f 0a b2 da 82 3c da 2f c1 50 12 36 73 d8 b2 d0 62 54 62 c8 18 94 29 05 4a 3f f6 da 1a 59 06 36 46 2b 1b 32 65 94 cd 4a d1 5b a0 f7 b6 44 ef 5e c3 f8 79 d3 a7 59 5b da cd 1d 55 18 19 0f ce d3 b9 ac cc ac 51 53 d1 a0 82 b8 eb 48 51 fa 30 92 95 cf d8 55 22 92 16 8b bf a5 f6 5c 51 ed e7 8d dc b6 66 a4 8a 12 41 fa 1d 92 75 02 17 95 a4 54 c4 b2 2e ee f2 42 cc c0 5e 58 0e e9 8a 34 07 79 9c 52 03 00 4d a5 fc 88 69 3f 6e d9 44 33 f1 b2 36 c2 44 e9 8f fe 0a eb f7 d5 06 9e 15 63 76 bf 39 34 62 a5 d7 d8 cd eb 52 Data Ascii: *l7%@gEtAEZr]Yb9i8ELA]ssgZ:$RIN$G</P6sbTb)J?Y6F+2eJ[D^yY[UQSHQ0U"\QfAuT.B^X4yRMi?nD36Dcv94bR
2024-10-24 09:44:03 UTC	407	IN	Data Raw: bf d3 c6 2d 2e dc 4e f3 92 5a 4a 77 d3 e8 1a 19 ee 94 f1 8d 34 b4 e5 40 aa 86 bb 42 f5 a3 44 dd 78 23 75 74 ec c1 34 45 61 62 f9 af c4 b2 c2 28 9f e3 c4 69 60 71 ad f6 e8 5f c9 ea 5f 89 c7 47 74 12 0e 12 a6 d9 c0 c2 cd 97 9a eb 8e f2 32 8a 92 35 ca 3a 06 58 b0 26 28 d6 e6 90 ce 81 d5 44 14 a0 26 91 c1 22 57 91 8f b1 cc 0d b9 5e 59 94 41 cd 95 62 df 5c ae 40 a5 df 81 d5 b0 9a 16 d5 47 3f 37 78 9d b6 6f 8e ec 3d b0 2c 57 46 36 07 35 29 64 b9 6f 3d 4a 7a 97 bc b9 12 bd e6 e1 67 fa ab 1c 69 6b 4c eb 9e 31 1e f8 bb 9b 0a 87 ed dd 58 a1 34 c6 c9 8e 0b cb bf 89 59 a3 b3 7b 8c 26 3b 91 7b 73 d0 e1 7a 0c 6d d6 f7 64 9e c9 53 73 50 4a b5 92 31 dc c4 c0 12 31 ce ea 50 f4 03 b1 2c f2 22 85 70 61 78 03 f0 5b d6 ce b9 7d dd 5d 66 49 dc b8 53 bc 48 d2 2d 5f e2 53 76 88 Data Ascii: -.NZJw4@BDx#ut4Eab(i`q__Gt25:X&(D&"W^YAb\@G?7xo=,WF65)do=JzgikL1X4Y{&;{szmdSsPJ11P,"pax[}]fISH-_Sv
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 11 0d 0a 30 30 30 30 30 30 30 31 0d 0a ce 0d 0a 30 30 30 30 30 30 30 31 0d 0a f8 0d 0a 30 30 30 39 66 65 0d 0a 73 ee fd 22 42 79 28 47 a4 83 23 1b 91 59 2f 9f 5f 1a 0b 44 c5 74 81 5b 4f 98 ba b8 1d e5 fb e5 6a fb b0 3a a3 7d 92 87 fd 17 cf 4f cf 5e 5d 9c f1 d2 fb 83 0c f8 2c d9 e0 8c e2 05 e4 ec eb c6 a8 1d 86 fe 11 37 45 49 18 4d 52 34 76 bb cd c6 b8 25 1b e7 8b 6c 1e 53 cf ee b8 dd 0a 9a aa 11 f1 15 0d e6 7f b2 29 13 21 5a 02 5c 96 6d 35 64 8b 3c 01 44 a3 e8 1c 1e 34 54 e3 1d 64 9e 44 ff eb 71 20 fa dd 43 d9 13 c7 a1 22 41 db 41 df 0f da 81 6c 2b 84 0f 21 f8 ba d5 08 fa 7d d5 2d b8 f3 a9 57 ab 77 38 1a 75 64 2f 44 71 81 c2 44 36 b0 16 d1 f4 e3 b1 9e 9b ac 30 b6 44 ff d6 4d 2e 1d 31 a2 Data Ascii: 00000001j0000000100000001000000010009fes"By(G#Y/_Dt[Oj:}O^],7EIMR4v%lS)!Z\m5d<D4TdDq C"AAl+!}-Ww8ud/DqD60DM.1
2024-10-24 09:44:03 UTC	1212	IN	Data Raw: 4d 29 13 b7 5a c4 cb 39 26 21 66 c5 62 5c 0c 48 f2 a9 51 4d 88 03 8c 41 e3 68 7b 76 74 b1 d6 bd e4 19 c4 a0 b1 1a 2d 79 55 e5 25 47 69 8c b4 77 c5 07 bd 8e c7 3f 24 9c dd ab d7 3b ec 60 2d 1f 4f f8 a8 9c c6 6c 2e 55 8b 2d 20 03 c8 f6 c1 d3 57 21 4a 70 60 ff e1 ec 39 ea 36 ec 2c 99 d9 95 8f 7a 1e aa 0c 4b b6 5f d5 d9 0c 0d de 65 68 eb 18 8b 82 66 ed 1d 1d 3d bc af cb cf 5c df 46 45 e2 7e 90 5a 4f 6e 46 3b 90 9d a8 e1 98 da 41 a9 64 09 f4 28 96 8a 5d 88 ef 24 19 cc 70 53 38 16 2b 2e 4e 2f 75 09 c8 ac 00 ad 64 01 06 52 65 d8 2b 22 3a 97 b7 07 ac 39 8c ad fc e8 de 44 79 84 4b 5f f5 65 ba 28 88 f5 65 57 c5 5c 30 d6 8c 8e 34 ce 52 6e a8 72 a9 5b 68 f0 a6 dc 28 5c 78 83 6c dd 49 47 b0 3a 48 ff 8e 8f 63 65 87 f7 cb 60 91 e5 60 ef 3c 8d e8 fe a9 42 16 77 80 51 0e Data Ascii: M)Z9&!fb\HQMAh{vt-yU%Giw?$;`-Ol.U- W!Jp`96,zK_ehf=\FE~ZOnF;Ad(]$pS8+.N/udRe+":9DyK_e(eW\04Rnr[h(\xlIG:Hce``<BwQ
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
105	192.168.2.16	49868	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:02 UTC	676	OUT	GET /gui/26044.e227fd5c65cff1753dd6.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 711b99a5aa05431516989665f4b0b9b6 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:05:50 GMT Expires: Sat, 18 Oct 2025 13:05:50 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506293 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 02 0d 0a 30 66 66 37 0d 0a ff ac 5c 69 73 db 46 9a fe be bf 02 e1 26 0a 91 02 20 dc 07 65 da 93 51 66 76 5c a3 24 b3 76 26 5b 15 af cb 01 c9 a6 88 08 24 58 00 a8 23 34 ff fb 3e 6f 1f 40 83 a4 9c 64 2b 56 22 11 7d be f7 d5 0d 8e 1b 56 2e 9d 07 36 db e6 f3 bb eb d5 6e 73 77 df 7e d8 15 1f d6 79 b1 99 7e a2 ef e3 c7 77 ef 4d 67 bb 6b 56 e3 77 ef fc d8 0d 43 2b 89 22 cf 7d 6f ed f9 d3 64 dc 5a cc aa cd e9 cb fd 68 d7 30 a3 69 eb 62 Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000010ff7\isF& eQfv\$v&[$X#4>o@d+V"}V.6nsw~y~wMgkVwC+"}odZh0ib
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 79 18 f0 80 13 9a c1 78 8c 14 33 a0 10 ed 2b 4e 38 02 b2 5b 96 99 13 de 78 a2 c3 62 ec 29 fb c4 f0 53 c2 98 07 f0 6e 01 40 05 83 b9 b7 52 56 89 28 ff d9 74 3a 6e 4f 28 7f 71 21 74 14 bd b0 ab 2d 57 54 61 bb 94 0d ff f8 51 cd 86 44 92 ed e9 e9 06 e3 d8 cd 06 ae cc 29 9a 1b f0 0d 76 e8 15 37 29 ab 76 5d 9a e3 a7 8f 1f c7 4f d3 d7 3f bf 58 14 f7 06 b7 78 d3 d1 83 ed b9 ae 51 16 4d 6b df d6 d5 6e 3b 12 26 69 3a 6a ab ed c4 80 55 1e db 76 bf 8f cd 07 36 b0 5e 77 4f 36 46 98 57 c6 af 36 18 ce 1e 27 86 37 7a 09 29 75 0f c6 8b 4b ac ff f2 67 a9 10 82 16 af 37 4d 71 bb 6a 9b 37 10 1e d3 9c 68 40 2d 01 d4 92 80 ba 6f ed 5d 61 37 5b 36 2f f2 d2 26 1b c9 1a a3 2d da 92 d9 cd 3a 2f 4b c3 29 d6 f9 2d 7b 93 3f 4c a1 07 ee 01 db bd 68 b6 f9 c6 68 ca aa 05 bc 34 72 f4 f2 Data Ascii: yx3+N8[xb)Sn@RV(t:nO(q!t-WTaQD)v7)v]O?XxQMkn;&i:jUv6^wO6FW6'7z)uKg7Mqj7h@-o]a7[6/&-:/K)-{?Lhh4r
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 4c 21 45 15 02 36 ef 95 b3 51 ec d1 24 4d d3 20 11 5f ea b4 ae 5f d5 13 d7 b4 bd 57 23 0b 7c 1b 21 69 25 ab de 09 8d b2 c2 bd b3 3b 36 c4 5d 56 4f 0e 6c 60 71 9d 0e 91 a1 f1 fd f8 91 39 22 3d 97 e6 9b 04 12 61 c6 35 bc 0d 15 9f c6 aa 18 a6 f1 fe 5b d0 fd 5b 4e f7 4f 04 6b c3 70 69 a0 97 3c e0 21 7a 8f ce 6b 36 8c 7a c3 d6 c5 0c f1 f2 f9 90 a9 4f cf 44 a0 d4 45 2b 88 7e 24 1f 29 7d 1c 84 40 bf c7 21 3c 37 97 12 c9 46 fa 48 9e a8 84 cf 78 14 7d 01 fe 19 b2 a4 e2 84 41 01 e3 38 de 91 b1 8c ac 1b 09 f9 53 06 eb ac 0b 50 fa a3 9b 7f 87 e7 af 7a 58 44 c6 9d 62 22 25 a4 4d 57 eb eb cc b2 26 9b 95 5a f4 d8 38 57 b7 6c c3 a8 0e bb f8 20 03 6f 5d 6a 9b 57 8d 2a 09 a3 ba 7a 6a 12 cf 1b d7 85 2c 12 c3 2f 59 b3 73 11 d1 d7 90 b2 af 21 65 cf e4 8a aa 54 30 d1 39 ce 55 Data Ascii: L!E6Q$M __W#\|!i%;6]VOl`q9"=a5[[NOkpi<!zk6zODE+~$)}@!<7FHx}A8SPzXDb"%MW&Z8Wl o]jW*zj,/Ys!eT09U
2024-10-24 09:44:03 UTC	335	IN	Data Raw: e6 16 8e 5d 70 a8 67 19 fd 2a 62 4b be f4 ba da 54 a8 30 cc 21 9f 6a e5 eb 6a c1 e4 ca 5d af 98 01 1b bf 28 10 10 4c 70 66 c9 83 4c d5 30 c6 99 c9 82 dd 5a 06 2c 53 3e 56 98 49 1c 5d c7 c3 fd 9f f3 5d 70 f7 c2 4b 52 89 91 03 b4 cc d7 45 09 63 2a 4e 3f e1 40 8f 28 70 32 a1 c1 b9 ca c4 ab d9 fa 78 a5 07 1e b3 4e 0c a8 be d6 45 90 db 22 9c 85 0d 75 94 7f a3 fd 91 8a 54 64 72 11 29 c0 05 6b 73 78 87 60 4e 00 93 4a 06 30 0c b5 fe 19 59 ef ce 13 f2 14 01 ea c1 ad f4 80 16 62 8a 32 29 dd 7e 9d 69 1a f6 9c 91 86 de 6a 28 58 83 38 98 87 ca 84 76 6a a5 01 1c 85 96 11 43 9e 12 e9 09 fb 25 04 d4 d9 32 5f ce 04 60 7a 97 84 3e 84 33 f0 11 5f e3 97 0c 49 54 ee d3 41 1f fb f1 3c 95 d4 18 76 8a 35 b2 14 fe c4 a5 5f ca 69 74 a3 38 04 08 ec d9 f2 78 7e 47 3e a2 b5 1f 60 b6 Data Ascii: ]pgbKT0!jj](LpfL0Z,S>VI]]pKREcN?@(p2xNE"uTdr)ksx`NJ0Yb2)~ij(X8vjC%2_`z>3_ITA<v5_it8x~G>`
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 33 0d 0a 30 30 30 30 30 30 30 31 0d 0a 26 0d 0a 30 31 0d 0a 19 0d 0a 66 65 66 0d 0a 21 4d a7 3a b4 c4 91 a5 d4 24 61 51 e9 6e d3 c4 68 aa 12 f7 65 f4 0e b5 0b 8b 58 a6 ec b1 5c 4a 48 0d 62 ec 4d 53 ee 28 dd 9a 08 a5 25 6b 24 fe 73 bc 24 ea 14 90 ef 43 16 61 07 8f ef 3a 41 12 69 4a a8 75 e2 06 01 f5 fb cf 75 97 d0 1e d7 79 ae f7 11 d1 a9 ae dd fa c2 8f d4 e9 3f b3 ab 4f 9d 9d 15 91 28 0a 70 6d 4c 3c 87 86 4d 59 fe c4 88 5c 6d c9 47 bb 59 e5 b8 76 03 18 25 94 1c 9c 53 ca f4 84 51 53 04 e2 98 e5 71 dc 15 0d 4e a6 ba 1a 51 bb b9 9c 2a 62 ab 00 e0 9c 4c d2 39 d1 4d 2a 90 c1 80 6b fc 0f e0 f5 b6 8f 86 8f ff b9 55 d6 b8 d8 6f b8 ac 90 e9 d9 35 e9 93 14 a4 01 a3 b4 ee 0a 4e 02 d7 08 04 27 85 44 69 bd 52 aa f8 46 9a ec 43 6a c0 77 49 Data Ascii: 00000001300000001&01fef!M:$aQnheX\JHbMS(%k$s$Ca:AiJuuy?O(pmL<MY\mGYv%SQSqNQbL9MkUo5N'DiRFCjwI
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: a4 2e 0f 7b 8f c7 08 74 e4 32 36 17 8b 97 e2 8a 7b 5b 8b 40 1f 5c d0 24 4d a3 b4 a6 ea 02 13 4d 0a 07 d2 09 44 a4 d5 38 42 5d 49 a1 42 43 bb a1 bf a7 db 81 4b 1c 70 c1 cb 70 93 a7 82 8b ae 5d 24 61 14 33 b6 d5 6e be 3a 38 fc 38 5f c0 ca 3f 22 dc e7 31 25 f9 29 d7 89 91 82 09 95 19 76 f2 7c 37 38 ea ec e3 6d d7 a1 dc 4d 9f c8 fb 4e 2b 8f 74 97 e0 c4 c4 74 81 05 a7 a0 d8 58 8a 8a 0c 14 7a 69 18 b4 9b 9d 07 2d 36 3c d4 c7 31 e4 fc 4e 79 19 2d 40 e1 db 2a 44 9f 4c 6d b9 41 cf a3 29 f2 0a 5e 4a ed b8 20 00 ea 90 95 63 24 6e e7 46 89 2e bc 4c a9 65 1f 1e 6e 47 51 55 f5 68 3c 6f 94 29 ab c8 c5 c8 4e b3 fa 4a 54 c9 45 45 7a 53 f1 88 e0 c8 76 cc f0 0a 1d ed a0 0c c8 49 4c c5 51 1b d2 4b b2 7f 02 fb dc 3e 75 91 22 8f 74 ff 72 c7 9e 96 78 49 0b ef bb e0 50 1f 27 a4 Data Ascii: .{t26{[@\$MMD8B]IBCKpp]$a3n:88_?"1%)v\|78mMN+ttXzi-6<1Ny-@*DLmA)^J c$nF.LenGQUh<o)NJTEEzSvILQK>u"trxIP'
2024-10-24 09:44:03 UTC	1303	IN	Data Raw: e2 84 41 80 cb 44 fc 8f 9f 19 41 e8 00 e0 ec 1a 48 45 71 82 4f 04 aa 1a 85 4f 7c 1e fe 02 7f 74 ab 51 be 9c e7 5f ab 95 d0 82 d5 e5 28 b1 df a7 71 e8 f5 69 86 2b 5c 74 27 17 57 82 3e 81 44 96 71 46 e8 bc 19 f0 ac 67 63 02 f2 47 29 78 95 a6 8e 8b 69 61 e6 c4 01 b8 e5 39 69 1a 02 85 7f f8 de 8f 5e 94 39 59 12 5e 07 19 ee 49 e0 2d 77 2f c5 24 5c d5 8e 13 07 df f7 84 e7 8e f5 7f 2e 16 61 22 c8 0d 98 88 0f 20 77 d4 91 9b 3e 11 b9 e9 af 20 a4 1a e5 1b 62 9e 7f 1d 62 00 b1 09 2d 90 2f 39 0a 9f 68 1e b5 08 f6 aa 51 c0 5d ec f7 e7 22 a1 09 7c 08 5b 92 fa fe 75 04 95 08 bd cc 88 3d 27 49 41 3f d7 80 72 24 11 af 30 5e 43 5f bd 14 c1 87 a1 46 79 90 1a df 83 dc 77 9a f3 69 00 bb eb 9d ea 5e 2b 04 66 11 2c 92 e5 f2 13 02 03 22 b8 60 f3 40 ef 02 d0 27 4a 00 47 9a ba 11 Data Ascii: ADAHEqOO\|tQ_(qi+\t'W>DqFgcG)xia9i^9Y^I-w/$\.a" w> bb-/9hQ]"\|[u='IA?r$0^C_Fywi^+f,"`@'JG
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
106	192.168.2.16	49871	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/76194.9a49eca4de4d4a1bd1bf.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: ffe52bc7b6ac9b7f194ac22d4c737077 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:53:55 GMT Expires: Sat, 18 Oct 2025 08:53:55 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521408 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 31 0d 0a 77 0d 0a 30 66 66 32 0d 0a db 46 92 f6 f7 fd 15 30 33 51 88 59 00 02 c0 3b 69 da f1 30 99 8d ce c4 71 4e e4 c9 9e 1d ad d6 01 c9 a6 88 11 09 f0 05 40 5d 42 f1 fd ed fb 54 75 37 d0 20 29 7b 26 9b 0f 7b f6 d8 b2 4d a2 af d5 d5 75 eb aa 6a a8 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001k0001w0ff2F03QY;i0qN@]BTu7 ){&{Muj
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 61 cd a3 22 72 63 60 f0 41 63 ad 8e c3 59 ba 5a 45 9b 9c 37 82 db 2a 16 d1 ad 41 40 b3 5b aa 7d c3 9c f3 9e f0 6f 79 84 89 2c 9a 15 62 ae db 7d cd 0d dd da fe c8 32 dd e2 d4 6e bd 52 f8 3f 42 3c 91 a0 73 02 6f 4e 2e 19 19 f2 30 b9 94 cc 7c 31 7f 31 1e ab 62 88 47 ac e7 7d 7a 51 88 b5 6c a8 21 7d 57 2c 45 96 63 c8 23 6c f3 d6 41 6e 33 3b 67 2c 51 f3 ed cd 8d c8 b1 ba 0f c5 32 13 51 f1 81 f7 0c 52 54 d8 52 42 28 a6 2f c6 4d cd b7 d9 18 db 35 f5 7e 78 f3 f6 db 0f df 7c 7b 39 f9 f0 f6 cd 8f 3f 5e fc f0 6f 76 d3 06 7d 98 7c 9c 69 3e ce 58 3e a1 2a f2 ee 07 5e 91 32 6e 27 51 2e 20 81 1b 1f 4a 3e 36 c8 e0 06 64 70 c3 64 10 1d 50 b2 66 a2 b9 3b 5d a5 b3 db 06 d8 86 f8 64 ba 05 27 24 8a 0a 0e 76 96 77 db c0 86 de a7 da ae 95 1c 12 31 2f e4 8e 50 82 b4 86 68 7b 6f Data Ascii: a"rc`AcYZE7A@[}oy,b}2nR?B<soN.0\|11bG}zQl!}W,Ec#lAn3;g,Q2QRTRB(/M5~x\|{9?^ov}\|i>X>^2n'Q. J>6dpdPf;]d'$vw1/Ph{o
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: e7 38 79 ae f3 37 e5 ac d6 9b 9f ff ad 31 7c 1b 15 4b 6f b1 4a 21 7d 8f 81 28 01 f8 00 81 99 45 37 c2 36 00 21 1b 55 69 3d c1 94 a3 8c 7d d3 38 3b f2 9f f0 1c 26 53 7c 83 33 01 0e 3c a4 88 a1 c5 e0 57 e1 16 b3 74 bd 4e a1 ad e3 02 18 37 cf 55 42 9f ab 04 9f 26 6c 32 4b 32 6d 0a 71 d7 e3 ed cf ec 7d be 4c b7 ab f9 5f 37 38 81 e0 e0 a5 4d ac a6 f0 96 51 5e 37 53 09 9e 06 64 ba 04 43 1e 5f cc 15 3d 3d 9d 00 50 37 8f 56 b3 ed 0a 53 5c aa 8d 95 28 3d 81 17 db 79 71 e4 a7 b1 78 e0 52 06 9d 9d bd 38 9e c9 74 17 6c 80 b6 cd 78 52 3a 5b f2 5b f8 a0 70 10 84 ff 84 45 03 bb 4f 5e 69 7f 87 ae 7d 85 43 77 e2 fd ea fd 20 c4 3c ff 3e ce 8b 4b d5 cd 1e ca f9 8e 37 47 52 ad 77 2b 1e 95 5f e8 b0 89 ad 78 e7 14 6e 5e f3 22 a4 93 c9 c4 63 d3 1e 1a 67 de 35 d6 b2 36 d7 b2 11 Data Ascii: 8y71\|KoJ!}(E76!Ui=}8;&S\|3<WtN7UB&l2K2mq}L_78MQ^7SdC_==P7VS\(=yqxR8tlxR:[[pEO^i}Cw <>K7GRw+_xn^"cg56
2024-10-24 09:44:03 UTC	394	IN	Data Raw: 44 29 2e 59 e0 93 4f 4e 42 c0 a2 c1 f6 24 29 fc e9 11 41 0b 68 b2 d8 e5 0d af a9 8f a9 80 23 2e 4e 11 88 c9 d7 d8 93 25 42 4b 70 db 1e 9e a1 a0 20 0e 0c 6b b2 29 b4 05 4d 31 3d 69 cb 4a db 02 22 cd 34 a4 a5 0c 8c b4 55 c2 67 98 fc e9 69 87 78 01 19 f7 f8 4a 4e e9 48 7b ef 8e 8c d6 07 08 a4 07 08 a4 5f 4a 0b 07 b8 85 90 86 e7 14 51 04 1a c3 14 c8 24 2b c7 2b ef f2 db c9 fb 8b 77 3f 7c 78 f3 c3 37 1f 7e bc f8 f9 dd fb 4b 1d 28 2c 85 73 73 67 18 de 10 c4 06 39 b0 cd 3e 54 4b 66 80 05 f9 e5 d7 79 cd 92 82 97 13 e7 1f da 6b d0 31 10 40 c7 5a 1c 2a 49 c9 e2 9f 13 7b 39 e4 05 4c 7e 56 2d 08 13 7a f7 51 96 34 1b 7f 85 8d 8e 3c 8b 78 11 23 da 5e b3 7c 1b c8 e2 50 46 9c 3a 84 6b c5 2e 0f 18 c9 5c 1d 2f 0c c0 11 8e 50 21 3a a0 47 00 98 e3 93 c3 f8 0a 29 1b c7 c5 0e Data Ascii: D).YONB$)Ah#.N%BKp k)M1=iJ"4UgixJNH{_JQ$++w?\|x7~K(,ssg9>TKfyk1@Z*I{9L~V-zQ4<x#^\|PF:k.\/P!:G)
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 41 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a 42 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 30 30 30 30 31 0d 0a c7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 30 31 0d 0a e4 0d 0a 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 74 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 54 0d 0a 31 0d 0a 41 0d 0a 31 36 38 64 0d 0a c1 e7 86 90 74 7d 34 82 41 ff 39 bb 60 ca 98 e4 3f 39 d0 01 4d eb Data Ascii: 00000001000000010000000100000001J00000001A00000001I00000001Q00000001B000000010000000100000001w00000001f000000010000000100000001t00000001Z00000001T1A168dt}4A9`?9M
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: d9 8a 21 10 33 21 16 87 fd 4b f4 11 ae c3 16 7a 87 1a e3 e4 a2 81 be d4 f3 c7 09 72 aa e3 42 ae 00 9b 7b ab 2b 6a db 58 55 48 a0 0e b7 91 eb d5 7d 14 e4 bd 0c 29 33 4b c9 59 ae 5a a6 48 30 28 47 36 f5 fc 61 b5 1c ff 48 39 cf c0 54 55 7f c3 9e 5b 82 12 a5 74 d1 5b 6a 92 5f 55 2b 77 4b 2c a6 42 6d 84 12 9d 32 d4 60 05 9b 07 4d 90 74 03 01 91 69 dc 26 19 5a 79 8a 74 b5 5a 85 9e 45 74 c4 40 cb 63 35 94 a4 1a d8 d8 49 be da c2 1a 06 83 30 3f 93 34 92 7f bd a0 d7 29 19 90 e7 21 89 b0 85 c6 f7 bd 56 af 63 30 a1 51 e9 e6 6b aa 0f 9f ab 5e 81 7b 7c ef b9 da 07 58 a7 26 77 9b 03 3f 50 65 f8 cc ac 21 55 96 52 44 2d 51 82 eb a2 e3 a9 65 b0 3b 7a 68 75 7c 63 c8 07 dc 95 21 af 2c 60 54 50 32 38 c7 98 a9 10 a3 bb c8 85 a3 57 c0 6b d7 38 38 ea ea 1b 48 2d fb 32 56 e4 54 Data Ascii: !3!KzrB{+jXUH})3KYZH0(G6aH9TU[t[j_U+wK,Bm2`Mti&ZytZEt@c5I0?4)!Vc0Qk^{\|X&w?Pe!URD-Qe;zhu\|c!,`TP28Wk88H-2VT
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: bf 5c 2d 11 66 12 c9 75 d9 f2 88 6e ff b7 3b c0 e9 06 89 ba 56 56 2e 82 9d b7 23 c4 57 74 fe 0a d2 57 28 52 ad 7c 85 ee 4a 2c 8a 21 ca 50 24 63 5f 50 33 f4 12 c2 a1 0a 40 ef 8d 41 2d e3 3b f8 1c 17 c9 76 78 cb 42 54 0c 69 10 dd 9d 07 74 79 44 b3 af 6a af b2 73 34 98 b0 ff 86 16 7b c1 37 7c d1 67 84 17 80 92 92 43 70 f9 16 41 28 19 5e 0e 00 9b 8a b3 d0 57 05 26 5d c0 41 9c 18 05 07 d1 42 54 8c 4e c4 40 68 37 47 2c 78 0c ce e0 c2 c3 e7 23 d7 6f e9 ab ad f0 0b c0 f1 56 a6 2a 9a c0 97 f9 87 a7 1b ba 5c 59 6b 9e 09 84 f3 0a 08 69 44 87 e9 9b 39 94 0e 4c 0c 29 9b 42 64 66 15 a7 2d 21 31 12 ee de 44 45 e8 aa 39 95 7b 9b 71 66 cb 24 8e ca 91 ac 2a d9 f7 8c a3 98 0a e4 21 ef 0e 51 4e 19 79 8a e6 7f c7 6b 84 86 e2 01 6f 47 c4 9d 19 04 9d dd 5a d1 73 6d 8f 37 59 ca Data Ascii: \-fun;VV.#WtW(R\|J,!P$c_P3@A-;vxBTityDjs4{7\|gCpA(^W&]ABTN@h7G,x#oV\YkiD9L)Bdf-!1DE9{qf$!QNykoGZsm7Y
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: a3 1d fe 0d bc 25 f3 02 bd 4a 3a 94 42 04 18 ac 1d 01 ca 0a 25 0a f0 0a 6d ba 35 cb c4 a4 d9 f8 b0 8f 2e 3f 21 3d 7e b7 54 44 b6 ba 94 e8 a9 db 8d 64 5e f7 c9 c5 b8 37 df 55 98 2b 3d ca 47 50 56 a6 2e ae cc 20 6b 17 28 56 99 e3 75 ed 6f 1a 0e ac fb f1 d2 88 0c 1b aa 1a 5b 5f 1c be 63 0e be 0a 99 d0 0b ab 02 91 88 c7 11 7e d9 12 72 7f f9 55 63 d2 71 21 29 92 5f b0 b6 97 6f 9f d9 91 5f 54 16 f7 28 83 b8 9e ef c8 af d7 1f d2 cb 78 84 87 df fa 82 e4 d7 7c fc d5 4b 44 77 2c 7a 77 c9 9f 52 fc 62 12 76 17 0d fa 56 30 e8 37 2c 38 41 56 e3 06 59 99 0d eb 61 bd c2 2f eb 69 d0 db 06 f0 b2 81 fb fb 7b ef be e5 a5 d9 cd 39 b2 6f fd 73 8c d1 78 85 37 08 58 2f f1 1b 16 96 f4 c5 b2 f0 da bc b7 18 06 29 d0 13 fa 08 3a 2d af db eb 56 9f 5c 45 13 4d ba 2d 30 52 8b 27 b5 5a Data Ascii: %J:B%m5.?!=~TDd^7U+=GPV. k(Vuo[_c~rUcq!)_o_T(x\|KDw,zwRbvV07,8AVYa/i{9osx7X/):-V\EM-0R'Z
2024-10-24 09:44:03 UTC	376	IN	Data Raw: 2c 1d fd 40 e4 81 a2 12 03 35 44 4d 64 95 12 ff 92 d8 40 7f d8 7a 7d 7a 24 a6 a0 f9 40 fc c4 ee c4 14 84 e9 1e 04 23 9e 50 da 09 d0 1a 12 90 c4 28 71 04 3a 01 18 bc 91 09 cf cc 11 12 4d 8a 1f 34 96 ca 3a 89 a4 92 1f 14 92 34 4f d0 67 3b d4 3c 01 66 80 24 f6 21 37 88 29 7a 3e 3d 9b 60 63 19 80 a8 43 12 1e 62 28 68 93 76 81 1d 41 56 33 d6 a1 78 9a 29 0f cb 08 a1 bd a9 58 3e 43 49 61 d5 10 7d f5 6a f0 3a 2d 97 7a d3 02 81 dd 36 2d 90 47 c7 ba 7d f0 0a 71 30 3e 7d 9e 15 f4 c8 b3 01 2a 88 06 39 3c 7d f2 33 13 3a 49 0a f9 88 45 80 79 58 86 a2 bb c4 a6 01 3b 2d a6 e7 f9 3e 38 1f 38 f0 7b 7d 74 27 e9 07 e1 09 8b bc d3 27 7c 63 58 9c 48 a0 49 49 96 ea d9 d4 33 a0 83 9c f3 d1 bc ac a7 bd 03 eb 72 77 22 9d 01 99 5f 3c 7a 87 16 0f a5 07 79 43 04 d8 03 c6 b1 c6 2e ec Data Ascii: ,@5DMd@z}z$@#P(q:M4:4Og;<f$!7)z>=`cCb(hvAV3x)X>CIa}j:-z6-G}q0>}*9<}3:IEyX;->88{}t''\|cXHII3rw"_<zyC.
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
107	192.168.2.16	49872	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	522	OUT	GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 00000000000000006a30cb823221ec60 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:05:40 GMT Expires: Sat, 18 Oct 2025 13:05:40 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506303 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 64 30 31 0d 0a 8b 08 00 00 00 00 00 02 ff ec 5a 6b 73 db 36 16 fd be bf 82 e6 76 3d e4 16 cb da 8e ed d8 f2 b2 6e 1a c7 69 d2 34 c9 d8 49 66 76 3d 1e 0e 25 c2 12 1d 8a e4 00 a0 1c 55 d6 7f df 73 01 f0 61 4b 7e 24 75 db ec ce e6 43 0c 81 20 70 df f7 dc 0b ba 95 e4 8e 54 22 1d 28 77 cf 93 3c 3b 0b 2e 78 bf 8c 07 1f 9f 8e aa fc e3 44 45 55 1a 8d e3 34 0f 6f 79 76 79 79 72 ea 07 65 25 47 de c9 c9 e6 da ee e6 f6 29 9b ed 6e ae 6f 6d f7 3c c5 38 13 7e f8 fd 4c 04 89 c7 d9 ec 9b f3 9e 87 9f 23 f6 ec a5 1e 54 ec 70 a8 07 31 7b fe 8b 1e 0c d9 87 03 3d 28 19 3f d2 83 09 53 d8 09 6f 0d d8 a7 5d 3d 48 e6 fe de 24 16 4e 1a 0a 6f 63 63 67 77 d3 67 39 86 bb db bb 3b 8f 7d 26 31 dc dc da d8 5c f7 59 46 b3 5b db 3b 3b 3e 2b Data Ascii: 00000001000d01Zks6v=ni4Ifv=%UsaK~$uC pT"(w<;.xDEU4oyvyyre%G)nom<8~L#Tp1{=(?So]=H$Noccgwg9;}&1\YF[;;>+
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: aa 42 68 1a 03 9e 03 7a 88 b8 9f 21 5d 13 3e d1 0e 15 c4 65 99 4d 3d b8 9a 3f b7 9b 75 80 4b 44 6f 02 05 da 73 3c 1e 36 87 23 84 10 d3 dd 19 12 04 78 76 0b 8d b2 dc 95 50 4d 4b 5e 9c 39 ea f2 b2 f1 72 47 19 d7 0e d5 89 11 43 a0 8a b7 22 1d a7 2a 9d f0 53 12 59 03 87 70 ac 45 8a 30 a5 2c 23 52 2e 2f dd 84 9f c5 55 a6 5c 9f d6 2e 1c 95 d6 a9 1a 91 43 1b 56 ce 2f 9c 77 20 e3 99 10 90 83 fb c3 0f 9d e3 9c 71 85 38 6e b9 8e 9d b2 26 c3 d1 e1 2e 70 6b 89 78 2e e1 ec 7c e8 c2 80 f9 fe b1 1e f7 5e 57 e3 3e b0 13 14 34 07 65 f5 0a df ba 95 2b b5 8e f1 86 95 01 df 47 a6 fe d6 75 e7 d0 9a 9f 02 a8 ee 5b d3 00 3f 69 ce 6b d3 d0 f2 06 db c0 91 3d c1 5a 8d f5 56 d6 18 62 d1 59 3a ac b4 06 e9 f7 85 48 15 69 13 63 f8 39 41 ae 50 30 35 1f 20 39 48 e7 cc 41 5e e5 79 22 3d Data Ascii: Bhz!]>eM=?uKDos<6#xvPMK^9rGC"*SYpE0,#R./U\.CV/w q8n&.pkx.\|^W>4e+Gu[?ik=ZVbY:Hic9AP05 9HA^y"=
2024-10-24 09:44:03 UTC	886	IN	Data Raw: 9c 3d cb 87 28 aa a5 09 ca e0 f0 5d 67 d2 e3 d7 12 09 75 a4 24 34 d5 59 03 9f b0 25 cb d2 2d da c7 37 6d 46 ec d6 5a 3e 40 f2 69 b6 59 6c 37 5f 27 07 32 d5 c6 a3 c5 96 17 2a 3d 9b 7a 54 e0 19 0b b9 49 8e d4 57 13 8a 64 8a f0 86 f5 54 11 22 d6 96 cd 8c 06 2c 6a af 36 1c 65 b4 7f d3 76 dd a8 88 f6 0d b5 ed 3a 7b cd 97 19 8d 6e 29 fc f6 1b 2e b8 63 19 8c 5e a3 5d 41 8d c4 d6 0b 17 fb 0b 8d 3f 30 37 69 c2 4b 84 2e 19 47 8f 41 87 3d aa 79 b5 59 e9 e4 4c 4f 0e 75 5b 5c b7 d1 ba 75 31 31 74 54 c7 dc 7c 88 04 03 2f 78 48 86 5e 3f ff 3c 86 9a 68 8f 5c 05 9f 5f ce 10 1e dc c2 cf 53 60 32 14 e4 3c 39 28 a8 3b fc c0 0c 7d ae 86 08 f3 68 6a a2 c4 90 b3 54 45 55 8e 96 96 98 1a 8a 5f 01 2c dc 87 bf 17 e5 57 c3 5b 5a de a0 29 c3 d7 8b f2 1e 3c 01 47 1b 5c fd fb 73 05 ab Data Ascii: =(]gu$4Y%-7mFZ>@iYl7_'2*=zTIWdT",j6ev:{n).c^]A?07iK.GA=yYLOu[\u11tT\|/xH^?<h\_S`2<9(;}hjTEU_,W[Z)<G\s
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
108	192.168.2.16	49873	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/33274.186e9fb49d3ce6fbe3b3.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 3570e0994ce8c9a572288ac9b9d89185;o=1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:10 GMT Expires: Sat, 18 Oct 2025 08:45:10 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521933 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 31 0d 0a ac 0d 0a 30 66 66 35 0d 0a 5c 6b 9b db 36 ae fe be bf 42 d5 b6 59 bb 2b 69 74 b1 64 4b 13 67 37 99 24 4d da 24 6d 73 eb ee f6 e4 69 65 99 b6 d5 91 2d 57 92 e7 92 89 ff fb 79 01 52 b2 3c 63 39 39 fb 9c a4 a9 21 10 04 41 f0 06 82 20 f5 4d 29 b4 b2 2a d2 a4 d2 4f 7b a5 c8 66 d6 a5 98 ac e3 e4 fc 6c b1 59 9d 5f 54 bf 6d d2 df 96 71 ba 1a 1f 49 fb f4 e9 d7 0f 7d Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010010ff5\k6BY+itdKg7$M$msie-WyR<c99!A M)*O{flY_TmqI}
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 97 52 a1 e8 37 52 fa e7 a8 ec 1e 71 bf 6f ec 33 17 25 b1 a7 5e f4 d5 78 dc 2b c6 6d ce a2 44 d2 45 9e 4e 35 1b 89 c5 bd 7b 85 6a 4e 6a bb 36 e1 9e 08 aa 47 f6 56 b7 79 7d fa 24 79 a1 bb ae 3e 7d 5a 59 e8 26 4f e2 64 d1 eb 61 04 30 b7 5b 72 e7 7d fc d9 16 68 41 b4 d0 9e 0e 17 d5 32 eb f7 b2 4f 9f 7a d9 78 f9 bb f6 f5 8d bd fd 7d bf d9 1a 89 fe c1 4a 97 19 26 c8 30 41 86 fb d3 f4 42 e3 1e 32 d6 17 68 ae e4 5c 4b a9 57 98 45 7e a9 3f 60 76 da fd 13 10 3d 00 57 d5 df ce c5 75 79 b8 ce 7d 6b 19 af 7b a8 85 51 60 be 68 15 f7 1c c5 3d bf 55 1c 7a 94 56 e4 1b 54 69 6a 26 69 91 64 42 9b 9a e9 2a 43 5f 36 31 04 af b4 38 4b e7 2b 73 99 4e a7 48 9a cc cd 49 3e bd 66 89 ee 08 86 92 2a 8b 6b f1 32 5e f7 7b 37 bb ee 19 7d f5 15 eb 73 87 31 f4 b5 e9 e8 35 5e f5 2b 63 92 Data Ascii: R7Rqo3%^x+mDEN5{jNj6GVy}$y>}ZY&Oda0[r}hA2Ozx}J&0AB2h\KWE~?`v=Wuy}k{Q`h=UzVTij&idBC_618K+sNHI>fk2^{7}s15^+c
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 4e d5 fd 89 f1 e8 4f e8 6e 04 fa ee 30 04 f9 9f 04 07 f8 03 92 ef 08 46 87 09 51 93 ef 09 c6 5e 35 04 fd cf 04 83 cb 08 34 bf 10 ec b9 01 b5 ca bf 08 76 ed 11 4a fa 37 93 60 a6 01 fa 3f 4c e2 60 fb 8f 7e 57 80 64 18 62 10 a0 df 11 8c 0d 2e d5 7c 45 30 2a 4b 52 c2 a0 22 a5 0d a8 4f 25 04 07 e8 5e a8 6d 45 b0 33 0a 47 e0 59 12 8c 1d 2d 75 9e 94 60 6c ce b9 df 11 ec c3 2f 00 fc 94 61 df f6 91 37 23 d8 f3 b1 1f 46 27 24 38 08 7c 9a ad 9e 13 0c f7 0b 75 ce 35 d3 d3 f8 5b 30 85 3f 22 e9 97 4c 31 44 c3 a1 0b 12 0c e7 0b 8d b6 0d d3 d8 18 b1 e8 82 4c e3 c0 e5 81 2e 48 f0 00 9b 75 e0 2f 09 c6 30 47 41 d7 04 0e 43 0c 65 f4 40 82 5d cc 03 68 b6 73 49 02 87 0e 7a 20 c1 23 1f 4a 46 0f 54 34 3e 68 de 10 3c 84 83 c0 ae 97 a1 17 c5 f8 46 c7 22 05 fb fb 4a 8f 84 b5 5b af Data Ascii: NOn0FQ^54vJ7`?L`~Wdb.\|E0*KR"O%^mE3GY-u`l/a7#F'$8\|u5[0?"L1DL.Hu/0GACe@]hsIz #JFT4>h<F"J[
2024-10-24 09:44:03 UTC	361	IN	Data Raw: ab 0f 95 54 55 18 a2 65 f4 1f 4a 91 b0 4c 80 45 26 a2 1c 6e 2f 02 24 2a 9d 2f e3 a8 00 8a 00 85 e2 51 15 ad 08 c9 60 1b 2d ed 8d 5f 6a 59 de d4 43 10 56 08 93 e9 25 f4 67 3a 66 08 d3 15 0c f0 e1 84 32 3f 69 58 48 94 a2 ac e2 82 16 f4 8c 26 ea 12 29 f8 7e ca 9f 32 03 3e a3 4a a2 55 86 cd 44 19 00 29 d0 9b 09 88 6b 4d 6f 26 d3 b4 80 42 f2 e2 da 94 86 af 32 f6 62 a6 6c 12 e1 8b cb 2f 5b 76 5f 79 19 af cd 45 5e a4 1f f5 68 0a 52 7c 3e a3 2f 2e b0 4a 97 82 d6 91 28 2b ac 1a 6e 12 30 d6 a2 89 c4 03 94 02 12 51 6b 00 ad 65 f2 de 08 62 92 e8 b9 4a 91 dc 0a ac e0 d1 02 28 02 24 ea 32 ad b0 50 44 4b 20 25 28 0b d8 60 11 c8 6a d3 61 5e e0 b4 87 be 77 b6 83 4a 97 b6 c3 a6 4e df 19 0f 9b 35 4d da cd 84 78 01 0a c6 b4 a6 44 89 88 66 75 92 2a b8 c8 4c 5a bb b8 cb e9 d1 Data Ascii: TUeJLE&n/$/Q`-_jYCV%g:f2?iXH&)~2>JUD)kMo&B2bl/[v_yE^hR\|>/.J(+n0QkebJ($2PDK %(`ja^wJN5MxDfuLZ
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 4b 0d 0a 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a 64 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 33 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 19 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 99 0d 0a 30 30 30 30 30 30 30 31 0d 0a e0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2e 0d 0a 30 30 30 30 30 30 30 31 0d 0a e2 0d 0a 30 30 30 30 30 30 30 31 0d 0a e8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 66 65 64 0d Data Ascii: 00000001K000000010000000100000001X0000000100000001d00000001J000000013000000010000000100000001>000000010000000100000001:00000001.000000010000000100000001M00000001a0000fed
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: a9 f0 16 f6 80 0e 39 42 a3 93 6b 73 1a d0 5d ef 2a 9e d7 56 29 05 78 1c 61 25 8f 11 94 64 f5 a9 c2 01 91 38 38 e4 08 1f ac 26 7b 7e 93 86 e3 ed 84 43 bc 29 d8 e4 38 ef 76 af d9 1d 74 1c e0 85 5b 03 a3 6e 2b 7c ef 2c a4 16 b1 7d 3e 72 80 23 87 bc 74 4b b7 3b 44 e9 6e 8e 12 7e fb 95 28 9e e6 9b a2 62 07 21 f6 8b 14 3c 73 84 eb de ae be 3e 95 39 20 1d 07 de 74 f2 a9 4f 6f ba 45 13 ab 0b 91 e1 14 45 4e 31 01 85 ee 74 73 db 9d fb 74 33 84 69 f3 72 47 07 e3 86 a2 7e ba 59 d6 87 44 aa 31 9a 43 a3 03 55 1d 50 cc d0 11 4e ea 6c a9 e1 a4 be 0f 70 e2 88 a3 6e 4e 77 0f a2 6a 9e 77 53 0e 70 e7 18 a6 4e ee fb 27 58 cc f8 bf b5 ea be c0 74 fb ff f4 91 91 59 41 56 80 6f e1 be 8c 35 7a ef 5b 4e 62 9b e4 ea b2 ad 81 e9 e0 ff 23 d3 59 f8 89 6d f9 86 4d 5f f8 07 88 3c 60 30 Data Ascii: 9Bks]*V)xa%d88&{~C)8vt[n+\|,}>r#tK;Dn~(b!<s>9 tOoEEN1tst3irG~YD1CUPNlpnNwjwSpN'XtYAVo5z[Nb#YmM_<`0
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 51 48 9c d3 51 66 fe 23 51 b8 ce 01 4c 82 77 47 5c 5b 62 f0 56 07 ee 32 03 29 b0 54 db 0a 79 8d 3b 41 f9 25 90 b3 44 84 c1 50 52 ce 39 cc 5e fb ab 17 c6 c9 20 91 b8 4a c4 19 c8 5c 3b 09 43 45 96 5c 23 1a 19 a8 d1 70 32 f1 25 d5 04 37 c7 95 24 12 71 b9 c0 d1 19 b1 9f cd 6a de 88 2e a6 2a d1 9f 1d ca c4 75 24 ca 88 07 6f f0 a7 85 c7 b3 33 94 3d a4 bf 2d 34 62 c2 08 ed d2 df 16 1a f5 02 5a 04 f4 b7 85 1e 30 3a e1 3f 2d b4 cf e8 89 47 7f 5b e8 80 d1 77 24 1c 32 7a 30 a5 bf 2d 6a 3a b6 38 20 37 6e 02 02 ed c4 f4 57 52 e3 ba 0b a2 1e a8 f2 ed 46 2e 37 49 82 a8 22 62 d1 d2 36 5f 1d a0 06 1d 4e ea 8a d4 b1 92 fb ed 37 a5 36 2d 90 bb dd d2 aa 24 b3 98 4f 22 84 9f 19 1a 9e 08 d2 5c 67 24 e5 50 25 ca 54 3c 76 a3 39 78 f6 46 1b 2a 7d 71 e8 25 67 b4 91 82 77 7a 34 18 Data Ascii: QHQf#QLwG\[bV2)Ty;A%DPR9^ J\;CE\#p2%7$qj.u$o3=-4bZ0:?-G[w$2z0-j:8 7nWRF.7I"b6_N76-$O"\g$P%T<v9xF}q%gwz4
2024-10-24 09:44:03 UTC	111	IN	Data Raw: 6a 49 8f 37 55 de a2 53 37 3a 77 33 fb 4d ad 3a d2 11 6e 90 a1 dd 38 b0 b4 95 47 2e 9e b8 7f 88 bb a2 b5 32 0f 0a 41 11 bd a6 ba c7 a7 a4 20 63 25 6a 96 24 d5 4a ad a2 24 19 0a e3 bc f2 b2 68 5e d4 75 f8 d2 dc 2d ef 02 ee 4d 9c f3 55 27 f3 8a 66 61 b5 06 ec b0 34 f7 e2 19 a1 66 75 d8 a5 2c e1 47 80 a7 f2 40 0a 4d 3d 78 97 ea 0d 0a Data Ascii: jI7US7:w3M:n8G.2A c%j$J$h^u-MU'fa4fu,G@M=x
2024-10-24 09:44:03 UTC	620	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 40 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4f 0d 0a 32 33 65 0d 0a c6 d8 a2 1f 4a e2 34 d8 5a 6b 8c 1a bc 89 32 c3 e5 41 51 6a b8 83 0c af 43 89 40 5d b4 27 bd b0 b6 16 e5 8d fd cd cd 2e 52 d8 ac 9f 03 34 af d8 8c db b6 b3 ab 70 2b 84 f9 d2 90 bc a9 f2 1b 5e 9e 68 90 63 b0 d1 49 21 3d 75 03 d3 b3 7f 30 1b 62 91 2f a9 b4 5d a6 92 2e c4 e1 fd b9 ad 0f 74 3d a7 39 a7 3b 02 1e 61 6d 11 f8 d1 bc 05 47 a4 9a 78 88 e0 f2 a6 9d d3 b2 9d bd 82 db c4 97 b8 7d 7c 03 37 c7 37 4d 9f 5b c6 e5 79 53 dd 08 1e 29 fb 1b cd fe e6 f4 30 7a bb b5 e4 93 95 37 d3 14 cf f2 c1 bb 42 cf 46 9e d2 ff 70 39 93 6e d8 92 a1 82 0a 9e f2 5c 82 f7 1a c4 b2 8c e4 63 35 0a 45 4f 27 47 50 ba 40 4f de ca d7 6b d4 83 93 87 27 22 Data Ascii: 00000001@0000000100000001O23eJ4Zk2AQjC@]'.R4p+^hcI!=u0b/].t=9;amGx}\|77M[yS)0z7BFp9n\c5EO'GP@Ok'"
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
109	192.168.2.16	49874	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/21928.84211e4ee5e5aa330648.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d8f07a1c8315a188fb374284b1e69636 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:31:12 GMT Expires: Sat, 18 Oct 2025 09:31:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519171 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 31 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 02 ff ec 7d 6b 7b db 46 92 ee f7 fd 15 30 93 f1 92 09 08 f1 26 89 a2 4c 2b 8a e2 9c f8 ac 13 cf 5a 9e dd 3d eb d1 23 83 40 93 84 45 02 1c 00 14 25 cb fc ef fb 56 55 37 d0 e0 c5 4e f2 64 77 e7 99 a3 28 96 c8 46 5f aa ab bb ab aa df aa 6e d4 96 99 72 b2 3c 8d 82 bc 76 5a cf d4 6c ec ad d4 68 e1 07 37 17 d3 65 7c 73 9b 5f 2f a3 eb b9 1f c5 c3 cf 3c fb f4 e9 dd 55 c3 5b 2c b3 69 fd dd bb 4e fb a4 d3 bf 72 1f 7a 27 27 c7 9d 41 5d b9 b9 9b 36 86 cf 1f 6e fd d4 49 86 69 bd d7 3f 6e f5 1a 6e 86 8f ed a3 a3 de 61 c3 8d 28 f5 b0 d3 6b 37 5c 1f 1f 4f 0e 8f fa fd 86 1b e3 e3 71 bb d5 ee 34 dc 19 a5 76 0f 7b 8d d3 99 ca 9d d0 0d dc 91 bb 70 a7 ee 7c a8 86 cf d5 29 d5 bc 1c 8e 97 71 90 47 49 2c 2d ba 49 83 5b cc 50 bb 9f 4e 96 Data Ascii: 1000}k{F0&L+Z=#@E%VU7Ndw(F_nr<vZlh7e\|s_/<U[,iNrz''A]6nIi?nna(k7\Oq4v{p\|)qGI,-I[PN
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 9e f1 28 ce 12 ca 38 5b 52 1f e6 dd 25 fd ee f1 e7 1e f5 63 8e 95 47 95 ce 7d 62 da 9c d9 3f 0f a9 f1 39 4f a1 79 44 7d 9b 27 9c 77 d1 a5 cf 8b 1e ff e6 3a 98 88 79 46 2d cc 33 9a 03 b1 16 bc 4c 7f c2 d5 25 21 0d 4b c2 95 26 21 65 4d 42 ca 9a 84 34 bd 12 1e e5 24 24 76 26 21 11 91 4c 38 4f 4e 44 2c fc 09 57 b8 80 c6 c7 37 ae 6f c1 35 2d 98 c5 8b 1b ca cb 33 6d 11 f3 47 19 c6 05 67 5f e4 54 9f a4 64 c4 49 45 2c a7 a4 fb 1c 2c c5 87 94 7a 91 32 43 53 7f 45 9f a9 bb 69 c2 bf 17 fc 9b a7 6b ca d4 64 3e b1 21 e3 f6 b3 88 2b cf fe 46 43 99 a5 d4 9e 2c bf 6c 45 84 67 f7 34 32 39 d7 4c f2 86 08 c9 27 d4 5a 3e a5 6a f3 88 39 94 f3 c4 85 ce 26 6d 44 c9 dc 4e 7e 47 9f 97 bc 38 6e 69 41 dc 06 44 fd 6d 40 35 df 26 94 b2 62 52 56 73 aa 71 35 27 b2 56 0b ca b3 e2 de ae Data Ascii: (8[R%cG}b?9OyD}'w:yF-3L%!K&!eMB4$$v&!L8OND,W7o5-3mGg_TdIE,,z2CSEikd>!+FC,lEg429L'Z>j9&mDN~G8niADm@5&bRVsq5'V
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 06 86 1e 0e 5a 5a 08 97 f3 78 01 c6 2d 88 71 60 a3 a3 e7 ca 71 0b 03 6b a6 4a f7 10 5f c8 fa 10 45 51 8e 1d 66 3e 25 c7 10 b9 59 ad 4c 76 78 d2 5b cc a3 71 2f be 3e c3 60 97 5f 20 02 b3 f2 ab e3 3c 13 e6 72 bd cc d6 9a 73 1b a9 d5 f7 09 ad 14 a7 79 e8 b4 5b f8 bf e6 60 7a ff c7 b0 d6 ee d5 8a aa 64 79 21 fd ff 61 5a d6 1c a9 e7 df 65 ea d3 34 95 84 9f f4 f4 a7 94 24 8d 20 22 87 35 7f 89 dd ae 4d 04 c8 80 d5 32 75 d0 b7 9f 9d 96 db 72 fe cd e9 39 af 30 29 9d ff dc 3f d1 2b f3 0a 53 81 6a b0 2b 7d 76 20 14 94 69 b0 d6 ac de 3f 3b 00 ff 0b db 8d a7 04 2b bb 7a 8a 79 04 0d 8a c5 0f a8 27 1a d6 b3 6f d4 b7 79 e3 9b 9f 51 bf f7 e7 97 07 ed 7e 0b f8 58 fb b0 25 29 41 92 d5 a3 c6 b7 9d 56 0b 80 5c 91 9a 45 31 a5 b6 8f 0f b7 86 7f 8a e1 9f 62 f8 69 90 e8 9f b1 1e Data Ascii: ZZx-q`qkJ_EQf>%YLvx[q/>`_ <rsy[`zdy!aZe4$ "5M2ur90)?+Sj+}v i?;+zy'oyQ~X%)AV\E1bi
2024-10-24 09:44:03 UTC	230	IN	Data Raw: 5b aa 2c ff 0b 43 c4 75 b8 41 ac d5 4a 93 88 ec 78 00 47 55 a6 58 f3 0a 0e 64 72 c4 8f d0 b3 d4 74 6c 17 2b 21 6c a1 f1 40 37 84 6e 65 75 fc e4 93 17 3b a5 c9 ca fd af 3c c4 68 0a 1e ec b1 94 5f c3 e8 ff 11 28 55 f8 32 57 73 6b 7e 3f 79 52 87 da a4 40 07 03 44 d2 8c 90 b9 5f 83 f3 11 25 e0 5d 82 1a 51 9e 7c 1b 3c a9 d7 e0 66 4e 52 4e 86 a4 a9 d7 a0 d0 6e b1 fa d8 6f 49 ba 4b 79 a4 8c a0 43 7f 49 72 6e 93 95 62 8d e0 27 23 ae 72 64 e2 5a 6c 51 95 1b 51 95 03 a2 0d 15 26 2c 6b 7e 9a ad 12 e2 b0 c6 8c 5e ce c2 4b 38 5f 81 70 7d af 7e c2 7c c3 52 34 26 02 e9 1f 37 d3 b3 1c fd 22 8b 2a 50 2f e6 8b fc fe 12 cb e2 d3 27 03 82 51 eb 59 60 e3 60 30 2e 65 12 3c 7d 6a 32 c1 74 d8 c8 94 0d 0a Data Ascii: [,CuAJxGUXdrtl+!l@7neu;<h_(U2Wsk~?yR@D_%]Q\|<fNRNnoIKyCIrnb'#rdZlQQ&,k~^K8_p}~\|R4&7"*P/'QY``0.e<}j2t
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a e3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a e3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 14 0d 0a 30 30 30 30 30 30 30 31 0d 0a 93 0d 0a 30 30 30 30 30 30 30 31 0d 0a 37 0d 0a 30 30 30 30 30 30 30 31 0d 0a d9 0d 0a 30 30 30 30 30 30 30 31 0d 0a ca 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 94 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 30 30 30 30 31 0d 0a d1 0d 0a 30 30 30 31 66 61 38 0d 0a 3a 07 34 6f b7 87 c7 09 3a 09 d4 d0 Data Ascii: 00000001>00000001}0000000100000001000000010000000100000001_000000010000000100000001000000017000000010000000100000001000000010000000100000001000000010001fa8:4o:
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: fe e3 c3 7e 9f f3 75 ba dd 93 63 52 3d 00 ee 0f bb ad d6 89 00 f2 33 f8 81 75 d8 78 19 34 3e 7f 04 e5 fe 80 a0 71 d2 2e cb 8d 28 b7 c8 fb 0f f1 30 7e 39 ca 8d b0 17 de 9a 8d 92 bb 4b 45 aa fa 1c 62 0e 10 d3 fe b0 37 f2 d9 55 e2 de 7c e0 6c 64 94 55 12 63 24 5e e9 b8 b4 37 c9 8a a2 e6 58 10 8a f8 7d 93 24 b9 07 58 22 bd 97 46 93 14 cd d6 6b ef 68 0e 43 d0 5e d5 2c 54 9f 36 fa 0a 60 8e 8d 62 90 b5 54 4d a9 b1 9d 78 8f d5 05 ed 6b 6c c6 57 7c e2 c0 84 8c 69 0a 10 c3 08 69 4c 76 8e 28 a9 7d 14 d5 6b d8 4a f8 69 30 6d 22 a6 06 91 3d 59 93 02 20 28 e6 47 f6 54 a5 26 b1 01 4f e6 83 6c d8 66 10 d8 b3 e1 54 eb 13 6d 86 ef aa b2 12 f0 67 e9 16 58 20 46 9d 6b dc d4 74 ac 20 82 60 0c b3 45 d6 10 20 61 5a b0 07 c5 cb 5a c0 1c a4 49 60 91 59 91 88 44 98 68 12 d2 9f d8 Data Ascii: ~ucR=3ux4>q.(0~9KEb7U\|ldUc$^7X}$X"FkhC^,T6`bTMxklW\|iiLv(}kJi0m"=Y (GT&OlfTmgX Fkt `E aZZI`YDh
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 7f 74 e4 c7 28 85 80 cd 94 8a 0d 9e 95 47 20 c1 9f 24 0e a2 01 a3 3b fa 66 d4 84 f8 22 34 84 44 55 ef 7c 00 3f 28 5c ce e4 65 c8 93 05 fa 38 4f 70 4f 0b e1 51 a5 72 91 09 60 1a a2 91 e2 ee d0 07 3a b5 5b 99 a4 dc 85 3c c5 0d 29 70 f4 98 83 53 5b b9 2c ce f7 f6 f4 94 99 a7 39 28 e5 75 63 f2 07 70 e1 82 4e 85 b2 af 49 0e 86 fe 25 05 aa 2a 83 c1 52 bb 26 ea ce 4a f1 22 f2 4b 0b c6 0a 27 3d 1d ed 85 67 9b 4e 32 62 77 05 bf 31 38 40 57 95 f8 13 b6 32 cb 1d 17 03 82 6f 38 c2 ee 35 0e b1 22 b2 47 6c 3d ab 6a 40 b1 ae 09 8c b4 92 3d ba 7a c2 e5 f3 c3 3f 80 21 0d a2 f7 2d c6 c8 d4 6d 67 d5 b1 67 0b 1a 8d 6b 90 67 6c 3e 82 c7 8c cc 40 48 51 7d b2 29 33 46 7e 38 51 4e 4a e1 47 d8 5d 2d e0 e0 72 46 93 26 45 9d 00 d0 cc 85 bf c5 37 8b f5 6d 67 de 94 23 44 ce 8f 30 38 Data Ascii: t(G $;f"4DU\|?(\e8OpOQr`:[<)pS[,9(ucpNI%*R&J"K'=gN2bw18@W2o85"Gl=j@=z?!-mggkgl>@HQ})3F~8QNJG]-rF&E7mg#D08
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 28 b0 0a a7 42 00 04 c2 64 30 a9 c4 de 66 75 7b 7e c9 1a d4 39 70 70 44 46 3e fa b8 88 b2 ba 91 ff 12 10 56 3d 44 02 ae e8 13 28 d2 1c 87 fc 46 31 66 57 4e 78 9e f6 4a 49 96 a2 8f a3 3c 76 f0 0f f6 56 7c e3 8c 33 5c 0a 03 1f 50 cb 59 dc b1 23 88 3a bb 09 32 9e 85 51 46 53 ad 08 46 e3 53 24 c3 da 4b 6e 09 40 a0 6e c9 0c f4 b3 03 69 b2 b4 7c 8a 2c 38 c6 89 71 b8 e4 12 2a d4 53 76 cf d3 a7 4f 65 46 6f 3c fe 4b 2c 09 28 1e 6e 20 0f 62 25 95 f9 e5 93 35 f0 17 14 83 8d 82 6c 2c 95 f9 84 65 97 a6 1f 5b 8f 89 66 ab d9 19 ae 2e 44 64 ca 1b f2 ff c1 90 49 56 af d4 98 6f 1e b3 36 a4 ba 0e a0 22 72 56 ec 02 d7 e6 ce f5 d5 64 bc f4 ec 49 2b 80 1a cb 8c ea 42 90 b2 b2 0c 70 0a ad 84 bd ac 8f d2 92 36 7e 0c cf a8 09 ed 2f 3e 7b 87 bb 16 e9 16 02 b6 b9 ea 87 8d 2b Data Ascii: 00(Bd0fu{~9ppDF>V=D(F1fWNxJI<vV\|3\PY#:2QFSFS$Kn@ni\|,8q*SvOeFo<K,(n b%5l,e[f.DdIVo6"rVdI+Bp6~/>{+
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: d0 e0 12 74 cd 45 4a 0b dc e9 b4 da ed 66 a7 d5 e9 e2 0c b7 b2 6a 3a 5f e2 5d 11 69 c6 b9 5f 45 90 87 b8 a1 df a1 38 99 d4 f9 f9 e5 5b ab 81 28 9f 2e 47 5c 75 be 1a 65 07 45 6b 07 e0 e1 08 17 e0 46 f1 c1 ab 97 17 2f 7e b9 7c c1 4d 1f 0c 52 d0 f3 c0 d7 5b 8f e8 c2 3e e7 ab d6 a8 17 86 fe 29 27 01 97 8a 26 09 12 8f 8e da ad 71 47 12 17 cb 14 5b 10 4a 1c f7 3a 41 5b 27 02 0a a2 c2 fc 9f 24 e1 a2 7b a4 04 b8 15 b4 d3 92 14 c4 12 c4 13 2a a9 0e 8f a1 87 24 f1 1e 0b 85 24 c4 57 e3 40 9d 1c 1d 4b e2 24 45 20 07 d2 ba 27 7e d0 0b 24 2d 57 3e 6e e3 fe aa d3 0a f0 9e 2c 49 0a ee 7d ca d5 e9 1f 8f 46 87 92 84 0b f7 03 4d 89 24 b0 b0 a1 ea c7 63 49 c0 81 76 c8 09 74 89 fe 2b 93 f0 22 84 94 0a 76 f9 3f 2b 1d 12 81 8a 9f d0 8f 95 8c 95 48 c9 1d fa b1 92 d1 2f 24 ab 23 Data Ascii: tEJfj:_]i_E8[(.G\ueEkF/~\|MR[>)'&qG[J:A['${*$$W@K$E '~$-W>n,I}FM$cIvt+"v?+H/$#
2024-10-24 09:44:03 UTC	1309	IN	Data Raw: b6 2a b7 a0 45 ab 4f f4 a0 40 b6 42 91 b2 45 6b c9 30 12 61 6b 1f 48 22 e0 a2 07 16 01 d5 da ac d5 b1 4b 88 e1 2a e4 01 ce 61 d6 df c1 21 32 be 6a c8 67 f6 ba 00 a6 d8 ff 48 b7 27 9d 31 c2 79 27 69 24 12 85 0f 5a e7 17 7d 63 e6 14 b6 47 e3 b4 64 56 1b 9c 2a cb 59 fc c3 3d b0 c4 bd a2 8a 52 de 22 c0 1b 56 19 9f 86 1b 8c 70 16 eb a6 49 df d7 fe 73 ae a7 42 e7 1a af aa 79 a0 20 0d 98 4d 33 9c 8e c1 f1 ab 81 84 fd 20 ae 93 62 29 1e 34 36 d7 12 92 34 dd a6 97 25 99 26 05 7c 55 06 87 d4 69 a6 26 66 09 cb 5a 9a b1 e0 2e 06 4b 37 52 d2 2b 07 c1 74 fa 00 c8 0d 47 7b 3c 98 b5 d8 5e 0f 06 98 8b 1f 61 39 d1 32 8e 62 00 38 0f 0b dc eb 41 b3 b8 75 aa e7 31 83 fe d2 00 b2 e3 ad da 37 51 4e ef 27 84 75 88 c3 61 98 df 74 77 22 2e e5 cc cc 89 41 77 5f 36 a2 79 ef 43 84 d9 Data Ascii: EO@BEk0akH"Ka!2jgH'1y'i$Z}cGdV*Y=R"VpIsBy M3 b)464%&\|Ui&fZ.K7R+tG{<^a92b8Au17QN'uatw".Aw_6yC

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
110	192.168.2.16	49875	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	521	OUT	GET /gui/8405.86474e95af8bef65079f.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f8ca6bcdda502772cb94954b2aaeb89c Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:01:24 GMT Expires: Sat, 18 Oct 2025 10:01:24 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517359 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 31 0d 0a 5b 0d 0a 61 34 37 0d 0a 69 6f db 38 1a fe be bf 42 d1 62 0b 69 2b 68 9c 4c 4e 67 d5 4c d1 6b 07 e8 64 82 a4 ed 02 13 18 86 2c d3 16 a7 ba 40 52 4e 0d c7 ff 7d 1f 52 94 25 3b 76 e2 34 95 e1 16 ed 97 ca 14 45 be f7 1d 33 e7 c4 e0 82 d1 40 98 a7 16 27 d1 c0 bd 21 bd cc 0f 3e bf 0a f3 e4 f3 48 74 73 da 8d 7d 9a 78 f7 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100001[a47io8Bbi+hLNgLkd,@RN}R%;v4E3@'!>Hts}x
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 4f 7f fa b9 ef c0 cf cd 98 d7 2b 44 d4 61 4e e2 a4 0e c2 2a c1 c6 2a 36 f1 11 64 a4 1d 8b cb 78 ce 77 95 53 9d 06 be 80 27 80 3a 69 b7 af bc 1d 95 5e dc 87 1f 4b e0 a6 ad c8 6e c3 1d c7 94 13 97 11 9e 46 23 b9 e4 8a 90 24 16 ae b0 2b a3 33 ac 9d 53 42 03 93 5a f8 32 69 e1 1c 5a 39 ab 99 c7 44 40 a2 8f af 39 24 79 b0 fa 30 f5 84 0e c9 64 58 5b c5 99 32 a0 9c f4 ac 54 61 c9 1d df 31 13 38 78 18 cc 1a 3c fe 9d 3d 2a 06 52 9b b8 8e ab 94 9f d0 31 c2 78 21 46 d8 45 8c 00 77 31 e7 d3 11 95 e2 54 7b de 8f b8 7d 5f f8 ca 99 e0 f5 4b ce d3 80 16 4e 5f 63 2f 3c 89 7d 89 f1 b0 c2 f3 df d8 a0 fc 0f 9c bd 8c cc b8 9b 27 96 70 69 bf 8c 9b 8c 31 25 51 df 90 94 af e2 08 fe 4a c6 0e a4 ef 2c 2c bb 08 74 66 57 c3 ff 59 f6 b4 ee dc 40 30 c5 8a d3 c2 c7 09 db 21 0a ae c2 c9 Data Ascii: O+DaN*6dxwS':i^KnF#$+3SBZ2iZ9D@9$y0dX[2Ta18x<=R1x!FEw1T{}_KN_c/<}'pi1%QJ,,tfWY@0!
2024-10-24 09:44:03 UTC	325	IN	Data Raw: 97 08 42 43 75 99 d9 bc 70 23 e5 89 d0 9d 2f a8 ad 2f 09 73 b5 b5 3b e4 b8 5b 5b ab 75 ae 1a c2 64 be 03 bc 3e 26 35 c8 4c 07 98 14 35 c1 6a aa 85 66 97 6b 4e b4 34 36 c3 11 ba f3 33 1c eb 23 57 8c 73 2c c1 6a 5b c6 39 be de 16 2d 9d ec 58 82 e9 c3 b3 37 e5 50 44 73 53 1a 5f 8f 65 09 5b 39 b0 f1 55 08 56 6d f1 e6 3a f5 5f 8f 62 05 5d 57 37 ed e7 91 5c 52 1f ac 3e d9 c4 54 c5 37 41 ed ee 80 c5 83 58 56 e3 68 db 28 99 15 74 4f 92 cd 98 c4 29 1b 5f a8 39 c1 04 83 c7 b2 f6 bf 65 1e a2 00 b1 9b 15 30 e2 7f 05 e4 52 67 f1 b0 b1 41 5c 53 eb d4 c5 cb 46 c2 cb 4e dd db 0b ab 16 88 36 d1 b0 6b b6 65 a0 f5 a6 6c fc 3c c2 6b d5 ba 07 5a 4b 1e d3 3d 50 31 fa d2 9e 01 fe d6 4d f5 0c ca e0 1e ad 03 f0 e3 c1 c1 fd a5 5c 2a 07 f7 c1 25 0c ee cf 4e 2c 87 fd 9f 38 bf 8f 96 Data Ascii: BCup#//s;[[ud>&5L5jfkN463#Ws,j[9-X7PDsS_e[9UVm:_b]W7\R>T7AXVh(tO)_9e0RgA\SFN6kel<kZK=P1M\*%N,8
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
111	192.168.2.16	49876	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	522	OUT	GET /gui/71288.1829e1a8db7a3e06e295.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b52b1b74a55f81eb69051193a96dd6e3 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:04 GMT Expires: Sat, 18 Oct 2025 08:55:04 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521339 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 31 0d 0a 00 0d 0a 30 66 66 61 0d 0a 00 00 02 ff ec 5c 5b 97 db 36 92 7e df 5f c1 68 36 3d 62 96 64 53 54 4b 2d 51 96 13 8f 93 ec e6 9c 64 b2 6b 7b f6 c5 eb 33 a1 48 48 62 9a 22 79 48 aa 2f 91 f5 df f7 2b 5c 48 f0 d2 dd ce 65 f7 29 56 62 ab 51 85 42 a1 50 a8 1b 80 1e 1d 4b 66 94 55 11 87 d5 68 35 2e 59 b2 75 ee d8 26 0f c2 9b d7 fb 63 7a 73 5b fd f3 18 ff f3 10 c4 e9 fa 09 d8 c7 8f ef 3f 98 4e 7e 2c f7 e3 f7 ef af 27 de 62 f1 c1 3a 79 b3 e5 72 e1 8f 0b 8b 59 95 b9 7e 79 aa c6 cb c5 72 62 ae 6e 83 c2 c8 d6 d5 f8 6a 71 ed 5e 99 56 80 af 93 f9 fc 6a 66 5a 1b 7c 9d Data Ascii: 0000000100000001000000010000000100000001010ffa\[6~_h6=bdSTK-Qdk{3HHb"yH/+\He)VbQBPKfUh5.Yu&czs[?N~,'b:yrY~yrbnjq^VjfZ\|
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 2e 09 44 18 79 90 2a f9 48 ed 36 b6 a5 3d 17 9b 40 a3 25 a4 79 49 f8 43 84 ab 2c 4b aa 38 d7 28 0b 01 f7 59 28 8f db 16 0b 92 30 2d c7 80 f4 47 24 7e 7b cf 02 6c 41 03 0a 0b 5d 7e 20 ad e5 02 ae 95 d6 1a 6d b2 02 18 d8 9d d8 f0 07 23 1f 56 ec de aa b4 8d ae be 46 09 d6 28 e1 ba 65 c0 46 f5 ad 47 5e da 9e 30 33 6d 5b d0 a8 d4 e0 6c 74 3b 23 27 a1 ec dd af d9 78 d4 87 6f bb d2 c9 59 1a c6 c9 77 d0 12 6d d3 68 5f fb 06 81 4b 74 93 45 0f 10 13 94 b7 2d 49 70 c1 1b ea ed 0a 17 ca 1b 14 9b 72 bf 0e 3b 13 53 17 61 0e 11 e6 24 c2 5c 29 58 9e 04 21 db c3 80 62 a5 76 49 76 c7 55 54 53 40 0d 6e 84 59 62 4f 3c ae 4f 42 e5 2e 73 e8 dd 9f a4 06 64 39 28 ab 9f 4c d3 d7 1c 26 ec ec 78 47 8b c1 f7 bd dc fe c0 11 ab dd 75 c8 e6 f9 bc ba 1d bf 47 ff c0 c9 65 94 07 5f 42 7e Data Ascii: .Dy*H6=@%yIC,K8(Y(0-G$~{lA]~ m#VF(eFG^03m[lt;#'xoYwmh_KtE-Ipr;Sa$\)X!bvIvUTS@nYbO<OB.sd9(L&xGuGe_B~
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 2d d0 a8 af b4 1c c9 2e 76 1b df 98 4c 2c e3 fa da 32 bc c9 42 f0 21 47 14 d0 19 20 93 6b 0f 28 52 5e 34 b2 00 b9 80 78 53 74 9c 4a 5d 91 1c 08 a8 e7 2d 01 9f cc 2c 43 42 05 27 72 cc 25 c8 4e e7 f8 5f 69 ad a8 2d db bc 44 07 4b bd 0f ca 98 e6 ec ce bd cd b5 5c 57 98 d7 2c 85 1a 20 d1 a1 0a b4 86 e5 2d e9 d3 e6 be 87 e3 ce 5d af de 38 98 43 17 01 99 d2 d5 a2 33 93 2e ce c2 85 a6 b4 e7 d3 45 99 47 93 ab 89 9c 55 42 56 a3 37 90 ae 21 a4 d5 4f 22 a8 a5 da ec ec f2 b8 41 8d 92 96 72 1b 45 5b b9 ed 1a a1 e8 18 cc a5 4f 5b 20 2d 78 b8 5d 32 26 e0 7c 41 5b c0 d9 76 aa 76 a3 5a 52 1d 8e ad ea 31 b9 9f e5 a2 b6 c0 01 9b a8 b1 85 00 5a d0 70 8b 8f 18 99 4f 5e 07 ea 1b b0 9e b8 a8 5c d6 93 5f 46 9b c5 56 4d ad d6 08 59 df ac b1 42 8f 3e 1d 01 74 28 6d dc 88 6d a4 a9 Data Ascii: -.vL,2B!G k(R^4xStJ]-,CB'r%N_i-DK\W, -]8C3.EGUBV7!O"ArE[O[ -x]2&\|A[vvZR1ZpO^\_FVMYB>t(mm
2024-10-24 09:44:03 UTC	296	IN	Data Raw: 2c c7 9c 8e 18 15 17 a4 98 b5 4e 0e 0c 25 55 c6 f7 79 5f 5c d4 c4 99 75 86 8b 22 fc 66 d8 e9 53 7b 6b 65 aa 82 05 37 5c 6f ed 7b 72 e7 32 98 68 5a c9 89 cf ae e7 75 98 d1 40 0e 28 48 5d cf 17 03 10 f2 61 cb 25 3c 50 8f 1a f7 ea a8 f5 0c 81 38 0c 41 7b 7e 7f 46 c9 8d ae 4b 9c 70 24 7f ef c3 ff 1a b4 2a 2b e1 a9 50 40 fa fc ec e0 aa 9b b0 6b 74 e7 4d ea ba 7d 8f 90 a1 15 6f 68 30 ee c1 b4 60 03 20 dd 30 18 92 55 d5 dc cd 2e 54 bb 4a 2e 50 6a 6a 7a e8 b6 03 1c a8 dc 02 7d 84 29 6c 2c 37 cf 11 78 a3 8a 43 80 44 21 1e 37 2f 38 7b 43 f4 d5 d0 95 3b 57 7a e8 da fc eb cd 3a 19 61 32 e5 90 4f 11 54 c1 5b 97 a2 68 d7 48 8a f0 57 8e f7 34 61 15 8b 7c 7a bc 84 99 2b 83 66 6b 51 86 26 3d 61 cf b8 87 6e 62 31 1e 8f 89 c0 aa ed 2f 49 13 44 0f 11 b9 51 44 0e af e9 20 0e Data Ascii: ,N%Uy_\u"fS{ke7\o{r2hZu@(H]a%<P8A{~FKp$*+P@ktM}oh0` 0U.TJ.Pjjz})l,7xCD!7/8{C;Wz:a2OT[hHW4a\|z+fkQ&=anb1/IDQD
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a c7 0d 0a 30 30 30 30 30 30 30 31 0d 0a a1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 31 0d 0a 89 0d 0a 37 35 36 0d 0a 21 f5 a9 8f 23 00 38 bb d7 fc 52 0b 4b 03 98 2b b1 36 2d b8 d4 32 ee bc 84 87 a5 d0 9e e1 e2 f4 90 df 5d b5 5d d8 4a 99 1e dc 19 2f 50 82 e0 57 63 c8 cc ad b8 a3 19 68 2d ed 5e 63 af 41 28 92 df 62 b3 a5 cc 22 6f 69 4b 5e d7 3e 53 39 33 a9 c1 43 94 94 12 6f 50 b9 de 15 19 ca fa 72 17 b6 91 77 08 9a 28 e3 89 79 44 c7 85 65 a0 60 81 1b d0 41 c9 e0 43 6d 04 14 56 97 c6 00 86 b6 e9 86 a0 6a 5b f4 60 cf 85 98 22 e4 34 4f dc d2 69 9c 72 5f c3 ed 5f 2b da 6a 4d 4e cb 5a 21 b1 27 e5 20 77 38 a4 a1 cb b9 bd 44 7d 2b 60 0a Data Ascii: 00000001Z00000001000000010000000100000001f0000001756!#8RK+6-2]]J/PWch-^cA(b"oiK^>S93CoPrw(yDe`ACmVj[`"4Oir__+jMNZ!' w8D}+`
2024-10-24 09:44:03 UTC	554	IN	Data Raw: ce 23 cf 84 4f 9d 76 9f b3 a8 1e 11 b7 28 c8 47 f3 f2 fc cf 4e d8 b6 f2 f9 2b fa 66 77 c2 94 d9 5e ed 9b f9 15 84 16 09 3c 24 ad a1 e4 33 da 40 3c 33 57 50 9c a0 d3 55 a3 2e 85 95 8a 53 f9 e0 5d 28 46 c7 c3 df 0e 89 ce 30 6d 0a 1d 20 08 e0 d1 70 4d 80 8e 95 bb 63 d4 fd e5 3a 75 e1 20 81 37 f4 2d 12 6e 7b 96 78 10 5c 83 1f 99 06 3d 17 f7 4e f8 bb 37 fc d9 e1 4f c9 39 ac c7 3c bd c7 e6 27 55 74 ee 2e ae 70 b5 86 96 ef b6 05 8a 4c df 71 85 b7 85 d3 35 7a b5 01 38 75 20 7e 0d 69 f5 a7 94 50 99 fc 3a e1 17 7e b3 b1 57 f2 42 97 96 ee 52 88 df 3e 74 68 fb 06 fc ce 93 9a 9a ae e3 5a de 41 23 53 04 56 e3 69 f9 66 07 4d 6c 8f 2e e6 73 3c b8 ce a2 47 fd 09 5e c4 f0 2d 8e fa 89 78 bd 9f f5 e9 36 8c 3d 52 93 68 f2 ee 1e 6a 3d 89 46 da 3a 69 ba 3f 32 37 4c 6d c9 fa 14 Data Ascii: #Ov(GN+fw^<$3@<3WPU.S](F0m pMc:u 7-n{x\=N7O9<'Ut.pLq5z8u ~iP:~WBR>thZA#SVifMl.s<G^-x6=Rhj=F:i?27Lm
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
112	192.168.2.16	49877	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/11358.f3f57088de337b2eacd2.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 5cbdace784c19db092b60f063498435b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:49:01 GMT Expires: Sat, 18 Oct 2025 09:49:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518102 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a fd 0d 0a 30 66 66 33 0d 0a 9b d3 46 f2 e7 ef f7 57 08 27 cb da 89 2c 6c cf bb 27 86 90 81 dd e5 02 21 5f 06 f2 7d f6 c8 3c 20 db b2 ad 60 5b 5e 49 9e 61 62 fc bf df a7 aa ba 5b dd 92 3c 0c 5c 36 77 cf 2d 21 09 33 fd 5a 5d 5d 5d 5d af ad c6 3a 8b bc 2c 4f e3 51 de 38 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}000000010ff3FW',l'!_}< `[^Iab[<\6w-!3Z]]]]:,OQ8
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 32 c0 2a 8d 2e e3 e8 ca 2c 13 00 d7 0f f1 b3 34 54 83 dc 73 97 8b 61 09 6f 0a 55 1a 25 56 11 61 b3 21 90 03 0f 8b 30 1f 34 86 8d 32 94 0a 87 c3 75 9e 27 4b 2f 06 6d 79 c1 30 42 7b a6 83 27 f8 5d 2f e8 3b 35 bf 34 35 d8 a7 59 f2 78 e5 85 cb 18 53 44 63 6f 1c cd c3 eb 41 a3 d3 b8 ff 03 88 4b f7 52 cd d0 ed 1e 40 74 61 af 01 34 fe 53 01 7d 92 87 d8 ba cf 04 75 fd a7 82 fa 8a ce d6 1c 1c e5 73 31 fb af 75 42 f4 5f 22 d6 7f 27 19 fc 17 cd e8 0d e7 c9 e8 dd 67 a2 78 04 e6 f5 a7 82 7c 86 09 3f 02 b1 22 e3 1a 6a 06 ff 04 d3 5a e6 90 83 a2 94 d8 54 ae 38 aa f0 38 f5 8b 39 fd 74 36 b9 7d 9a cc bd 61 92 62 7f db 1d 6f d5 ee 34 3c cd c3 85 45 7d 1f 2f 57 6b 1c 62 f9 cd 61 df 52 f4 00 ec 7b 1c 59 07 56 4f ac 8e 1b b1 58 c5 7b 1e c5 97 06 00 c3 8e 2a fd e5 a4 ca 12 df Data Ascii: 2.,4TsaoU%Va!042u'K/my0B{']/;545YxSDcoAKR@ta4S}us1uB_"'gx\|?"jZT889t6}abo4<E}/WkbaR{YVOX{
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 8b ac 1d ae f3 a4 e1 b9 1a 60 d9 48 70 ce fb 05 0b 8e 31 01 39 4a 30 34 c4 ea a6 4b 91 43 1d aa 68 9e 84 63 dc 3d ea 37 87 16 5a e0 ae e7 37 72 57 9f cc 7b 31 e0 88 fa ac b4 c0 ce 07 ea 21 da 6d 10 e3 3d b3 19 af b3 8d 05 2b 3b 1b e8 29 ea 59 99 26 1a de 48 1a b3 b5 f5 bb 27 87 dd 5e 8d d9 9e 1d 17 e2 4a 80 5d bf 0b b3 3b d9 ed 95 09 9f ec f6 ca 84 5f b2 db 9f f4 0e bb b0 cb 93 dd be 7b b0 d7 43 37 32 dc 9f ec 77 8f c4 6e bf 4f 6e 02 63 b7 3f 54 cc 73 ed cf 60 9e 67 6b bc 36 82 7b 97 da b2 ed c3 08 0f c3 f4 26 4f af 59 9a 85 69 fb 75 76 01 bb 35 1c 05 a1 16 ad 49 67 20 31 46 c8 d8 e3 2b 29 41 c1 36 0c c6 c9 32 7a 90 37 e7 ad 3e 4c d6 8b 38 23 b9 33 4b e6 97 11 8a 82 7c 16 2d 59 56 d8 92 d5 7c fa 85 6f ff 41 7c 7b 32 68 ae 4b ac 3b b3 6c fe 9b 6c 96 ac e7 Data Ascii: `Hp19J04KChc=7Z7rW{1!m=+;)Y&H'^J];_{C72wnOnc?Ts`gk6{&OYiuv5Ig 1F+)A62z7>L8#3K\|-YV\|oA\|{2hK;ll
2024-10-24 09:44:03 UTC	386	IN	Data Raw: 2f 72 02 a2 e1 2d 93 78 f9 4e 21 a5 1c c2 01 fc 88 c7 f3 cd 9c dc 77 05 86 2c d8 2b cb 1c ab 60 bf d2 ba 86 58 d7 90 10 59 b3 2c 77 c7 bc 62 29 69 3c 9d e5 7a 0b 6b a0 63 d1 ca 9a b0 d5 6f 34 e8 bf 12 35 d9 f8 5d 01 8e 15 e3 77 75 ff 25 f4 2d 44 8b 09 99 c7 d9 f2 af b9 97 ac f2 78 01 fd 65 cc 62 ac 50 36 c2 9e 2e 63 44 32 7c 77 6f 45 5b dc ea 5b c4 b7 c6 70 6b 1e 2e 9b 27 b9 b7 84 bf 71 d0 88 96 10 cb b5 a0 d6 b8 0f ea 40 1d 77 75 dc c5 5a c9 d7 44 6f a9 f7 6f f8 90 b1 7a 2f f2 e3 1b dd 48 b4 37 fd 9b a2 27 69 4e a6 b5 c5 8d a6 35 b2 9f 5d da 97 ae 9c 11 73 d7 7e 62 6f 0b f3 c5 15 b7 6b 8c 1f 10 4b 10 85 10 ae 0b eb 9e e1 1d 6c d8 73 00 d3 0b ac 8e 5b 5c b4 4e 07 83 a0 6a 8f d5 4e 27 8e 33 02 9f 87 5b a2 c2 5e 05 f5 c3 29 93 10 57 50 7d 75 31 a5 e3 7e 13 Data Ascii: /r-xN!w,+`XY,wb)i<zkco45]wu%-DxebP6.cD2\|woE[[pk.'q@wuZDooz/H7'iN5]s~bokKls[\NjN'3[^)WP}u1~
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 7f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 78 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a d7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3d 0d 0a 30 30 30 30 30 30 30 31 0d 0a b6 0d 0a 30 30 30 30 30 30 30 31 0d 0a a4 0d 0a 30 30 31 0d 0a 1e 0d 0a 32 37 65 61 0d 0a 05 f0 2f 1c f3 fd 9b 05 30 d6 d5 81 c5 95 62 be 7b bd e3 13 15 60 7d 70 88 60 6b 0a b0 46 24 b4 08 4a da 78 2b a1 d6 ca 7a cb a1 d6 07 bd 0e 9a 92 c9 56 59 6f 39 d6 5a ac b7 14 6b 7d d8 3d ea a1 01 c5 5a 77 0f 60 17 96 58 eb 93 c3 93 63 18 75 67 d4 8d cd bb 14 5f ad cc bb 97 54 08 10 10 b7 3d a5 52 09 cb 86 4d 10 81 dd 47 c7 1d 0e cb 46 78 fa 3e 80 45 c9 c1 41 ef 18 c6 9e 6b aa e6 28 72 2e 3d c6 0a e8 07 36 50 d3 0f 2c 07 d2 0f 7b c7 7b 27 18 19 Data Ascii: 0000000100000001x000000010000000100000001=000000010000000100127ea/0b{`}p`kF$Jx+zVYo9Zk}=Zw`Xcug_T=RMGFx>EAk(r.=6P,{{'
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: cb b4 85 c0 bc 86 d5 1e 11 d4 e4 ad 54 7b 0e 4f a8 73 7a c4 10 e8 52 48 71 7c 2a e3 ba 14 d6 3a 05 17 d6 23 47 90 b9 5d 22 e2 fb b8 9e 7e 40 0e 7f a7 db ba 4c 3a 4f 71 f6 40 85 d2 d3 bb 9a 41 8e 65 ba 99 42 14 40 c2 36 87 b7 90 3c 30 49 d6 e0 8d 42 54 71 0a 6b 27 18 6a 89 58 f4 ec 9f 48 27 4f 40 27 4f 98 4e 70 1b f3 18 42 1c 8b 98 b2 0f e6 5e 40 bc ee f9 44 a0 d7 c4 f2 bd 34 b4 b3 49 bd ef 69 97 db 4e 11 5f d6 67 94 72 4a 32 8b 3e fc 10 34 9c a9 98 7e 36 44 8b c2 10 9d 85 6c 85 82 e0 92 87 8c cd 40 f0 78 76 e9 2b cc 2b 85 f5 04 26 e3 15 b4 a5 c7 d7 cc 76 7f 37 59 a9 ae 12 5e 91 9d ee a4 2a a6 1b 76 72 9d 9f 15 14 a2 d9 c8 2f 49 4e 1c 40 22 4b 2b 14 40 6a 05 d2 c6 b9 b7 07 a9 8f fc be e0 38 f0 58 10 03 11 42 40 9a ee 02 db ed 5e 3b d6 61 7f 8c 4d 7c ac 37 Data Ascii: T{OszRHq\|:#G]"~@L:Oq@AeB@6<0IBTqk'jXH'O@'ONpB^@D4IiN_grJ2>4~6Dl@xv++&v7Y^vr/IN@"K+@j8XB@^;aM\|7
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 3c 53 5a 3c cd a4 7b 02 32 68 e2 4a c0 77 e7 d3 c5 10 84 20 32 95 8c c3 62 4c a4 71 b4 81 02 0f 3f 68 0f c6 b2 6a 9b b5 f6 08 17 c5 92 1e 88 a8 ec 91 65 11 38 3f bb 01 72 33 63 73 33 47 c8 4c de ef 22 12 8a 96 61 2a 20 e3 a9 4d 62 cc 59 35 bc 18 2d ee 85 55 38 2d 91 0f f1 68 77 c2 92 07 ed c3 07 84 4b eb 65 ce ab dd ad 65 ce ef de 9d 3b cb 04 11 37 57 0f 84 1c 8b 23 5f bf d2 95 6f 99 34 4b ab b1 fb 22 24 88 a9 ec 85 61 21 4d 9d a2 42 c7 55 27 94 48 d6 ca a3 22 30 9d a2 fe d9 bb a8 4e b2 9d a4 31 86 e3 a1 ec 13 c4 c3 2a 1a 69 94 95 41 e2 1b 96 23 5c 1b 52 5f a9 da 36 ed 17 0f db 39 ac c5 4a dc 30 49 1a d6 92 91 c5 c9 fe 50 7a 36 04 c7 92 ad bc 10 24 c7 f5 5e c7 41 8e 83 a8 8e 98 8d 9d 5a 1a ba 2d 66 e9 6c df 41 90 95 de 6d 04 d0 96 7d ae d6 6e 4f ee de 9d Data Ascii: <SZ<{2hJw 2bLq?hje8?r3cs3GL"a* MbY5-U8-hwKee;7W#_o4K"$a!MBU'H"0N1*iA#\R_69J0IPz6$^AZ-flAm}nO
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: c0 12 6b a8 03 60 b2 04 a6 c8 01 5e ed e4 13 c8 c1 c5 27 61 f1 05 ad d8 da 29 da 4e d9 25 3e 42 84 95 4c 9f 9f 5a 18 6b b6 41 b0 48 27 c7 20 a0 1e 17 ff 47 98 a0 a5 eb 63 42 60 d2 19 61 11 54 e4 52 72 3c b2 57 9b b8 91 d0 1f 5d 64 8a 03 90 d2 71 ca 7e 29 a8 4c ec 94 6a 36 a8 0c 29 43 ad 6d d9 59 5e 3b 02 2b 70 14 03 97 0c de ce f2 7c 95 f5 ef dd bb 8c 53 7a 32 0b 8a 0f 49 e0 f7 b8 c9 bd 08 72 c8 98 de af db 92 a8 17 fd c0 cf 30 0f ba b0 aa e3 b5 ef 01 a9 5c e0 6f 71 f6 08 91 86 fc 14 22 b4 2d bc b3 fa 0e 0a 17 cc 8e 48 7b da be 3d 9d 04 4f 7f 0c f0 86 fa 52 bf c1 15 4f e8 45 43 08 88 e3 70 0e 6a 15 91 cc 2c 4e 40 b3 9d 35 d2 1e 7e 37 f8 44 68 1c fa a9 d6 2b c7 5d 19 09 c0 e6 e9 4f 9c 45 34 56 49 b3 bf d9 19 43 c2 3f 8a 3c 94 1b 9a 3a 06 9f 5b f5 60 28 e0 Data Ascii: k`^'a)N%>BLZkAH' GcB`aTRr<W]dq~)Lj6)CmY^;+p\|Sz2Ir0\oq"-H{=OROECpj,N@5~7Dh+]OE4VIC?<:[`(
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 28 d0 e1 d6 07 b2 a1 b4 16 ba 00 35 9d ec 18 43 ef 93 33 84 a2 89 f2 10 16 de 6d 40 09 18 81 53 84 8a ca ce 74 7b 75 5b 63 ed a7 7e dd 4d 7a 96 f7 29 5b cb a7 5b d4 1c c8 67 90 67 d2 ea 5b 8f e9 73 28 7a 37 63 7c 90 40 de 97 b3 b1 c7 98 e5 fb 48 86 94 dd b6 37 4b ef b5 3a 29 73 5c 20 ea 10 ca 6d 6e 50 1c d6 03 c1 5f ab 31 64 a5 f6 55 7d 2f 0e 96 c3 3e 24 62 be a5 eb 2e 4c 60 3d c4 15 8f b3 52 3f b6 7a 4c 59 58 07 ef 43 cd c0 18 c4 bd 0f f8 7b 7b ff a6 fb c0 88 03 86 01 d2 0f 6d 31 69 f1 72 81 0a b0 78 c1 36 e4 61 2d bb c8 02 4d 77 42 8a 77 27 46 58 5d 9a 87 4b 45 53 5f 91 00 83 8f b5 49 5b 0a 3e a5 ec ee e5 b8 7c f0 86 53 c1 88 ec 13 38 d0 6d 38 af 99 da 40 5e 7a d9 10 6f f7 e1 b3 93 51 7b 18 e5 57 30 ee ca 0a 0c 48 f7 e1 f0 c1 47 e0 04 34 e4 da 18 89 c9 Data Ascii: (5C3m@St{u[c~Mz)[[gg[s(z7c\|@H7K:)s\ mnP_1dU}/>$b.L`=R?zLYXC{{m1irx6a-MwBw'FX]KES_I[>\|S8m8@^zoQ{W0HG4
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 94 a9 ef 81 33 85 4d bd 32 b5 c6 4e d0 3d 68 ed a8 82 ef 41 6e 49 fa 12 2e 03 34 09 17 78 fc d2 52 84 4b 18 a8 74 60 e1 af 8b c8 98 f2 48 da 5c 86 a3 6f 55 39 52 7e 37 d0 f7 1b cd af 6c 34 b8 0b 71 b9 2a 5a 2f 94 1d d9 9c 3d b0 54 62 80 fb fb d6 98 43 d8 72 8b 9b 90 bb e0 78 30 97 76 70 21 5d 34 73 33 f3 19 d6 e4 d6 d4 50 43 c1 35 34 ac 78 98 72 b4 af 59 a8 39 56 5c 2b fd 0f f6 7d ef 10 f4 74 a4 6e c2 62 08 81 fa 64 12 4e 86 02 98 5d a5 a0 df c7 65 d0 3b 40 f7 de 81 12 49 e0 00 c9 63 3c e1 67 a0 3f ec 1d 8e 8e 15 36 dc 4a 19 e3 e4 18 f7 49 87 fe a7 2f 0d d3 8a 21 88 46 51 34 29 f7 37 e8 23 5c f7 f6 d0 bb a7 31 4e 8f da c1 56 ad e7 d7 ee 02 26 23 6c ee 3b 5d e1 6c 63 51 21 40 95 b7 91 eb 2b 26 a7 62 4c 36 5d 99 91 ed 7b 9e 7b 5a d5 32 7e e5 72 a6 6f 82 16 Data Ascii: 3M2N=hAnI.4xRKt`H\oU9R~7l4q*Z/=TbCrx0vp!]4s3PC54xrY9V\+}tnbdN]e;@Ic<g?6JI/!FQ4)7#\1NV&#l;]lcQ!@+&bL6]{{Z2~ro

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
113	192.168.2.16	49878	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/74278.4e291418bc556b622962.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: c01d8a218c4755dd3a65feeed4b202dd Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:09:08 GMT Expires: Sat, 18 Oct 2025 13:09:08 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506095 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 66 66 32 0d 0a db 46 92 f6 f7 fd 15 30 32 f6 00 1b 10 22 c0 3b 29 58 71 64 67 9d b3 72 9c b5 14 cf 4e 14 bd 0e 48 b6 44 c4 20 c0 05 40 5d 46 e2 7f df a7 aa bb 01 f0 22 4b f6 24 f3 9e 39 3b 39 b1 89 be 55 57 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001k00000001w0000ff2F02";)XqdgrNHD @]F"K$9;9UW
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 78 d3 92 15 b6 b5 59 5d ae f8 aa 97 65 a0 07 3a 91 2b 49 4a 17 f4 77 59 34 96 51 03 60 92 69 98 4d 1b b5 ee ed 95 e3 35 bb de 7d 7b 47 e4 4e 21 c7 6e 5f f4 86 16 f6 95 23 e7 e5 09 7f 9c 38 ef e6 fc 71 ec fc f7 82 3f ae 9d 9f 73 fe b8 74 fe e7 9c 3f ae 9c eb ff e0 0f 4c 12 ef 25 b4 07 75 07 dd a6 27 f7 20 df ef 0f b0 1d d1 1e d4 ef b5 da 3d 1b fb 07 36 29 df 6f 77 6d 27 a4 9d a9 db ef 74 ec 11 cb 46 23 0e 4e cd f3 28 2e 44 66 3a 66 1c cd a3 c2 3c 73 26 db 99 8e 99 66 58 a6 28 9c a1 10 92 25 2a 6e 3e c4 51 8e ea 23 bd 8f 18 53 da 1c b4 cc 30 74 36 49 52 6c 44 cc 14 6e 94 f3 2f f2 6c 2d 43 57 48 dc dd 55 b5 09 04 09 c3 28 90 12 b0 38 a0 df a1 b9 84 48 a2 8d 60 6a 3e d1 7b d9 f1 cd 7c 9c c6 cf 9e 15 a7 f2 cb 8d 30 90 10 d2 fe ec ee ae 38 35 bf f9 46 a7 81 25 Data Ascii: xY]e:+IJwY4Q`iM5}{GN!n_#8q?st?L%u' =6)owm'tF#N(.Df:f<s&fX(%*n>Q#S0t6IRlDn/l-CWHU(8H`j>{\|085F%
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: cc ad 5b 49 e5 61 ee 30 98 61 b2 82 ed a2 44 d0 76 7c db a1 c3 1d 54 c5 d5 4a 22 79 ac 91 b4 d0 47 ea 16 1e f5 21 f1 c3 1c 6c 61 98 95 18 12 ae ac 0d 28 5c 27 a4 b6 2b b1 0a c5 3b 23 41 9e 43 2e b3 d6 ce 47 ca 27 4f 48 f3 f6 ed 53 ef 0c 38 6d 1c 34 65 91 9a 6e 1c db c5 69 f3 6c 35 c4 39 5d a0 fa ca fc 15 b2 d8 fd 2d 8d 12 cb 34 4c 1b 8a 70 8e bd b1 d4 ee 9d 25 c8 95 3b 33 db 59 6c a2 b0 fc a3 50 b8 09 e2 03 35 11 3f 8a ec 15 23 c3 73 80 59 20 aa 3b f8 5b 4f 47 48 d8 33 97 f0 d1 9a f7 08 35 54 a5 eb 48 16 dd 60 6a ac 44 c9 ac a4 d0 df dd 49 89 45 35 85 0b 13 d1 07 49 80 b5 4a da d4 22 4a f2 5a b7 d1 14 cb 45 11 2b 9a 3a 6c 94 a8 72 58 ac e2 18 52 ab 01 dd 0c a6 c3 7c 78 5a b8 58 fa 1f e2 34 fd b8 5c e4 8e 4c e5 cb f1 3c ca 73 32 44 9d 61 54 36 ba 87 3d 0a Data Ascii: [Ia0aDv\|TJ"yG!la(\'+;#AC.G'OHS8m4enil59]-4Lp%;3YlP5?#sY ;[OGH35TH`jDIE5IJ"JZE+:lrXR\|xZX4\L<s2DaT6=
2024-10-24 09:44:03 UTC	401	IN	Data Raw: fb 49 a6 d1 b0 2c bb 21 fd f1 a4 50 e9 7e ab 42 d6 83 68 21 7c 17 5d 8b a9 e5 91 1e eb 35 9b 58 56 b2 79 ba 24 2d 1e 47 08 38 10 10 7a b0 86 e1 b3 67 13 38 3e 4b 84 ad ed 1a 04 6d 20 3a f6 0a be d0 1d 14 51 b4 da 5d e8 3c 08 7c 17 d1 e4 e6 23 4b ea 14 31 9b 6e 53 79 d5 d7 67 40 36 80 b1 ed d3 11 04 e1 af fb b3 d6 f3 fd 3c 4e 0b f8 d0 f9 87 7d d8 f9 fe 1e f2 8d 7d e9 5a 85 b1 ec 02 e7 5c 32 02 22 5e 41 64 73 b8 c0 0a 81 06 eb c5 65 28 40 0d 43 72 72 e3 6c c7 06 1e 3a 1a 4b 47 ef a4 ee d4 ae d5 ae bc bd 38 07 a9 56 bb bd bd aa 11 39 99 27 f0 f2 f6 7b ed 7b 65 9c 96 6d ca 0f 4b 11 42 2a 58 88 bc b3 2a 58 88 bc b3 5d bf 0f 77 14 7b 67 fb 1d 9f b8 25 66 47 ed a0 0f f7 ed 84 9a 75 fc 36 fc bb 33 6a 06 b7 32 5c ef 94 e9 79 1d 7c 2e f1 d9 6d b7 bb 5d 29 1c 17 ce Data Ascii: I,!P~Bh!\|]5XVy$-G8zg8>Km :Q]<\|#K1nSyg@6<N}}Z\2"^Adse(@Crrl:KG8V9'{{emKBXX]w{g%fGu63j2\y\|.m])
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a b7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 19 0d 0a 30 30 30 30 30 30 30 31 0d 0a a2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5e 0d 0a 30 30 30 30 30 30 30 31 0d 0a a1 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 45 0d 0a 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a f1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 72 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9e 0d 0a 30 30 30 30 30 30 31 0d 0a 50 0d 0a 31 35 38 64 0d 0a 60 0c 57 19 53 85 00 3b 29 1c 33 08 1d 82 e5 87 b3 e7 f0 67 23 88 21 b8 3d 7a f5 dd c9 Data Ascii: 00000001000000010000000100000001^000000010000000100000001!00000001\|00000001E00000001f00000001]00000001000000010000000100000001r000000010000001P158d`WS;)3g#!=z
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 12 70 5d ae f1 29 71 5d ac 95 42 4c af 96 dd eb 87 e7 fe 11 55 76 8b c2 31 58 63 bc c9 1a c4 cf 3b 39 01 47 57 e2 7e 5c aa 49 c9 7a 6c f9 bd a6 5d 67 1f 6a 88 4d 24 6c 14 b8 ae 54 44 8b 06 dd e3 da bd 62 be 99 a7 b8 38 9a 92 86 bb 63 45 55 82 84 40 42 a4 ee 60 08 ca 7f fc 92 df d9 0d 81 d8 39 d0 06 0e ca 8d f6 d6 d8 aa 45 5e 93 7e 04 64 9f 06 6a 40 d9 8a 03 73 b2 cc 60 e8 2f 26 69 9c 66 e6 73 e5 bc dc df a3 1a eb c3 aa cb 48 b9 13 ee f9 5f fb 4d 07 1b 15 fc c5 e7 2f e5 cd 1e 75 ce 85 e2 49 81 71 47 e2 02 6a e7 11 5d 02 3c 91 34 3e 01 5c 18 c4 e9 2c 4f 53 ac 72 3f 4b 3e 5c 80 09 2e 1e cd 04 c4 01 ff 1c 6c b0 21 1e 68 a2 fe 7f b1 41 cd 37 fd 10 2b 48 e9 80 a5 c6 2b fb 41 c6 c8 ab d0 96 2f 62 0e 9b ee f7 be a6 85 28 a6 ef d2 ab 7a e4 0a 23 20 37 31 7d 2a d0 Data Ascii: p])q]BLUv1Xc;9GW~\Izl]gjM$lTDb8cEU@B`9E^~dj@s`/&ifsH_M/uIqGj]<4>\,OSr?K>\.l!hA7+H+A/b(z# 71}*
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 44 01 de 7d 2d 78 22 d7 e7 8a 66 1b 13 55 46 02 6b ad 84 62 9e 2d f3 30 8c 27 4b f2 2c 1a 94 36 c6 b8 f0 62 e4 18 a3 a0 c0 05 2d ed ef eb ed 1e 46 62 f9 c8 fb 39 c7 db b8 f2 24 07 a6 2c 60 06 61 58 6b 67 7e 49 af cf e0 3b a2 a8 82 23 8d 29 ba 07 86 fd b9 80 b6 79 ab 54 66 55 60 45 e9 f5 50 04 51 f2 ad ce 31 a5 46 b9 d3 60 a4 ce f7 78 71 47 2b 9e 52 2d 56 27 dd 69 4a cf 22 5a b8 25 12 95 03 93 94 d3 25 6c a1 cd 5d 66 2f 1e e4 5a df 35 9d ad ee ba c1 b5 1b 1c b0 d7 09 f5 c5 00 01 89 ee 42 93 ad 4a 72 05 9e 71 e4 0b 89 7c df a8 d2 de c9 08 a6 82 ff e9 11 13 04 53 23 74 01 e1 2e 8a 94 8c bc 8c 1a 4b 9e 7b 38 c1 93 05 ea be d0 b1 d0 e1 c0 b0 bf 92 9d e1 fe 80 b0 e1 43 30 fe 81 d1 67 e5 65 7c 15 6d 13 e5 74 c7 e1 02 6f 86 a8 69 a8 e2 c9 b6 a2 d2 78 8c 1c 44 84 Data Ascii: D}-x"fUFkb-0'K,6b-Fb9$,`aXkg~I;#)yTfU`EPQ1F`xqG+R-V'iJ"Z%%l]f/Z5BJrq\|S#t.K{8C0ge\|mtoixD
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 5e 9e ee f7 bb 03 ba 3c ad 37 9c 51 ec 46 78 6e f9 05 f2 d6 08 8d d0 e8 5b c9 99 e5 b0 36 d8 7a 85 2a 7c 40 c2 93 af 90 fc 4a 96 97 b5 39 13 8f 3d a5 2c 86 ed d5 57 35 f7 89 53 4b f8 4c 8f 46 0a 61 8d 10 f4 a1 eb e3 81 69 7d 51 68 a8 57 f0 fa bd 1d 07 d2 ab 89 c7 34 d6 60 6e 90 35 4a ce d3 b5 0a b2 9f 6a 92 a8 02 47 24 36 f0 0e 31 7c a7 f0 6e 29 78 d2 25 a4 70 e4 84 8f 17 a5 1f 89 d3 88 59 81 76 a8 35 68 b8 36 92 a5 1f c5 7a f7 6b 1d fa 3b ab 6c 62 a8 78 ae 16 af bd 73 dc 5b d5 1e 35 7a 52 7e 39 e2 7f 27 2a f6 a8 9c a3 f6 aa c6 a2 f1 ca c1 dd fb 6e 8b 5e a6 b9 25 43 f7 02 ef b0 e5 c1 9f f9 62 c5 65 24 ae be 4d 11 43 dd c4 e6 df e9 e2 7f 53 05 46 ca 43 f4 f5 3c c6 fd 48 73 56 14 8b e1 de de d5 d5 95 7b d5 c2 b3 42 17 7b b8 e3 df a4 9b 02 e6 73 92 b0 fb b4 Data Ascii: ^<7QFxn[6z\|@J9=,W5SKLFai}QhW4`n5JjG$61\|n)x%pYv5h6zk;lbxs[5zR~9'n^%Cbe$MCSFC<HsV{B{s
2024-10-24 09:44:03 UTC	113	IN	Data Raw: a1 e3 36 fd 36 f0 c7 98 a8 46 28 ae 55 43 23 6a 00 10 d4 2c 46 cd 1e 5a f5 48 83 68 11 4a 7d 07 5f 1e 23 87 2f fe fd db ae b1 d0 04 60 54 e6 6a 05 6f e9 bf ed ed 7d 05 43 01 5d ad 86 cb 60 01 73 05 4c 73 01 ff d3 76 6e 5b f8 d8 b2 bd fe 78 02 31 39 ee fa fe a0 eb bb bf e1 3d e0 70 f1 bf 00 00 00 ff ff 03 00 6e 01 c1 d4 41 6f 00 00 0d 0a Data Ascii: 66F(UC#j,FZHhJ}_#/`Tjo}C]`sLsvn[x19=pnAo
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
114	192.168.2.16	49879	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	522	OUT	GET /gui/45428.d50e11e1e27c0917ea14.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 70fdc75292dc02fbcbfeff82d6cd7373;o=1 Content-Encoding: gzip Server: Google Frontend Date: Sat, 19 Oct 2024 01:12:21 GMT Expires: Sun, 19 Oct 2025 01:12:21 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 462702 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 66 66 38 0d 0a 02 ff ec 5c f9 73 db 46 96 fe 7d fe 0a 18 4e 14 22 01 20 f0 26 21 d3 8e 22 cb b3 aa 91 ed ac ad 64 6b 56 ab 92 01 a2 49 22 06 01 2e 00 ea 08 cd ff 7d bf d7 07 d0 20 a5 d8 93 f5 ee d6 56 8d 69 49 60 9f af 8f 77 7d fd 1a e6 ba 60 46 51 e6 f1 b4 34 8f 5a 05 4b 66 ee 2d 0b 57 c1 f4 e3 c9 62 9d 7e bc 29 af d7 f1 f5 32 88 d3 c9 1f e4 7d fa 74 79 65 b9 ab 75 b1 68 5d 5e f6 fa bd ce e8 ca de f4 bd 4e df f3 5b a5 cd ec cc 9a 3c df 64 6e Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100ff8\sF}N" &!"dkVI".} ViI`w}`FQ4ZKf-Wb~)2}tyeuh]^N[<dn
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 95 b9 61 9c 46 ad cc ee 8d bd 6e df 92 a9 44 d4 a6 5c c4 85 3b 5d 04 79 39 a1 51 95 ee af e5 2f f1 09 7d 3f 0f 7e bf b7 eb 6c 97 36 d1 84 7f a7 27 3d 07 04 05 22 87 9e f4 9c 6c 45 1b bd 10 99 f2 8b c8 cf d9 7f ae 99 1a 4d cb da 42 18 ae e5 c8 4a c1 10 0c ba 72 8d dd ed d6 e9 76 e9 2e 82 a2 65 12 01 26 f6 8d fc 4a bd 6a 5f 65 3f 58 0e 6c be 8a e0 83 03 fe 48 65 e5 a3 2c 27 bf f1 39 50 15 f8 97 af 37 62 c9 be 2d 39 7f bc 75 90 2f b6 08 f8 9a 7d fa c4 dc 9d 19 c1 84 40 bb 46 2c c7 4a 4b e6 a8 17 63 bb b5 e4 fe 9d 6c aa 0d ec d3 e3 4f e7 bf 9c 5e b7 7d f3 69 77 dc 3b 7d f5 ca b4 91 f6 f7 d3 f3 f3 b7 ff c6 53 5f 1d bf ec f4 5e ea a9 1d 94 3d 39 39 ee 79 1e 4f fd e9 fc f8 e4 6f a2 81 6e 97 a7 fc f5 dd e9 df 79 c2 b0 47 9f 3a 8d 6a be 1c d1 a7 4e eb 22 ed d5 31 Data Ascii: aFnD\;]y9Q/}?~l6'="lEMBJrv.e&Jj_e?XlHe,'9P7b-9u/}@F,JKclO^}iw;}S_^=99yOonyG:jN"1
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: b1 6f 3b 2f de cb 69 69 65 96 fd c4 b3 5c 74 70 1a c0 1d 6c 8c ec 57 e1 26 a3 1a 39 35 fe 67 46 58 bc 90 05 1a 9e 6e 0c d9 5e da 9f ab 0a 32 2c 5f a3 e9 11 82 1e ea e0 9e 13 f9 99 0e 30 b9 0c 72 81 3b 22 7c 82 cb 7a 82 e5 28 d5 42 42 2a aa b9 a7 99 a7 5d a5 a7 90 e3 ad 01 12 4f 14 20 51 7e fa f4 a4 94 ee b6 21 cc 8f 0c b0 81 d8 43 6e 99 fd 9c 13 44 08 29 ca 3d 73 61 b6 3d 99 4c 32 b5 03 33 77 4a ce 2f 76 c9 a7 4f 26 66 30 58 27 a5 c9 f7 af c2 3e aa ae 72 d5 4d 7e 54 2e f2 ec d6 20 6f f7 02 a6 e2 69 9e 43 05 9b 3f fe a8 75 67 2c 61 90 19 0a 92 30 56 8a 0c e3 26 48 d6 cc 85 4b 2e f2 5a 26 60 01 d8 99 80 51 26 ec 85 10 73 fe 9b f5 32 64 39 64 ba b5 05 65 aa 84 72 f7 cd 82 33 51 0d bc 30 c0 3b ec 07 d3 dc 82 2d ac 38 35 ca 07 77 84 58 30 4c 2c fa f7 b1 2e 15 Data Ascii: o;/iie\tplW&95gFXn^2,_0r;"\|z(BB*]O Q~!CnD)=sa=L23wJ/vO&f0X'>rM~T. oiC?ug,a0V&HK.Z&`Q&s2d9der3Q0;-85wX0L,.
2024-10-24 09:44:03 UTC	331	IN	Data Raw: d8 9b 88 95 41 9c f8 1b fa 4a 06 0c e4 00 3d 9e 45 3e db c2 bc 5e ae b2 82 45 64 5a 87 eb 10 e2 b3 e0 96 35 19 00 29 8c a3 92 fd 8d dd 43 0a 02 8e 23 13 1b d4 90 fe dd 63 ba e2 ed 8c 9a 6e 6e 0a 98 2c c5 7a b9 0c f2 7b 18 7f 82 5f 34 3e 95 55 a0 a5 ab 83 45 8a d6 c0 7c cd dd 37 c7 af 4f af 5f 9e be 3f b9 7e 7d fc f3 cf 67 6f fe 2a 51 24 ad 3a ef 0e 95 1b d2 42 99 0a a5 4b 3a 07 d0 b0 12 36 ec bf d5 2e 53 ed 32 5d 6f 02 da d8 95 3d f5 98 a4 90 d4 56 ff 1e ab 7f 8f d5 37 9e 09 04 5c c4 91 90 2b 63 24 31 c2 46 a6 b0 be 78 80 89 c4 f6 60 64 06 ab 82 f2 81 d0 d1 36 31 08 05 43 ec 0a 0b 70 70 56 81 7f 0b 20 a7 d3 8f c6 ad d3 f6 3c 63 1e ac 38 14 f9 2c 8a 6f 14 3a 88 00 14 1c 0b 3a 25 0e 24 29 7c 85 8e 7b 85 6d e9 c0 4c 02 a3 c8 8d 88 1a 0f e0 8d 12 ee 94 9d cc Data Ascii: AJ=E>^EdZ5)C#cnn,z{_4>UE\|7O_?~}go*Q$:BK:6.S2]o=V7\+c$1Fx`d61CppV <c8,o::%$)\|{mL
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 36 0d 0a 30 30 30 30 30 30 30 31 0d 0a 32 0d 0a 30 30 30 30 30 30 30 31 0d 0a 99 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 04 0d 0a 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 93 0d 0a 30 30 30 30 30 30 30 31 0d 0a b2 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 31 0d 0a 77 0d 0a 31 33 35 36 0d 0a 3a d4 42 8f d2 05 3d 00 88 1c 18 cd 04 e9 62 49 14 4e 08 b4 42 a2 ad c0 4c 1f 28 48 e4 8b a9 53 7f 44 a1 7a 75 89 bb 33 98 0e 09 c4 eb 2c 7b bb 2e 01 d5 b2 33 90 05 63 42 9c 52 bb 38 20 59 51 1c 40 20 55 bf d4 73 ba 1f 10 93 4d 0e 0d e2 ca f1 9c c0 Data Ascii: 00000001000000010000000160000000120000000100000001000000010000000100000001j00000001000000010000000100001w1356:B=bINBL(HSDzu3,{.3cBR8 YQ@ UsM
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 81 46 73 87 fd c1 b6 92 ab 76 49 83 a5 43 22 9c 9f bd 17 92 cb 37 cc 1f e4 84 6b a6 d3 1d 45 36 57 87 46 74 80 8c 6e 4d b0 20 80 ff 69 f9 70 9d 7b 78 a3 af e8 9c f2 e1 ec 1b 9c a9 e1 9f 5d 60 54 28 03 e9 23 39 99 54 e8 3c 23 78 8a 8f ab f0 79 30 90 3b 43 ec 79 2b 80 f9 96 03 34 d7 e6 c7 8e f2 e0 f6 27 ce d4 be 10 14 38 e2 b3 11 85 ff f1 9c df 68 f0 3d cc 20 be a1 0b 00 fd 60 73 92 43 ff 7d 66 51 c6 01 dc 12 ba 8c 04 bd 0c 48 c3 df d0 52 fb ed 36 0d ec fe 4b 06 54 00 86 e0 07 4f 04 f5 fd 7f 19 1a ad 9b 65 23 1e 48 33 c1 be 81 3e fe a6 d6 c7 ba 38 90 92 5a d7 ff 27 28 7d 82 d2 0a e6 a9 81 99 af 01 bb fd 29 c0 4d 01 56 c2 c6 db 0d f1 db 87 ba 2a 2b 4f b8 89 5f 0d 72 13 e0 f3 23 60 99 e8 8b 8b 25 43 5c 16 90 41 87 5c 73 28 1b 12 87 37 84 f1 29 8c 4c c4 6e 4e Data Ascii: FsvIC"7kE6WFtnM ip{x]`T(#9T<#xy0;Cy+4'8h= `sC}fQHR6KTOe#H3>8Z'(})MV*+O_r#`%C\A\s(7)LnN
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 91 cf 17 b4 91 d9 9f 75 15 37 aa 25 d5 f3 c1 aa 1d 26 f9 59 2e 6a 23 3b 60 6d d5 b7 98 80 46 ee 74 86 8f e8 99 0f 5e cf d4 19 b0 1a 38 c7 92 ea c1 8f 23 dc da 56 43 ab 76 84 70 56 ea 52 d3 0e 7d 76 26 60 a7 a5 d0 8b 58 28 45 95 98 84 9d 02 e3 f1 34 98 c9 81 56 13 b1 53 66 d6 9f 0e c7 72 eb a9 c9 d8 29 c2 46 c1 30 90 dc 23 27 64 a7 84 2e a6 c4 a4 ec 14 d0 45 10 97 98 92 c7 fa 60 af 8e fc 25 06 cb 05 6c c5 9f 60 51 39 55 84 87 39 30 7e 0a b8 54 79 3c 03 08 f8 9e c7 3f 1b 00 1a 0b 03 e8 b9 69 1b ef b2 10 17 a5 d5 df 97 79 30 2b 6d e3 5f 58 72 c3 80 d8 05 b6 71 9c e3 e0 df 36 ea 56 44 97 bc e9 65 96 66 f0 b5 10 21 5b b5 7c 02 bb 50 b6 5c e5 8a 1a f3 3c 88 62 20 f9 3e e0 a5 14 f1 c9 8e 4a 68 b5 47 58 94 b9 6d f0 77 62 a8 91 c9 31 e2 35 31 78 7d ca c3 59 30 35 Data Ascii: u7%&Y.j#;`mFt^8#VCvpVR}v&`X(E4VSfr)F0#'d.E`%l`Q9U90~Ty<?iy0+m_Xrq6VDef![\|P\<b >JhGXmwb151x}Y05
2024-10-24 09:44:03 UTC	900	IN	Data Raw: 70 af 0e e9 21 6e e6 23 e7 6a e7 8e 4c 1f 69 78 d5 a9 64 f0 e0 05 21 95 49 56 e7 2c 01 de 0d 07 a3 07 72 48 df 8f c7 98 f1 bd d6 b8 05 c4 59 63 3f 8b e7 c1 c1 c1 42 fd 88 4b 1e b3 9c 8e 27 f1 de 83 0c 50 5f 51 d0 0b 57 60 09 e2 05 93 ac d8 78 df 6e ea 70 2a 47 dd 69 71 ee 7c b2 ae b6 5b 84 c7 f2 db 2e 42 65 c8 2f 0e f4 21 8e d8 60 81 79 0a 62 51 39 08 5b 53 7c ab d1 a6 72 a5 b8 40 eb b0 00 6a d3 6e 37 5b 9a 13 95 b9 a5 f2 a5 94 36 c4 80 55 6a 2d 65 f0 e2 57 cd da 54 f9 d2 08 a9 74 a5 74 c4 a4 f9 a1 4a 91 21 dd 2c c2 eb ed 96 6a 68 1a bd 82 a6 81 76 ea 68 26 92 f4 c8 54 9f 01 de 55 71 ab a6 0b c4 ef 0d 58 14 50 6e 29 5e ae 4a 25 e4 01 a7 5f 51 ab 9a 13 ab 62 1d a9 f0 26 ae 23 8f e4 a4 ed 95 16 e9 56 43 e3 55 85 c4 9c 56 f8 82 2c a5 b4 42 be 0c 12 51 4f 5a Data Ascii: p!n#jLixd!IV,rHYc?BK'P_QW`xnp*Giq\|[.Be/!`ybQ9[S\|r@jn7[6Uj-eWTttJ!,jhvh&TUqXPn)^J%_Qb&#VCUV,BQOZ
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
115	192.168.2.16	49880	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	522	OUT	GET /gui/26044.e227fd5c65cff1753dd6.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 3bddcc72715e53635b1dde8043a88f4f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:46:34 GMT Expires: Sat, 18 Oct 2025 08:46:34 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521849 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff ac 5c 69 73 db 46 9a fe be bf 02 e1 26 0a 91 02 20 dc 07 65 da 93 51 66 76 5c a3 24 b3 76 26 5b 15 af cb 01 c9 a6 88 08 24 58 00 a8 23 34 ff fb 3e 6f 1f 40 83 a4 9c 64 2b 56 22 11 7d be f7 d5 0d 8e 1b 56 2e 9d 07 36 db e6 f3 bb eb d5 6e 73 77 df 7e d8 15 1f d6 79 b1 99 7e a2 ef e3 c7 77 ef 4d 67 bb 6b 56 e3 77 ef fc d8 0d 43 2b 89 22 cf 7d 6f ed f9 d3 64 dc 5a cc aa cd e9 cb fd 68 d7 30 a3 69 eb 62 de 8e ae ea 71 96 66 9e 79 75 9f d7 46 3e ad c7 61 9a b8 a1 69 35 f8 e8 c5 71 18 99 56 85 8f 69 e4 bb ae 69 15 f8 c8 57 35 ad 72 5a 3b 9b 71 61 5a 33 b4 65 61 18 c5 a6 b5 e1 6d 33 d3 5a 50 9b 1f 7b 99 69 cd f1 d1 8b 02 3f 30 ad 5b 7c 8c bd c4 c7 42 5b 1a 10 67 69 Data Ascii: 0000000110ffe\isF& eQfv\$v&[$X#4>o@d+V"}V.6nsw~y~wMgkVwC+"}odZh0ibqfyuF>ai5qViiW5rZ;qaZ3eam3ZP{i?0[\|B[gi
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 29 9a 1b f0 0d 76 e8 15 37 29 ab 76 5d 9a e3 a7 8f 1f c7 4f d3 d7 3f bf 58 14 f7 06 b7 78 d3 d1 83 ed b9 ae 51 16 4d 6b df d6 d5 6e 3b 12 26 69 3a 6a ab ed c4 80 55 1e db 76 bf 8f cd 07 36 b0 5e 77 4f 36 46 98 57 c6 af 36 18 ce 1e 27 86 37 7a 09 29 75 0f c6 8b 4b ac ff f2 67 a9 10 82 16 af 37 4d 71 bb 6a 9b 37 10 1e d3 9c 68 40 2d 01 d4 92 80 ba 6f ed 5d 61 37 5b 36 2f f2 d2 26 1b c9 1a a3 2d da 92 d9 cd 3a 2f 4b c3 29 d6 f9 2d 7b 93 3f 4c a1 07 ee 01 db bd 68 b6 f9 c6 68 ca aa 05 bc 34 72 f4 f2 bb ca e8 c1 85 67 d9 6d 16 2f 2e 69 18 46 5f 9e db 82 00 55 74 3d d5 27 8d ae f5 c5 45 2d d5 f1 d5 66 6c 4e 4a 20 22 39 3d c0 8e fb e0 56 32 5c 43 f4 01 88 3e 00 51 e3 45 9b cf 4a a6 18 20 1e f8 6f 10 ba d9 c2 ed 14 f7 cc 10 0d ab ea 9e 21 9a 29 8b db 8d bd 2e 16 Data Ascii: )v7)v]O?XxQMkn;&i:jUv6^wO6FW6'7z)uKg7Mqj7h@-o]a7[6/&-:/K)-{?Lhh4rgm/.iF_Ut='E-flNJ "9=V2\C>QEJ o!).
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 4f 04 6b c3 70 69 a0 97 3c e0 21 7a 8f ce 6b 36 8c 7a c3 d6 c5 0c f1 f2 f9 90 a9 4f cf 44 a0 d4 45 2b 88 7e 24 1f 29 7d 1c 84 40 bf c7 21 3c 37 97 12 c9 46 fa 48 9e a8 84 cf 78 14 7d 01 fe 19 b2 a4 e2 84 41 01 e3 38 de 91 b1 8c ac 1b 09 f9 53 06 eb ac 0b 50 fa a3 9b 7f 87 e7 af 7a 58 44 c6 9d 62 22 25 a4 4d 57 eb eb cc b2 26 9b 95 5a f4 d8 38 57 b7 6c c3 a8 0e bb f8 20 03 6f 5d 6a 9b 57 8d 2a 09 a3 ba 7a 6a 12 cf 1b d7 85 2c 12 c3 2f 59 b3 73 11 d1 d7 90 b2 af 21 65 cf e4 8a aa 54 30 d1 39 ce 55 57 52 c1 99 93 08 43 81 3a ec c9 5e 6b ce 52 33 9a e5 c5 45 e9 20 d8 54 65 12 dd 15 bd 01 1c 6f 8e e0 40 81 8f 52 02 4d fc 65 0e a7 b5 d0 72 86 08 56 6e 6b f6 64 a0 76 56 22 d8 d0 d2 5d ca 84 75 89 51 81 7b 57 fb d0 a0 15 d0 9d 49 b6 de 02 bc b7 04 de 33 6e 72 96 Data Ascii: Okpi<!zk6zODE+~$)}@!<7FHx}A8SPzXDb"%MW&Z8Wl o]jW*zj,/Ys!eT09UWRC:^kR3E Teo@RMerVnkdvV"]uQ{WI3nr
2024-10-24 09:44:03 UTC	247	IN	Data Raw: 70 32 a1 c1 b9 ca c4 ab d9 fa 78 a5 07 1e b3 4e 0c a8 be d6 45 90 db 22 9c 85 0d 75 94 7f a3 fd 91 8a 54 64 72 11 29 c0 05 6b 73 78 87 60 4e 00 93 4a 06 30 0c b5 fe 19 59 ef ce 13 f2 14 01 ea c1 ad f4 80 16 62 8a 32 29 dd 7e 9d 69 1a f6 9c 91 86 de 6a 28 58 83 38 98 87 ca 84 76 6a a5 01 1c 85 96 11 43 9e 12 e9 09 fb 25 04 d4 d9 32 5f ce 04 60 7a 97 84 3e 84 33 f0 11 5f e3 97 0c 49 54 ee d3 41 1f fb f1 3c 95 d4 18 76 8a 35 b2 14 fe c4 a5 5f ca 69 74 a3 38 04 08 ec d9 f2 78 7e 47 3e a2 b5 1f 60 b6 af 28 4e 61 2b fc a5 da bf d8 ac a0 18 ad c0 00 cc bd 53 1d 03 36 f6 1d 02 a8 63 36 f2 7e 79 69 0a 79 c3 c4 d8 54 1b 69 67 79 17 3f 0b ee 56 d6 fd fc 71 b7 58 ff c4 39 cf a1 54 fd 7c 2d 9e 5b c1 d7 08 eb a2 58 aa 8b 5f df 2b b8 c5 96 0d 0a Data Ascii: p2xNE"uTdr)ksx`NJ0Yb2)~ij(X8vjC%2_`z>3_ITA<v5_it8x~G>`(Na+S6c6~yiyTigy?VqX9T\|-[X_+
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 33 0d 0a 30 30 30 30 30 30 30 31 0d 0a 26 0d 0a 30 30 30 30 30 30 30 31 0d 0a 19 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4d 0d 0a 30 30 30 30 30 30 30 31 0d 0a a7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3a 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a c4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 31 0d 0a a5 0d 0a 66 65 37 0d 0a d4 24 61 51 e9 6e d3 c4 68 aa 12 f7 65 f4 0e b5 0b 8b 58 a6 ec b1 5c 4a 48 0d 62 ec 4d 53 ee 28 dd 9a 08 a5 25 6b 24 fe 73 bc 24 ea 14 90 ef 43 16 61 07 8f ef 3a 41 12 69 4a a8 75 e2 06 01 f5 fb cf 75 97 d0 1e d7 79 ae f7 11 d1 a9 ae dd fa c2 8f d4 e9 3f b3 ab 4f 9d 9d 15 91 28 0a 70 6d 4c 3c 87 86 4d 59 fe c4 88 5c 6d c9 47 bb 59 Data Ascii: 00000001300000001&0000000100000001!00000001M0000000100000001:0000000100000001000000010001fe7$aQnheX\JHbMS(%k$s$Ca:AiJuuy?O(pmL<MY\mGY
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 7c c9 c3 06 19 10 9a 2f bf 82 a2 aa b0 80 f2 43 91 24 9e 5d 8d 37 8a 4b ed 5a 00 2d 76 12 7d fc 24 af 17 27 ad 0b 27 b3 57 cf bb 06 09 ed 6d 67 e0 05 ce 32 97 ea 90 d2 a3 42 1a aa f2 35 f8 46 e4 6b a4 ca f8 c9 f0 0f b9 5a 37 49 ad fd 0c e0 52 51 4f 10 ea 24 1e 90 2b ca f1 60 f6 38 ce 56 71 a1 a4 2e 0f 7b 8f c7 08 74 e4 32 36 17 8b 97 e2 8a 7b 5b 8b 40 1f 5c d0 24 4d a3 b4 a6 ea 02 13 4d 0a 07 d2 09 44 a4 d5 38 42 5d 49 a1 42 43 bb a1 bf a7 db 81 4b 1c 70 c1 cb 70 93 a7 82 8b ae 5d 24 61 14 33 b6 d5 6e be 3a 38 fc 38 5f c0 ca 3f 22 dc e7 31 25 f9 29 d7 89 91 82 09 95 19 76 f2 7c 37 38 ea ec e3 6d d7 a1 dc 4d 9f c8 fb 4e 2b 8f 74 97 e0 c4 c4 74 81 05 a7 a0 d8 58 8a 8a 0c 14 7a 69 18 b4 9b 9d 07 2d 36 3c d4 c7 31 e4 fc 4e 79 19 2d 40 e1 db 2a 44 9f 4c 6d b9 Data Ascii: \|/C$]7KZ-v}$''Wmg2B5FkZ7IRQO$+`8Vq.{t26{[@\$MMD8B]IBCKpp]$a3n:88_?"1%)v\|78mMN+ttXzi-6<1Ny-@*DLm
2024-10-24 09:44:03 UTC	1401	IN	Data Raw: 05 09 6e 3a 66 4e 90 f9 18 8e ff 3c 27 f4 d2 1f 03 ff 1a 4f 7e e0 78 71 10 1a be 2f fe 7a b1 11 c0 31 c7 ff f0 22 df c9 d2 f0 1a 17 97 1c 37 8d 8c 00 fb c4 3e 56 c2 46 71 e8 f8 7c 35 be e9 4f 23 01 21 3f e6 9b 8e e8 6d 04 2d 9f d0 e4 c7 c2 0d 4e 7e 97 c5 e4 33 2e cf a1 08 b8 fd c8 89 ae e9 6f e2 84 41 80 cb 44 fc 8f 9f 19 41 e8 00 e0 ec 1a 48 45 71 82 4f 04 aa 1a 85 4f 7c 1e fe 02 7f 74 ab 51 be 9c e7 5f ab 95 d0 82 d5 e5 28 b1 df a7 71 e8 f5 69 86 2b 5c 74 27 17 57 82 3e 81 44 96 71 46 e8 bc 19 f0 ac 67 63 02 f2 47 29 78 95 a6 8e 8b 69 61 e6 c4 01 b8 e5 39 69 1a 02 85 7f f8 de 8f 5e 94 39 59 12 5e 07 19 ee 49 e0 2d 77 2f c5 24 5c d5 8e 13 07 df f7 84 e7 8e f5 7f 2e 16 61 22 c8 0d 98 88 0f 20 77 d4 91 9b 3e 11 b9 e9 af 20 a4 1a e5 1b 62 9e 7f 1d 62 00 b1 Data Ascii: n:fN<'O~xq/z1"7>VFq\|5O#!?m-N~3.oADAHEqOO\|tQ_(qi+\t'W>DqFgcG)xia9i^9Y^I-w/$\.a" w> bb
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
116	192.168.2.16	49881	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f0104b63d1b8ead22c603980d3487ec4 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:10:16 GMT Expires: Sat, 18 Oct 2025 13:10:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506027 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 66 66 62 0d 0a 00 00 00 02 ff c4 5c eb 96 db 36 92 fe bf 4f 41 2b 1b 8f 98 21 d9 94 d4 52 b7 28 cb 49 c6 49 ce e6 4c 32 33 27 ce fe f2 fa cc f0 02 4a 1c 53 a4 0e 49 b5 dc 51 f4 14 fb 77 9f 6e 9f 64 bf c2 8d 20 29 75 3b d9 3d 67 ad d8 ad 46 15 0a 85 42 a1 6e 00 32 3a d4 cc aa 9b 2a 8b 9b d1 6a 5c b3 3c f5 8e 2c da 87 f1 87 37 db 43 f1 e1 a1 f9 fb 21 fb fb 2e cc 8a f5 13 b0 5f 7f 7d f7 de f6 f6 87 7a 3b 7e f7 6e 7a 37 59 de bd 77 4e fc 67 30 2e 9d ca 61 f6 fa f5 89 8d 97 f7 cb 89 bd 7a 08 2b ab 59 b3 f1 ed fd 9d 7f 6b 3b 35 be 4e 16 8b db b9 ed 44 f8 ba 98 de cf Data Ascii: 00000001000000010000000100000001000000010ffb\6OA+!R(IIL23'JSIQwnd )u;=gFBn2:*j\<,7C!._}z;~nz7YwNg0.az+Yk;5ND
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: f5 e8 5f 4f fe 79 64 d1 02 bb 62 75 3b 4d 98 31 6c e1 c1 8d f3 b2 66 6e 59 e0 0b 7a 59 61 95 01 5d a8 88 c4 7f 6d bd 4a b2 07 c5 c7 03 e7 63 84 46 93 bb f4 e8 46 65 9e 8c 5e d3 a0 af 6e 08 d4 c3 68 60 10 dc a8 62 e1 07 8b 7f 3d 56 e1 be 87 7e 83 61 d0 4b f6 fe 87 b4 0a d7 b4 1a 76 e8 21 cc 0f 4c fd bc ae 73 c0 d8 b2 10 72 c7 97 44 9a 72 6c 0e 5b ae 06 36 96 d2 66 21 a7 1f 21 17 a9 a7 62 af a9 6d fd 25 df a8 62 95 f6 58 a5 fd 53 ab 34 21 19 3d 34 ee 21 73 f3 32 4c 48 53 e4 cf d7 af 6e 3a ed 24 a9 bc 6c 94 84 d3 da 5d 8c 80 43 6d 5a 1c ff b0 ed c0 18 7d 83 d1 37 34 3a c9 5b 0d 43 eb 69 65 c9 7a 44 2e 7d a4 c8 ed cb 3a 23 5b e0 56 2c 87 01 7a 60 56 e2 46 79 19 7f e0 6b 48 e3 16 e1 8e ef f9 6c b3 61 d5 c8 a2 71 c9 04 88 5f c1 81 50 2c 8b dc 5c ab 65 5c 51 b4 Data Ascii: _Oydbu;M1lfnYzYa]mJcFFe^nh`b=V~aKv!LsrDrl[6f!!bm%bXS4!=4!s2LHSn:$l]CmZ}74:[CiezD.}:#[V,z`VFykHlaq_P,\e\Q
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 0e 34 4e f1 11 23 f3 c9 9b 40 73 03 ea 89 97 15 ec 68 3b f9 65 12 dd a7 6a 6a 5a 23 a2 1e 56 3c a5 4f 4f 00 3d 9c c8 4f 58 24 4d 95 10 42 0f 61 b9 8c c3 54 4e 54 0b a2 87 93 ce e3 bb a5 54 3d 25 8c 1e 0a bb 0f ef 42 b9 7b a4 40 7a 18 64 a4 94 99 12 42 e9 21 98 26 88 5b 4c b9 c7 e6 d8 5e 53 f9 8f 98 2c 37 b0 7a 7f 62 8b 4a 51 a5 28 1e b9 75 58 d4 48 50 ab 2c 0d 2c 14 7a 0e 55 cc ac b7 68 b3 50 2a 1d 39 d6 4f 65 84 48 56 fd fc a6 0a d3 c6 b1 fe 8d e5 0f 0c f5 bd d0 b1 be 46 0d 25 77 50 5a 52 54 c4 90 9c f4 ae 2c 4a 54 47 62 d8 72 45 f9 4d 99 30 49 59 43 45 8f 4d 85 ba 01 a2 80 c0 42 26 cd c2 ca 55 0d e3 c9 3d 16 65 e3 58 b0 4c e1 58 cd 4c ce d1 f7 26 a8 b7 5f 06 c1 dd 0b 2f 59 26 8f 2e 67 28 0d 77 59 0e 4f 82 c0 61 cc 41 3d 09 0c 3a d4 d9 2f 2c 98 54 6c d7 Data Ascii: 4N#@sh;ejjZ#V<OO=OX$MBaTNTT=%B{@zdB!&[L^S,7zbJQ(uXHP,,zUhP*9OeHVF%wPZRT,JTGbrEM0IYCEMB&U=eXLXL&_/Y&.g(wYOaA=:/,Tl
2024-10-24 09:44:03 UTC	290	IN	Data Raw: f6 8a fb 26 e1 5b 29 80 65 d5 ea a2 c7 5d 75 3d d4 4a 59 16 dc 4f 43 c9 82 5b 11 ee 1a 56 dc 8f 5c 68 ad dd 41 e3 a0 41 28 52 d0 61 d3 d4 71 5b 44 e7 5d c9 9b da 67 2b 5f 25 35 f8 12 25 a5 c4 11 ea b3 9b 0a 07 b5 2a b8 ea 22 6f 20 1a 8a eb f9 c9 7b c0 85 65 21 2d c7 b5 28 dc 63 81 8b 74 11 2f 38 7d 1a 17 30 8c 4d 77 09 aa b6 c5 00 f6 5c 20 25 02 2b fb c4 2d 9d c1 29 77 25 dc fe 05 7c 77 e2 22 0e e5 e8 9d c9 19 b9 19 24 f6 a4 1c e4 0e 87 34 4c 39 5f 22 67 c2 6d c1 80 d8 6d 32 c2 fa ff 61 64 a5 c3 3a 4c 40 09 bb cb 7e df 8a d8 67 1e 2c 91 60 71 ed 86 c5 1f ec 3f d2 f7 00 37 92 70 f7 c2 e1 df d3 ac aa 1b 40 b3 3c 31 db f9 1d a3 4b 13 15 7d 85 b9 7f 4e e4 12 37 7a 52 e6 0a c9 50 af a7 f9 ee 86 bb d7 66 71 01 8b cf a9 db 7e fa 74 51 72 69 29 33 ce 47 d5 97 04 Data Ascii: &[)e]u=JYOC[V\hAA(Raq[D]g+_%5%*"o {e!-(ct/8}0Mw\ %+-)w%\|w"$4L9_"gmm2ad:L@~g,`q?7p@<1K}N7zRPfq~tQri)3G
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e3 0d 0a 30 30 36 62 32 0d 0a 4a a8 d0 6e 7e 37 a6 8d 31 b8 71 57 de bf 2d a0 91 0e 89 22 99 26 09 c3 2c 4b 2e 86 27 7d ce c7 4b 22 17 bd b6 b1 9d 8d fc 9d 0f 63 80 8c c1 e4 a6 36 66 7e 25 c0 30 d5 f6 d3 48 5f d0 cb 2b b4 b5 54 fb f2 e9 02 0c b6 35 c0 34 35 57 a8 1b 1a 4a 01 01 3e ed 49 1c 6d ec 7e 20 10 58 0b 54 98 17 28 de e1 f8 87 fb c4 36 62 17 39 0f b7 07 24 d4 de 5e b8 60 5f 79 93 a1 25 9f 66 89 cf 9e be c9 24 2e 5a 9d 44 01 5c 14 9b 8b 92 b2 aa 01 8e 4a c6 21 9b 41 2a bc 12 19 ac 4b d7 7c 03 c4 bd 73 54 7c 7b ce 5d b6 e2 b8 09 77 7d 1b dc 57 52 66 be 29 f7 81 37 43 15 45 d4 c3 a4 c4 f9 e1 b0 d1 de af 93 68 2f 81 f2 3a 8e c0 db dc 51 b0 a0 e9 0d fa 0d e7 85 ca 2e 6a 27 b2 d4 60 4e c4 37 70 e9 56 96 d8 82 5a 74 a8 47 24 Data Ascii: 00000001006b2Jn~71qW-"&,K.'}K"c6f~%0H_+T545WJ>Im~ XT(6b9$^`_y%f$.ZD\J!A*K\|sT\|{]w}WRf)7CEh/:Q.j'`N7pVZtG$
2024-10-24 09:44:03 UTC	328	IN	Data Raw: 39 c0 13 4e 5d 56 10 a8 58 a6 f7 9e 5e 14 51 19 32 65 2d 86 10 05 75 59 d9 6a fd ae 74 d6 e2 5e e8 b0 97 9a a4 3a 78 23 97 d8 0e 1a c6 f8 bf 12 24 f4 46 d4 d8 88 19 e6 6e e3 5e 1e 1c 08 6e 8c 34 b8 a5 f5 39 fd d5 67 77 dc ab f2 dc 2f a6 cb 7a 9d f6 df 49 fa 7f c1 55 9f 1b 23 fe 11 4a 26 df 34 bf 21 8d 53 e9 a0 bf 92 b7 2e 78 9a 2e f3 06 ac 97 4a 70 3d ba eb 46 e5 5f f3 30 4f cb dc f2 a6 e2 3c ef 4c 2f 82 4f e2 1a 12 85 61 3d ad ce 8a fd 01 4f 9f 8d 3d 6b a4 1b 66 b9 65 a0 26 6a d5 f8 90 e2 28 d1 18 7d 22 47 7f 47 2f e3 de 5b 6d 0c 2f 14 a5 d3 d9 0c e8 94 8e 20 f6 c7 6b f6 77 fa ca e3 7b db fa ac f7 c0 f1 14 16 78 5b ca ef 5e a5 b8 32 f4 e8 ee 0f f4 ff a6 c0 c8 73 8b 32 a1 f3 67 b8 6c cf cd 87 10 9e 50 e3 cb 2f 96 1c ba 18 bc ff 68 9f ff e0 8c 46 ef 6d a7 Data Ascii: 9N]VX^Q2e-uYjt^:x#$Fn^n49gw/zIU#J&4!S.x.Jp=F_0O<L/Oa=O=kfe&j(}"GG/[m/ kw{x[^2s2glP/hFm
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
117	192.168.2.16	49882	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	522	OUT	GET /gui/76194.9a49eca4de4d4a1bd1bf.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:03 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e7b8ea1d0579002d0d541abc796ad5e3 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:00 GMT Expires: Sat, 18 Oct 2025 08:55:00 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521343 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:03 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 31 0d 0a 6b 0d 0a 30 66 66 33 0d 0a 77 db 46 92 f6 f7 fd 15 30 33 51 88 59 00 02 c0 3b 69 da f1 30 99 8d ce c4 71 4e e4 c9 9e 1d ad d6 01 c9 a6 88 11 09 f0 05 40 5d 42 f1 fd ed fb 54 75 37 d0 20 29 7b 26 9b 0f 7b f6 d8 b2 4d a2 af d5 d5 75 eb aa 6a a8 99 8b d5 c2 bb 17 d3 4d 34 bb 9d 2c b7 c9 ed Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}1k0ff3wF03QY;i0qN@]BTu7 ){&{MujM4,
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 5a 45 9b 9c 37 82 db 2a 16 d1 ad 41 40 b3 5b aa 7d c3 9c f3 9e f0 6f 79 84 89 2c 9a 15 62 ae db 7d cd 0d dd da fe c8 32 dd e2 d4 6e bd 52 f8 3f 42 3c 91 a0 73 02 6f 4e 2e 19 19 f2 30 b9 94 cc 7c 31 7f 31 1e ab 62 88 47 ac e7 7d 7a 51 88 b5 6c a8 21 7d 57 2c 45 96 63 c8 23 6c f3 d6 41 6e 33 3b 67 2c 51 f3 ed cd 8d c8 b1 ba 0f c5 32 13 51 f1 81 f7 0c 52 54 d8 52 42 28 a6 2f c6 4d cd b7 d9 18 db 35 f5 7e 78 f3 f6 db 0f df 7c 7b 39 f9 f0 f6 cd 8f 3f 5e fc f0 6f 76 d3 06 7d 98 7c 9c 69 3e ce 58 3e a1 2a f2 ee 07 5e 91 32 6e 27 51 2e 20 81 1b 1f 4a 3e 36 c8 e0 06 64 70 c3 64 10 1d 50 b2 66 a2 b9 3b 5d a5 b3 db 06 d8 86 f8 64 ba 05 27 24 8a 0a 0e 76 96 77 db c0 86 de a7 da ae 95 1c 12 31 2f e4 8e 50 82 b4 86 68 7b 6f db f6 b0 d1 a0 8f 7d 1d e3 4d 08 03 96 18 b5 Data Ascii: ZE7A@[}oy,b}2nR?B<soN.0\|11bG}zQl!}W,Ec#lAn3;g,Q2QRTRB(/M5~x\|{9?^ov}\|i>X>^2n'Q. J>6dpdPf;]d'$vw1/Ph{o}M
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 1b 15 4b 6f b1 4a 21 7d 8f 81 28 01 f8 00 81 99 45 37 c2 36 00 21 1b 55 69 3d c1 94 a3 8c 7d d3 38 3b f2 9f f0 1c 26 53 7c 83 33 01 0e 3c a4 88 a1 c5 e0 57 e1 16 b3 74 bd 4e a1 ad e3 02 18 37 cf 55 42 9f ab 04 9f 26 6c 32 4b 32 6d 0a 71 d7 e3 ed cf ec 7d be 4c b7 ab f9 5f 37 38 81 e0 e0 a5 4d ac a6 f0 96 51 5e 37 53 09 9e 06 64 ba 04 43 1e 5f cc 15 3d 3d 9d 00 50 37 8f 56 b3 ed 0a 53 5c aa 8d 95 28 3d 81 17 db 79 71 e4 a7 b1 78 e0 52 06 9d 9d bd 38 9e c9 74 17 6c 80 b6 cd 78 52 3a 5b f2 5b f8 a0 70 10 84 ff 84 45 03 bb 4f 5e 69 7f 87 ae 7d 85 43 77 e2 fd ea fd 20 c4 3c ff 3e ce 8b 4b d5 cd 1e ca f9 8e 37 47 52 ad 77 2b 1e 95 5f e8 b0 89 ad 78 e7 14 6e 5e f3 22 a4 93 c9 c4 63 d3 1e 1a 67 de 35 d6 b2 36 d7 b2 11 b3 38 5a b9 7c 10 c9 2d 2f 5e 83 f8 7e 8a ee Data Ascii: KoJ!}(E76!Ui=}8;&S\|3<WtN7UB&l2K2mq}L_78MQ^7SdC_==P7VS\(=yqxR8tlxR:[[pEO^i}Cw <>K7GRw+_xn^"cg568Z\|-/^~
2024-10-24 09:44:03 UTC	379	IN	Data Raw: fc e9 11 41 0b 68 b2 d8 e5 0d af a9 8f a9 80 23 2e 4e 11 88 c9 d7 d8 93 25 42 4b 70 db 1e 9e a1 a0 20 0e 0c 6b b2 29 b4 05 4d 31 3d 69 cb 4a db 02 22 cd 34 a4 a5 0c 8c b4 55 c2 67 98 fc e9 69 87 78 01 19 f7 f8 4a 4e e9 48 7b ef 8e 8c d6 07 08 a4 07 08 a4 5f 4a 0b 07 b8 85 90 86 e7 14 51 04 1a c3 14 c8 24 2b c7 2b ef f2 db c9 fb 8b 77 3f 7c 78 f3 c3 37 1f 7e bc f8 f9 dd fb 4b 1d 28 2c 85 73 73 67 18 de 10 c4 06 39 b0 cd 3e 54 4b 66 80 05 f9 e5 d7 79 cd 92 82 97 13 e7 1f da 6b d0 31 10 40 c7 5a 1c 2a 49 c9 e2 9f 13 7b 39 e4 05 4c 7e 56 2d 08 13 7a f7 51 96 34 1b 7f 85 8d 8e 3c 8b 78 11 23 da 5e b3 7c 1b c8 e2 50 46 9c 3a 84 6b c5 2e 0f 18 c9 5c 1d 2f 0c c0 11 8e 50 21 3a a0 47 00 98 e3 93 c3 f8 0a 29 1b c7 c5 0e 4a 63 65 04 22 ce 84 68 17 80 ae a1 92 cc 46 Data Ascii: Ah#.N%BKp k)M1=iJ"4UgixJNH{_JQ$++w?\|x7~K(,ssg9>TKfyk1@Z*I{9L~V-zQ4<x#^\|PF:k.\/P!:G)Jce"hF
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 41 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a 42 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 30 30 30 30 31 0d 0a c7 0d 0a 31 0d 0a 77 0d 0a 31 36 39 34 0d 0a 66 e4 b1 74 5a 54 41 c1 e7 86 90 74 7d 34 82 41 ff 39 bb 60 ca 98 e4 3f 39 d0 01 4d eb c8 a6 1e 85 1d 0a 1c d9 ac 2d 40 91 d2 6f 06 5f 5a 4a bf b9 7b e9 4c 3c 1e e1 19 80 4d 7c c9 e3 f7 71 d7 c3 b0 f1 33 a8 e7 d3 e3 a7 7b 3f b7 f7 06 24 74 b8 fc f4 40 55 f4 ba b6 05 29 07 68 2e e6 9f 1e e0 39 48 8c 13 ec a7 07 f9 28 14 6c 4d 1f 51 20 db Data Ascii: 00000001000000010000000100000001J00000001A00000001I00000001Q00000001B00000001000000011w1694ftZTAt}4A9`?9M-@o_ZJ{L<M\|q3{?$t@U)h.9H(lMQ
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: a5 74 d1 5b 6a 92 5f 55 2b 77 4b 2c a6 42 6d 84 12 9d 32 d4 60 05 9b 07 4d 90 74 03 01 91 69 dc 26 19 5a 79 8a 74 b5 5a 85 9e 45 74 c4 40 cb 63 35 94 a4 1a d8 d8 49 be da c2 1a 06 83 30 3f 93 34 92 7f bd a0 d7 29 19 90 e7 21 89 b0 85 c6 f7 bd 56 af 63 30 a1 51 e9 e6 6b aa 0f 9f ab 5e 81 7b 7c ef b9 da 07 58 a7 26 77 9b 03 3f 50 65 f8 cc ac 21 55 96 52 44 2d 51 82 eb a2 e3 a9 65 b0 3b 7a 68 75 7c 63 c8 07 dc 95 21 af 2c 60 54 50 32 38 c7 98 a9 10 a3 bb c8 85 a3 57 c0 6b d7 38 38 ea ea 1b 48 2d fb 32 56 e4 54 2d 80 73 d4 c9 dc 89 b2 13 8e 69 02 bb c6 1f 80 17 44 61 85 f8 77 b8 8b d5 84 0b dc 12 ca 5d ca f8 74 15 21 d5 36 ca a8 46 66 fb 2c 2e 20 98 a9 81 a4 28 a3 56 51 15 4f 64 d0 3e a8 06 ad 15 aa 39 10 c1 f9 93 25 23 98 a6 b1 51 6d d2 23 24 eb 51 ab 58 a6 Data Ascii: t[j_U+wK,Bm2`Mti&ZytZEt@c5I0?4)!Vc0Qk^{\|X&w?Pe!URD-Qe;zhu\|c!,`TP28Wk88H-2VT-siDaw]t!6Ff,. (VQOd>9%#Qm#$QX
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: af b2 73 34 98 b0 ff 86 16 7b c1 37 7c d1 67 84 17 80 92 92 43 70 f9 16 41 28 19 5e 0e 00 9b 8a b3 d0 57 05 26 5d c0 41 9c 18 05 07 d1 42 54 8c 4e c4 40 68 37 47 2c 78 0c ce e0 c2 c3 e7 23 d7 6f e9 ab ad f0 0b c0 f1 56 a6 2a 9a c0 97 f9 87 a7 1b ba 5c 59 6b 9e 09 84 f3 0a 08 69 44 87 e9 9b 39 94 0e 4c 0c 29 9b 42 64 66 15 a7 2d 21 31 12 ee de 44 45 e8 aa 39 95 7b 9b 71 66 cb 24 8e ca 91 ac 2a d9 f7 8c a3 98 0a e4 21 ef 0e 51 4e 19 79 8a e6 7f c7 6b 84 86 e2 01 6f 47 c4 9d 19 04 9d dd 5a d1 73 6d 8f 37 59 ca 23 be 25 78 7d e0 8b 47 10 e3 b8 fd 10 33 c6 08 5a 68 a8 e4 dd ea e1 94 f3 b0 13 44 71 9a 03 ff 4b bc 84 88 df 07 70 58 7c 62 38 0e 68 ea 89 0f bc ed 2a d3 d0 d6 92 90 23 9d da ac 1a 22 5b 43 65 40 94 3b a9 12 b3 6c 47 d6 c1 9d 5e 21 b5 4c 5b d4 f9 9a Data Ascii: s4{7\|gCpA(^W&]ABTN@h7G,x#oV\YkiD9L)Bdf-!1DE9{qf$!QNykoGZsm7Y#%x}G3ZhDqKpX\|b8h*#"[Ce@;lG^!L[
2024-10-24 09:44:03 UTC	1408	IN	Data Raw: d2 88 0c 1b aa 1a 5b 5f 1c be 63 0e be 0a 99 d0 0b ab 02 91 88 c7 11 7e d9 12 72 7f f9 55 63 d2 71 21 29 92 5f b0 b6 97 6f 9f d9 91 5f 54 16 f7 28 83 b8 9e ef c8 af d7 1f d2 cb 78 84 87 df fa 82 e4 d7 7c fc d5 4b 44 77 2c 7a 77 c9 9f 52 fc 62 12 76 17 0d fa 56 30 e8 37 2c 38 41 56 e3 06 59 99 0d eb 61 bd c2 2f eb 69 d0 db 06 f0 b2 81 fb fb 7b ef be e5 a5 d9 cd 39 b2 6f fd 73 8c d1 78 85 37 08 58 2f f1 1b 16 96 f4 c5 b2 f0 da bc b7 18 06 29 d0 13 fa 08 3a 2d af db eb 56 9f 5c 45 13 4d ba 2d 30 52 8b 27 b5 5a a1 d7 1e b4 7a b8 b6 3d f0 5a 83 10 cd f1 37 f0 da 41 ff e7 56 38 c1 53 d8 f2 82 6e ab 6d 85 a1 fc 0c ba 56 0b 07 af ee 77 41 27 f4 06 fd f6 04 b7 30 3d bf df b1 5a 98 af 1b 62 24 4c d4 6d 7b 21 8f c6 93 fe ad 21 21 e4 bb 00 fc be 1a f3 92 54 49 6d 53 Data Ascii: [_c~rUcq!)_o_T(x\|KDw,zwRbvV07,8AVYa/i{9osx7X/):-V\EM-0R'Zz=Z7AV8SnmVwA'0=Zb$Lm{!!!TImS
2024-10-24 09:44:03 UTC	292	IN	Data Raw: 24 f6 21 37 88 29 7a 3e 3d 9b 60 63 19 80 a8 43 12 1e 62 28 68 93 76 81 1d 41 56 33 d6 a1 78 9a 29 0f cb 08 a1 bd a9 58 3e 43 49 61 d5 10 7d f5 6a f0 3a 2d 97 7a d3 02 81 dd 36 2d 90 47 c7 ba 7d f0 0a 71 30 3e 7d 9e 15 f4 c8 b3 01 2a 88 06 39 3c 7d f2 33 13 3a 49 0a f9 88 45 80 79 58 86 a2 bb c4 a6 01 3b 2d a6 e7 f9 3e 38 1f 38 f0 7b 7d 74 27 e9 07 e1 09 8b bc d3 27 7c 63 58 9c 48 a0 49 49 96 ea d9 d4 33 a0 83 9c f3 d1 bc ac a7 bd 03 eb 72 77 22 9d 01 99 5f 3c 7a 87 16 0f a5 07 79 43 04 d8 03 c6 b1 c6 2e ec 9f 3e 14 32 14 bc 1a 1d 7a 28 f4 5a 5d 1c 02 88 9c 21 30 54 3d 6d 36 b4 5e 10 c8 ee 24 a1 eb c0 ff 43 b6 10 4c b5 56 d4 16 a6 a9 86 77 5d df dd e0 a0 f2 d5 7e 7f 6d 8f fe e5 fc fc 0b 78 55 e8 45 f6 f8 95 52 b8 05 7a 83 77 3c 8f f9 b7 b9 79 83 a8 3d 10 Data Ascii: $!7)z>=`cCb(hvAV3x)X>CIa}j:-z6-G}q0>}*9<}3:IEyX;->88{}t''\|cXHII3rw"_<zyC.>2z(Z]!0T=m6^$CLVw]~mxUERzw<y=
2024-10-24 09:44:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
118	192.168.2.16	49883	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	676	OUT	GET /gui/16339.0119306c79f13a4051bd.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 382d203cc8306cca039b9bdad3868180 Content-Encoding: gzip Server: Google Frontend Date: Tue, 22 Oct 2024 15:40:53 GMT Expires: Wed, 22 Oct 2025 15:40:53 GMT Cache-Control: public, max-age=31536000 ETag: "qDDOOg" Content-Type: text/javascript Age: 151391 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a c6 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 66 65 66 0d 0a ef ff e7 29 60 d6 db 25 5b 10 e6 fd 26 d3 8e 22 db 8d 1a db 71 65 3b d9 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}0000000100000001z00000001000000010000000100000fef)`%[&"qe;
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 6a a5 1c 0f 93 f7 c1 87 ca 83 07 e5 c5 b0 4c b3 88 cb 8b ca 20 7a 4c 3f 30 46 1b 0f fc a3 52 f9 f4 69 51 d9 8b bc 64 1d 05 16 be 3f 78 b0 78 f0 40 cd 72 e2 4d fd c0 d3 b3 54 f5 ec c5 15 2f 8a 9f 0c cb f7 87 38 84 71 6c 79 e7 89 17 4c 62 2b 74 5e f8 c9 b3 85 47 50 bc 04 8c ac 31 8e 3c e6 8c a3 f2 16 40 78 1b be 01 52 0a 66 65 81 39 f0 95 ee 98 20 7c 6f 38 2c 27 c3 91 f3 fd f7 0e 26 87 a3 fd dd c5 6a ee 05 80 c6 44 55 53 eb 50 f6 86 c9 dc 8f 9d ac 71 4c e2 34 f4 27 56 0d ab e4 7d fa 94 95 f3 1c 37 41 97 a3 75 e2 c5 b9 42 4f a4 fc c0 33 5a 39 a6 85 aa 00 66 f2 0d e3 49 9e 24 83 52 e9 8a 66 e2 c7 2f dc 38 d9 c7 5c 4e fd e4 62 3f 79 1b ae 8e fc d9 3c f9 d1 8f fd d1 c2 cb a6 64 fb 6a 52 f7 ca 7a 1c d8 80 bb c7 9b 64 e3 45 b9 1d e3 45 a1 7b 58 67 8c e0 38 f6 bc Data Ascii: jL zL?0FRiQd?xx@rMT/8qlyLb+t^GP1<@xRfe9 \|o8,'&jDUSPqL4'V}7AuBO3Z9fI$Rf/8\Nb?y<djRzdEE{Xg8
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: f4 50 fe 18 a7 21 bf a0 bc d1 f3 75 cc b6 3e 42 8b ec fc a3 47 ea d0 23 90 ee 08 aa be 77 d1 a2 9c 93 50 35 16 b8 9e 06 6a 2c 90 d0 59 b7 f9 fc 6f 60 40 1b 47 f9 c2 f1 a7 40 67 50 4b 4e 2a 8c 77 0a 7b 47 ab 18 0d 34 f5 56 0e 17 d5 5e 3a 6f 2a 5f c4 52 6d d7 78 19 8c 55 b6 63 58 8b 68 bf 2f ea e7 c8 fa c2 d3 12 34 f6 96 95 77 2c 65 91 4d a2 5c f9 60 6f aa 6f a8 ce da 19 ad 67 54 84 0a 6c a8 f4 6c 29 32 77 97 4b 2f fa 09 4d 8f e7 ba 6c 26 44 4b 99 84 35 14 fa ab 52 1b 70 7d 56 80 27 1a 5d de 6e bd 32 85 e0 35 4a cb 6c 51 61 b6 99 f9 41 05 ea d9 85 93 1d df f8 07 7e ed fc 25 0c 67 0b 4f 40 72 08 7c b5 78 b2 76 26 e1 f8 27 70 6b 40 62 34 e4 c1 5a 2c 4d 2f 80 56 e9 f9 8a a0 71 ba 5e e0 e0 2a 06 ac a4 40 31 66 63 d0 0b 65 ca f9 f0 c1 2e cb f4 b3 05 a2 fa b0 a4 Data Ascii: P!u>BG#wP5j,Yo`@G@gPKNw{G4V^:o_RmxUcXh/4w,eM\`oogTll)2wK/Ml&DK5Rp}V']n25JlQaA~%gO@r\|xv&'pk@b4Z,M/Vq^*@1fce.
2024-10-24 09:44:04 UTC	438	IN	Data Raw: 68 cc d9 75 50 41 fd b4 2f 60 76 50 37 0d 87 c6 f6 bd 2d ee d1 bd 13 82 da 75 50 d1 16 50 14 3b 4e 9a a7 e0 07 9c 82 1f e4 14 18 5a 46 63 ff 36 2c b8 45 9e 57 49 71 5a 24 71 29 29 d0 34 ac 51 5f 9d 93 da ba 78 a6 2d 75 a8 69 ef 6e e2 45 83 d5 f1 b3 3d 5e c0 8b bb 0b e5 c0 6d 16 d3 47 c1 77 96 ee aa 0c df c5 c7 06 6a 7a 8d 79 bf fe f2 d3 bf 45 b9 4c af b2 b3 2e c8 00 d8 d2 4f 80 3e 7e f1 34 54 b4 de 97 48 b3 73 ea c2 95 9a 38 6a 7d b0 37 d1 b6 31 a1 db 29 a0 32 08 12 6e cf ed 06 b3 2d 0d 9c 78 1b 70 5e 00 38 2f 7e 67 e0 00 2c 84 4a ae b4 2c f2 2f 65 37 89 74 9b a7 e2 29 00 f0 54 01 00 88 7b a1 39 b1 cc b0 90 da 8e f2 26 96 92 66 82 a8 d6 63 da f7 05 8c 6e e0 6d 66 18 78 8e 98 aa 32 9f b1 f8 a5 a6 fa 85 4e 2d d7 70 3f cb 53 ef 18 6a d0 0d 3a fd 33 a6 fb f3 Data Ascii: huPA/`vP7-uPP;NZFc6,EWIqZ$q))4Q_x-uinE=^mGwjzyEL.O>~4THs8j}71)2n-xp^8/~g,J,/e7t)T{9&fcnmfx2N-p?Sj:3
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 31 0d 0a 66 0d 0a 33 63 39 64 0d 0a 54 b4 56 28 c6 88 41 c0 24 d8 b0 00 46 65 76 ce 71 c5 68 e2 08 ae 54 96 78 70 59 8f 7c 8d 62 d5 c1 99 c6 d5 f6 56 eb bb 18 a3 2c 51 47 58 6c 8e 02 7b 4e 5a 76 0b be 71 60 d4 63 cb b5 c8 05 ca 12 2f 2d 2b 09 2d cf 1d cf ad 9c f6 c5 b6 3c 18 04 20 d5 2f dd 60 0d 54 7d 61 8d e0 76 13 58 fb 81 bb b8 80 ba 30 8c ac 75 0c 25 ab b5 bb bb ff f7 7f fe 6f 6c bd d6 5e 5a b9 d9 94 5f 1f 1d 55 1c 8c d1 b3 f0 cb 82 b2 dc 5b 58 e0 91 d9 8f 1a 06 75 f4 ac 3a b6 56 51 08 fb 40 8c de 60 8e e6 31 f0 00 50 26 44 74 46 10 c3 1f 06 41 24 88 7b 81 a2 01 2f bd f1 3c 20 0f 29 68 96 58 10 b4 31 e8 09 b5 07 db 77 08 cf f8 48 b5 8e bf f0 28 e1 56 a8 33 57 4d 4b 40 12 Data Ascii: 00000001f0000000101f3c9dTV(A$FevqhTxpY\|bV,QGXl{NZvq`c/-+-< /`T}avX0u%ol^Z_U[Xu:VQ@`1P&DtFA${/< )hX1wH(V3WMK@
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: b7 a0 eb f9 57 73 c2 57 f6 7d 04 2c 22 24 2e 1e b2 cd 7c 1d c4 ee d4 3b 78 83 f0 9c 13 67 bf 62 df af ec 79 49 f9 3d be 4d 9d bf 55 c8 af d4 a7 68 46 e4 ff a2 1c 3d f9 58 43 c9 d6 83 e4 51 c9 50 d5 41 6a 20 d0 c5 70 a9 32 11 55 ca a5 c0 3b 33 f8 d9 2a 19 19 14 7b 56 e2 b6 29 21 57 a3 d3 6f 70 56 aa 66 a3 d3 6d a9 d4 5c 09 25 b3 ea b5 ba 0d c9 44 15 27 76 94 d8 8b c4 0e 12 db 4d ec 71 62 4f 12 7b 9d d8 a3 c4 9e 27 f6 2a b1 4f 13 7b 96 d8 4b f0 6c 3a e5 d4 c5 d7 94 53 77 95 72 6a 8a 94 53 71 72 5d ce 29 b2 68 70 ea 3a 8e 5a 8f d7 48 cf 55 76 1c 07 54 56 32 7b 29 73 39 9c ab dd e1 fb 0f 82 40 e1 77 25 29 aa 68 2b ae 9c 17 08 14 25 4e 4e 15 95 af 24 1b 0d ef d5 a5 c2 dc 73 27 d8 b9 71 fa 62 11 ba a4 b6 c0 f3 55 ec 25 6f b8 3d a4 d0 58 2c ca 49 e5 92 b9 c2 b4 Data Ascii: WsW},"$.\|;xgbyI=MUhF=XCQPAj p2U;3{V)!WopVfm\%D'vMqbO{'O{Kl:SwrjSqr])hp:ZHUvTV2{)s9@w%)h+%NN$s'qbU%o=X,I
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 28 b4 53 e4 3f f0 99 ec 7c 3a a1 19 2d 16 15 c9 f7 27 51 ef f2 c1 9f ec 05 a2 a2 10 26 64 4e a7 6d ae 4e 9b ab 89 02 f1 bb 3a 70 4f b8 28 ed d4 5c 42 a4 0f 25 fe d1 8c b2 91 3f 48 79 72 bb a4 55 dd 6a ce 84 cb 1e 12 fb 7a 15 fc ef 0a 52 a2 64 68 36 b1 e3 8a 06 b3 52 83 d9 ee 85 b9 99 11 08 59 94 0a 8c 9e d0 5e 93 45 62 7b 54 de 4c 53 7a fc ed 85 66 93 6e 55 41 27 03 4a 3d d6 39 1d 4d 1a 37 18 9b 13 39 a5 89 9c f2 44 36 7c b1 36 83 a3 20 58 b4 52 8e e4 a1 4f f0 cb eb 1b cd a6 67 d4 f4 4c 9a 36 a7 28 e2 48 61 b1 b4 73 3d 0d 95 b0 a2 89 d3 a2 ca 40 34 4d 57 db 39 ef ca a5 72 7b 4f 95 0d 2a 1a e6 71 cd d8 9f e9 c7 f7 b5 0f 4f cc 87 01 5d 00 10 87 08 2c 25 db b3 42 30 6a d1 35 c2 a4 ed 7a 3d 76 36 e8 70 1e 3b 03 8b 21 49 7d 4c 69 c2 b6 6a dd c2 84 d4 6e 71 52 Data Ascii: (S?\|:-'Q&dNmN:pO(\B%?HyrUjzRdh6RY^Eb{TLSzfnUA'J=9M79D6\|6 XROgL6(Has=@4MW9r{O*qO],%B0j5z=v6p;!I}LijnqR
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 74 b2 4e 02 7b ec 2d 7d 4a 89 9e f1 0b 6a 02 4c 57 0a b1 23 32 16 d3 20 a4 79 15 9d f5 5e 9b 1c 0c 13 bb a0 33 53 47 6e a8 da 41 9b 14 a0 72 31 64 86 19 7e 93 d5 38 c7 fc cf 69 fe b7 e1 34 0c 63 6b 9a 6c 2b 5d a4 22 4d 5e 7e 09 4d 96 75 ce d2 c8 30 11 db 3c 74 26 6d 23 32 4e 46 76 10 a3 fb 37 12 a3 83 eb 88 d1 ae ea 06 31 ca d5 d7 1b 2e 23 46 07 43 dd 46 91 18 f1 b1 31 a8 d1 81 10 a1 7d 12 6d 6a 8d 5e 4d 88 d0 96 5b 2f 85 1c e9 4b 24 ad 9f 8d 9b 21 86 25 ca 16 c8 e9 d1 4b f7 f4 c5 93 6f 2e 96 d8 82 48 0e f5 5e 7e 51 f4 09 42 f1 c3 e8 03 52 92 bc 2f 7d f3 8d 7e 2e 7d a0 fd 75 cf af 5c e2 0f ab 7b c9 a7 86 9d 32 12 f0 03 30 42 e9 4e a5 4b 62 5a b9 6c 89 ae 3c c3 25 aa d9 b1 52 db ca 7a ce 25 99 ba fa c3 cb 2b 5c 4d 22 77 39 3a c8 31 40 cc b7 13 23 72 d0 2b Data Ascii: tN{-}JjLW#2 y^3SGnAr1d~8i4ckl+]"M^~Mu0<t&m#2NFv71.#FCF1}mj^M[/K$!%Ko.H^~QBR/}~.}u\{20BNKbZl<%Rz%+\M"w9:1@#r+
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: a4 9a 6c 2a c4 02 b9 65 08 a7 f0 fb cc ab a8 ad 6f 64 8b e9 63 9b 53 cc 28 4d 4c d1 c9 57 3b 0f 17 34 19 39 bd 4d aa 23 48 2f 92 d4 da 17 0c 5c 1d 60 a8 31 c4 fe 2d 14 4e 74 d8 fc 5b bd a0 f9 69 65 07 b9 67 b2 c9 63 03 7a 92 a6 62 bb 12 19 42 6d fe ea 3f ad 41 36 b9 02 c3 05 df 80 bc 64 ae 05 da 43 a6 95 9c ef 9a a6 bb 72 c9 9b 76 3d 36 dd 65 1f 33 c7 61 e1 fc d0 2d 75 a2 95 c7 75 42 e4 39 0d 01 2d bd c9 61 89 e4 f2 93 d2 40 42 30 f4 11 50 e9 31 35 75 b3 4b f0 fe 86 08 e2 15 cb 61 22 19 38 d4 7e d6 7b 4b 71 37 c6 bc 18 68 20 88 2e 1f 53 7e 92 3d 27 4b e1 8c 10 61 23 e1 5e 6a 7b ea 26 0c 80 48 b6 da c2 56 34 b8 80 34 ec c0 50 18 19 9f 91 cd 66 51 ed 50 90 01 a9 7e 72 fb ac 58 aa ce b1 08 37 16 83 f7 9b 6e 4c db 3f 0c 72 48 8e 5e 6f 76 f9 79 ed 93 0a e6 4d Data Ascii: l*eodcS(MLW;49M#H/\`1-Nt[iegczbBm?A6dCrv=6e3a-uuB9-a@B0P15uKa"8~{Kq7h .S~='Ka#^j{&HV44PfQP~rX7nL?rH^ovyM
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: e9 ca a5 4a 19 ac 0a 54 d2 d0 95 0a 19 26 3f 75 03 b5 fe 36 a4 2b 2f 3a 6b 91 e2 d6 80 33 6f b1 35 17 83 a1 28 12 ae f1 3a 97 d1 d9 78 bf 4b 48 2b 8a d9 86 f0 25 1e 50 35 1b fa 2c 77 a8 87 0d 61 0e 11 c2 c6 0a 98 22 11 5b 60 b3 85 95 9b 27 95 5a 6e f0 b1 f0 61 70 1f ee 0d b9 a6 e0 51 a5 03 51 b9 ea d5 c7 2b e5 d2 94 c9 7c 61 4e 17 82 38 08 63 39 7f 0d a5 cc cc 65 22 cb 6e f6 a8 23 2f 2c d8 1f 94 c5 c1 e8 50 e9 5e 54 92 22 cb 08 a7 df 48 5f 55 bc d4 83 83 f4 7d 78 93 1d 1f a7 aa 05 4a 0a 18 22 7b 98 0a a1 80 a8 ba c5 49 75 bb 63 2a 59 38 c8 36 b3 70 fe d1 23 a3 e1 91 27 79 f1 df 45 c8 26 91 41 18 8e 20 94 70 c0 26 f9 f7 d2 03 7d 0b 57 c4 d8 bb 33 e6 70 cb a4 c1 28 9a 6a c0 51 7f ff 3d 8b b3 87 c1 d3 c8 3d 43 0e 3b da 84 f9 ac 87 dc 2a d9 42 38 79 4b ba a0 Data Ascii: JT&?u6+/:k3o5(:xKH+%P5,wa"[`'ZnapQQ+\|aN8c9e"n#/,P^T"H_U}xJ"{IucY86p#'yE&A p&}W3p(jQ==C;B8yK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
119	192.168.2.16	49884	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:03 UTC	578	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/submissions/add HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	262	IN	HTTP/1.1 405 Method Not Allowed Content-Type: text/html; charset=utf-8 Allow: OPTIONS, POST, HEAD X-Cloud-Trace-Context: 0e1a1da68c76021a1fb7b43d584c2164 Date: Thu, 24 Oct 2024 09:44:04 GMT Server: Google Frontend Content-Length: 153 Connection: close
2024-10-24 09:44:04 UTC	153	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 6d 65 74 68 6f 64 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 2e 3c 2f 70 3e 0a Data Ascii: <!doctype html><html lang=en><title>405 Method Not Allowed</title><h1>Method Not Allowed</h1><p>The method is not allowed for the requested URL.</p>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
120	192.168.2.16	49885	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	676	OUT	GET /gui/38304.fb4a0d25cd02c2064144.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 950a07a88d86d13754ef9c3ba681ae2b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:16 GMT Expires: Sat, 18 Oct 2025 08:55:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521328 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 31 0d 0a 00 0d 0a 30 66 66 62 0d 0a 00 00 00 02 ff ec 7d fb 9a db c6 b1 e7 ff fb 14 10 ad c8 a4 03 62 78 bf 8d 28 59 19 29 27 3a 91 2d 1f 8d ec f3 6d 94 d9 31 48 82 43 58 24 c1 10 e0 5c 4c f1 fb f6 59 f6 d1 f6 49 f6 57 55 dd 8d 06 40 ce 8c 15 25 39 df d9 b1 13 0f d1 f7 ae ae ae ae ae 5b 97 e3 60 3e f5 ae 82 d1 ca 1f 7f 3c 99 6d 96 1f 2f 93 f3 4d 78 be f0 c3 e5 f0 96 bc 4f 9f 3e 9c 55 bc d5 26 9e 95 3f 7c 68 f6 9a b5 96 db eb f6 3b b5 33 77 db 6d 36 db ed 41 39 70 13 77 5d 19 3e db 96 36 71 e0 c4 c9 3a 1c 27 a5 e3 4b 7f ed 44 c3 75 b9 d5 eb d6 5a 15 37 c6 cf 7a a7 d3 6a 57 dc 10 3f 3b 8d 5e b3 51 71 7d Data Ascii: 0000000100000001000000010000000110ffb}bx(Y)':-m1HCX$\LYIWU@%9[`><m/MxO>U&?\|h;3wm6A9pw]>6q:'KDuZ7zjW?;^Qq}
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 57 a8 5d e2 e5 95 5d 52 1a 3c ca 6e ba 27 4f f8 bb 80 c0 2a dd de c9 ae 34 a4 f6 d6 9e 96 a4 e9 df d0 94 da e6 79 42 a0 3a ca e2 ba 26 16 86 62 3d 79 22 fd d9 43 d4 69 7b c6 90 9b 37 e0 54 ac 7e 80 84 1e 2c 69 77 9d ae d6 3c 98 26 83 12 76 1e ad 55 12 ad f0 bb 4f bf d1 e5 e6 9b 72 bd ca 00 d7 14 09 69 d2 ab 20 8d 5b af 55 76 3b 77 ec f1 ce 8e 87 4c 21 36 cb d8 9f 06 27 a7 a7 95 f2 c4 7b 51 71 c7 95 e3 59 f9 03 b2 62 0f cd f0 39 8a 65 a6 b3 72 f0 fd 66 31 0a d6 bb ca 99 bb a0 3c 0c 10 a9 6e a9 00 8f 92 7b 19 85 13 a7 56 71 7f 63 4b f6 94 ef 6e e4 0f 51 34 0f fc a5 bb 96 03 7c f0 a8 e6 fa 09 b8 97 d1 26 09 06 a5 30 ae fa fa fc 01 74 72 63 b6 8e 96 7b 77 b4 a7 11 75 b8 a4 4d 2c 86 7a ca 63 10 b4 68 a1 0e d8 4a b9 74 99 54 c3 68 5c 8d c1 48 04 55 6c 32 9c 7e Data Ascii: W]]R<n'O*4yB:&b=y"Ci{7T~,iw<&vUOri [Uv;wL!6'{QqYb9erf1<n{VqcKnQ4\|&0trc{wuM,zchJtTh\HUl2~
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 01 85 ed 33 2a d0 e8 36 68 0c 48 24 8d 0c 8f 80 76 14 fd a8 37 7a b5 3e aa 6c 50 a5 d3 6d d6 91 b8 c0 cf 7a b7 db c6 b6 21 29 01 7a 6a 65 a5 04 2e 84 03 ee 63 f7 d4 7d ef be 70 7f 75 df b9 af dc b7 ee b9 fb d2 fd c5 7d e3 be 96 0d a5 af bd ce 1f 48 81 a1 97 da d1 c9 74 c7 83 b2 e4 05 49 26 71 00 f3 5f a4 55 94 42 22 d8 e1 e3 d3 a7 b4 34 35 41 6a 8f f5 50 94 32 c1 73 fa 3b 28 91 88 99 94 15 93 d2 23 ad 6f 39 bd 59 8c a2 f9 93 27 c1 07 f9 e5 e1 22 04 dd 4a b4 3e fb f4 29 f8 50 fa f6 5b fd 5d 3a 23 7d 0d b5 f3 68 b8 96 e6 23 17 0a 21 d7 07 8d f8 70 06 35 13 6e 89 73 5c 4e 8f 93 f5 0d 8d 96 d6 70 b8 c6 c9 3c 9f d3 58 bd 25 18 56 97 f5 06 3c 19 d1 9e 94 d7 15 c8 e0 d7 6a 26 c7 68 a4 be 33 9a 9b e3 47 40 dd 72 34 c4 69 4e 8d ac d1 c8 24 5a 06 a4 af 59 8a 0e 2d Data Ascii: 3*6hH$v7z>lPmz!)zje.c}pu}HtI&q_UB"45AjP2s;(#o9Y'"J>)P[]:#}h#!p5ns\Np<X%V<j&h3G@r4iN$ZY-
2024-10-24 09:44:04 UTC	283	IN	Data Raw: 9b 5b e8 59 37 b7 0f 0b ef 85 0b 59 d0 59 85 0d 57 c6 b3 00 a6 64 9a ca a8 71 bc 0b fe b6 09 21 d8 35 d7 3f 87 61 42 66 66 a7 6f b5 0a fc f0 34 4c 09 b9 da e9 4f c2 73 96 85 03 86 a7 20 e8 09 ba 5d 29 33 00 85 3c d9 af 98 6c b9 ca 25 53 0f bc 91 b1 6f a1 f3 d7 d8 0a f1 e8 54 13 f1 f3 b2 35 58 11 cb 89 05 cc 0d 2e a5 37 c3 d7 d9 4b 29 d1 64 4c 0b b4 4b 04 e9 cf 63 c8 df 60 3a a1 25 d0 19 63 99 2b 67 31 82 96 67 02 b9 fc 32 c0 1f 28 65 60 37 76 0d 0d 8c 92 22 a7 66 26 c6 c0 e6 4a db af a8 14 9c 5c a5 67 4f e3 79 94 38 c4 17 0f 4b 20 60 33 a0 39 ae b3 50 a6 50 3a fe 48 3b f2 47 9a de 33 8e 7d 0d 53 e1 6c f5 ac b9 8f cc c0 0c d8 6a 95 c7 95 9d 47 66 18 22 8b 5e 66 ec 3e 56 49 b5 ad 64 cc 19 8c d4 2b 7e 3e 87 f5 58 00 39 aa a8 6c e4 53 36 81 2c e4 9f 78 e2 b8 Data Ascii: [Y7YYWdq!5?aBffo4LOs ])3<l%SoT5X.7K)dLKc`:%c+g1g2(e`7v"f&J\gOy8K `39PP:H;G3}SljGf"^f>VId+~>X9lS6,x
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e1 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 31 0d 0a 11 0d 0a 33 63 30 36 0d 0a 40 10 2c b6 7f 28 13 78 a4 a5 b8 25 9b 8f de eb e4 dc 18 07 c4 99 c2 cf a5 d9 41 e0 91 39 43 e5 39 0b 73 05 6b 44 f3 97 c3 1a 7f 0e 4b 33 e8 f0 f0 df 6a b8 9c 46 0e 6b 8c 68 41 56 5a 95 b4 b8 81 82 c2 d2 d8 60 87 c2 96 08 25 8e 56 cf ec 35 b1 95 85 94 8d 4b 47 b4 bc 78 26 04 8d ce 06 1c 51 d0 a0 44 0b 07 4a 2c a0 e9 bf 45 d1 05 2e 21 71 b4 59 e3 24 05 c6 48 79 e7 3d 8c f3 1c 82 1e 2e 19 31 2e 23 c1 12 67 27 6c ef a0 49 c5 d9 bb b7 b2 03 71 fd 8c 0e 1c d5 e6 8b 9f 5c 10 ee e5 24 f4 97 89 f3 7a 39 06 11 c2 0f 1a c9 12 56 8d 49 e0 2f 5c 27 48 c6 1e 1f ca 57 d4 11 6e 33 63 c0 00 1b 88 ee 2f 3e 2d 82 e3 5f 82 80 d3 2d c8 73 fe 14 5d 05 10 6d Data Ascii: 00000001000000010013c06@,(x%A9C9skDK3jFkhAVZ`%V5KGx&QDJ,E.!qY$Hy=.1.#g'lIq\$z9VI/\'HWn3c/>-_-s]m
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 70 3e 29 c4 c1 9c 2c e4 d9 8f 1c c6 b8 52 ed cb 41 40 36 95 34 1a 4d a7 ae 42 30 bc 57 1e 10 05 c2 43 b2 2b 01 91 3d ce 25 a2 c3 b9 3f 0e 48 7c 08 a3 50 18 bb 8e d9 4f cb 4b c2 04 7a 90 04 92 f2 a5 7f f9 3e 02 25 a1 35 92 96 49 6b 21 8b 7c 0c 5a 06 03 76 48 fb 56 be c8 69 c1 fd 06 30 3f c1 b5 61 99 bc 0c a6 fe 66 9e 94 b5 69 2d 0e 14 c1 8a 63 28 9d 6c 92 42 ca 3c 95 b2 17 c6 eb ca 0e 32 42 48 89 31 8c f8 7d a4 ce 89 47 5a 03 a6 90 46 1d 70 0a 1c 54 d4 cb a3 0d db c2 41 aa 94 b0 f3 45 b0 23 c4 11 0a 6a d7 92 be de c0 4a 1f 03 16 8f 0f fa 10 bb 7c f9 86 24 2c 99 1d 35 b1 a9 0e 11 2c e6 13 95 c6 93 37 a6 e6 19 7f 4c 95 1e df 60 0b 02 75 1e 41 21 69 70 0f 27 27 d4 44 8f 8c 72 53 40 0e 35 e4 93 27 11 4e 08 11 24 31 79 c2 3d 37 18 44 5e 41 08 07 6f 41 f8 7d a5 Data Ascii: p>),RA@64MB0WC+=%?H\|POKz>%5Ik!\|ZvHVi0?afi-c(lB<2BH1}GZFpTAE#jJ\|$,5,7L`uA!ip''DrS@5'N$1y=7D^AoA}
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 39 2f 31 f6 31 ec 6c 35 43 26 7e f0 6a 9a 66 7b 2c 12 f2 0c c2 d9 22 57 73 83 f8 3a a1 1a 22 a6 80 5c f3 75 1e 7c 71 99 0f d4 df df ea 84 7c c1 9c 06 56 1d 7d d9 51 a5 c2 4c 3d 4e 61 74 82 89 20 88 be 73 ca 57 46 c0 20 49 59 51 44 56 3f 09 83 b0 7d 34 44 93 42 5e 65 7d f4 15 34 d4 cf b3 54 c9 2e 6c 93 d0 5f 00 ee 5f 08 dc 3c 3d 2d 99 35 27 17 b6 a8 d1 90 67 84 d1 6f 50 ef 8d 20 91 2d a3 7e 89 e4 97 92 bc 03 d3 33 21 01 2d 91 4b 96 89 dc c6 d0 53 81 b5 c6 2a e1 ea b5 56 95 6e db fb 07 a4 6f 41 20 13 96 20 d7 f4 0b 66 42 31 ef b0 fc 8d fe 15 43 31 fd a6 43 d9 1d 7f cf 76 e5 23 ef 3f 70 ad 38 73 ff 62 fb b8 88 f8 33 75 80 90 a2 3e 15 c9 38 bf 9f 32 45 27 17 8a 4c 75 2d 09 fa ec 06 d2 db fb dd 4d a4 0e f8 99 31 14 24 f9 9f dd 92 2d fc bf bb 91 fd 9e 2e 99 a1 Data Ascii: 9/11l5C&~jf{,"Ws:"\u\|q\|V}QL=Nat sWF IYQDV?}4DB^e}4T.l__<=-5'goP -~3!-KS*VnoA fB1C1Cv#?p8sb3u>82E'Lu-M1$-.
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: a1 20 db 0b a8 f3 42 c5 1a 92 c5 cf 64 68 69 33 b4 72 11 74 1b c5 c0 41 1c 94 0a 42 4c dd d1 33 e2 13 6e 43 a7 cc 94 8f 78 ce 98 bb 32 07 b6 d6 2e 07 66 98 e3 49 54 d3 c2 4c 79 55 d3 ff ec 69 8a 78 e3 58 47 2c a2 9d d0 ba 15 72 19 d3 64 d5 1c c4 86 ab 7d 16 ca e9 82 82 5a 2a 1f 09 a5 1c 49 b3 ec cd 6f d9 3b 85 13 a5 b1 56 76 15 ef d8 12 8d f8 41 e8 32 8c 5d af 32 3d b0 5a b3 54 b9 30 c5 d1 f6 bf e4 8a 8f 35 3a a7 dd 75 be 98 b4 6d eb 5f 14 5b 2b 4d b0 2d 19 bd 04 45 b9 24 8a c2 d0 c3 14 f5 0c a0 a9 27 69 b6 d5 a7 25 87 8c b4 b9 48 94 e9 4f b9 ae d7 dc 66 2a 2b b7 74 68 e2 11 44 d4 2b 5c 5c 38 f1 7a 8c 90 7f ca ca 9c b4 b8 f0 9d f4 c0 c9 42 ff 0b 77 49 36 96 43 b0 33 a6 60 b0 ef b2 94 45 a8 0c db 1e 04 c6 5c c2 f3 c1 04 f2 92 10 ae 50 1a cf 49 61 c5 12 6b Data Ascii: Bdhi3rtABL3nCx2.fITLyUixXG,rd}ZIo;VvA2]2=ZT05:um_[+M-E$'i%HOf+thD+\\8zBwI6C3`E\PIak
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 52 c3 98 24 f2 84 c6 36 a2 48 2a ca c8 0b e7 9f 91 6a ea b7 72 d2 f0 95 72 19 83 73 12 2e 5f 64 3a eb 90 1d 08 77 a2 3d 7e f5 20 e4 1b 77 2b ed e9 6e cb d5 60 2b 09 5d 10 07 a9 30 17 b4 6c 45 6d 4c c7 a3 d5 6d 9b d1 aa c6 9f 1e 1d 6c 9c 2e 75 f9 c1 a6 56 72 6a d0 19 b0 c9 07 01 74 4f 72 0a 3a c9 d4 23 81 23 55 90 68 5b bb 17 1c 63 51 8e 54 02 ce 09 bc 41 10 18 05 61 0f 0a 85 e4 a1 27 65 2e f8 8a 74 46 88 c1 65 40 0f 81 25 e4 2b f9 26 94 50 d2 58 19 ea 6a 20 87 4b 8b 1c 46 76 74 1b 9f c8 e1 12 96 d4 07 82 1c 73 58 3c d2 61 8f 6d 6a 48 40 48 c9 da a1 ba 96 ea 39 53 bb 60 ce f2 5b 1b 50 ab f3 f9 23 48 57 eb f3 db d0 2b 5c 6c 41 db 19 1c c4 3d 8e c3 6a c3 33 b3 92 69 83 87 63 bb ee 6b 9a 1a 31 11 5e 89 42 7f ee 29 01 d3 87 79 c0 c7 c4 d5 3d 8f 09 84 63 6d 36 Data Ascii: R$6H*jrrs._d:w=~ w+n`+]0lEmLml.uVrjtOr:##Uh[cQTAa'e.tFe@%+&PXj KFvtsX<amjH@H9S`[P#HW+\lA=j3ick1^B)y=cm6
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 79 e9 ec be db 36 73 f7 74 dd be 82 a5 7a f7 a0 99 3a a1 07 09 57 7b fd 36 99 d4 c2 04 dd 43 4c 7f 79 0f 1e 46 b2 ea 3d 78 a4 85 70 84 28 43 c2 53 39 86 4c 9a 1f 9e 47 f4 81 89 5b 1a cc 22 48 d1 b6 7f 5d 3a 0e 69 1c e7 fe cd 00 d6 e8 74 46 54 47 f3 68 fc f1 98 72 70 ea 20 5a b9 83 ce f0 ae b7 50 05 32 bb d1 ef be a8 e7 bd b9 a8 66 83 07 08 ff 49 71 d8 2f 03 4e 26 76 13 5a e2 39 f4 05 f0 6d 18 38 72 cf 41 d6 ee af 4b 1e 42 f9 03 3c 06 10 df f4 ac 92 1b 0c 85 f6 95 72 1e f5 29 b9 d0 34 49 74 99 01 fb f7 3b 0d bc a1 8e 90 04 14 4c 34 44 68 75 e9 53 3f be 77 70 d8 32 07 e8 ac 5c a7 81 97 1b 2b 3c 52 15 b2 f1 b7 55 82 36 62 2e 50 b8 0f 94 30 e7 6f a1 00 9c 52 64 9c 58 26 b0 25 30 33 dd e6 5f 0e ac e8 f1 54 34 1d 75 00 24 c2 6a c2 7d b4 36 09 2e 64 88 a8 8f 02 Data Ascii: y6stz:W{6CLyF=xp(CS9LG["H]:itFTGhrp ZP2fIq/N&vZ9m8rAKB<r)4It;L4DhuS?wp2\+<RU6b.P0oRdX&%03_T4u$j}6.d

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
121	192.168.2.16	49886	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	675	OUT	GET /gui/5796.a9e8212a1628cbdb8bce.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: b7ff93356e9dd477c564f3cd6795b01d Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:44:16 GMT Expires: Sat, 18 Oct 2025 08:44:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521988 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 31 0d 0a 77 0d 0a 30 66 66 32 0d 0a db 46 b2 ee fb fe 15 30 93 f1 90 d9 00 4c 52 a2 44 52 a6 1d 47 b6 33 5e 63 27 b3 7c 99 7d d6 f6 78 39 20 d9 14 11 93 00 0f 00 ea 32 34 ff fb f9 aa aa 1b 68 80 a0 a4 44 9e 97 b3 14 c5 36 d5 97 ea ee ea ea ba 77 b3 b1 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001[001w0ff2F0LRDRG3^c'\|}x9 24hD6w
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: af de bf 3a 7d f6 da b5 9b d7 37 fd db ab 9f ff a6 9b 5d 04 49 14 46 67 9e 5a ae e6 41 1a a6 f5 1d de bc 78 fe ea c3 9b af 5f 65 b9 66 e0 32 88 fa 9e af 7f fd 1f dd 8c ce 4a 7d 9b 57 bf bc fc 55 37 d2 27 a8 be dd bb 0f a7 a7 2f de bd 03 86 4a eb d7 5c e1 63 a9 f0 eb d7 06 0f f8 49 da da 3b f4 a0 5d e1 33 4f 63 3f 8a d1 3b 3a 1b f2 61 94 83 36 c6 41 1b 57 0f 9a 75 62 98 a4 2c 62 db 77 02 70 3c 8e 40 7d 16 3d 95 28 71 2a bc ae a0 45 a1 63 d0 5c 00 6e 09 da 7d 0f be fc 3c be 88 de 82 a1 65 b4 d6 5d d6 59 bf 80 29 16 30 ad 2e c0 30 83 40 98 6e c1 2e 82 71 1a 2f 70 d2 9c f1 99 37 8e a7 57 e6 44 83 a7 78 6d 67 1c 67 59 bc c4 07 f0 25 af 5d 39 4c 1a d6 ee 12 5a ad ed f6 04 4a 00 b0 9a fa 2b 2d 2b 71 7a 48 1e 0e df e1 68 47 67 db d6 27 77 4d 75 59 4c a5 6e c3 10 Data Ascii: :}7]IFgZAx_ef2J}WU7'/J\cI;]3Oc?;:a6AWub,bwp<@}=(q*Ec\n}<e]Y)0.0@n.q/p7WDxmggY%]9LZJ+-+qzHhGg'wMuYLn
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: ae 13 b3 ee f7 ba 6d 98 da 0b 72 a9 1f 75 7b fd 01 bb d4 c9 67 4f 1f c4 9f 8e 0f b9 0f 9e 05 05 55 1d b4 3b 1d 72 c6 4f 00 04 0e f8 43 78 eb c7 f8 d8 ed 1d c2 47 ef 4e 09 f4 61 a7 07 bf fd 8a 3e f6 07 03 40 9e e3 e3 61 bb d3 87 a0 58 e3 63 a7 77 78 d0 69 c1 b8 04 84 a3 01 95 9e 51 83 5e f7 10 a5 4b 2a 65 db d4 9d 51 e9 61 bb 87 21 ae f0 f1 b8 d3 ee e0 e3 05 95 0e 7a 6d c0 bd c4 c7 4e ef 18 0b 61 33 f6 8b fb bd fb d6 7d e6 3e 77 df bb af dc 53 f7 9d fb c6 fd c9 fd ec be 70 7f 76 7f 75 3f 14 d2 e8 f7 7b 69 f4 8d a4 d1 cb 8a 34 ba f2 9f df 36 12 90 aa 20 99 cc df 21 d4 04 8b 60 12 2f e8 ac c3 9f aa 39 19 fb 42 4e 03 f8 b1 61 c6 0a 73 4b 95 7a 86 a8 8c 89 1a 68 c7 d6 fb f8 39 14 c7 05 84 98 69 37 4d 82 0b 95 bc 89 a7 80 4b 60 1a d7 cb b6 d4 f6 c5 7f bc 80 6c Data Ascii: mru{gOU;rOCxGNa>@aXcwxiQ^K*eQa!zmNa3}>wSpvu?{i46 !`/9BNasKzh9i7MK`l
2024-10-24 09:44:04 UTC	393	IN	Data Raw: 80 59 3a 83 34 c2 95 fc 26 c8 67 e2 1c 9d 2f 70 23 7f 19 7d 10 bf 09 52 5d d4 25 30 3d 25 ed ce f1 99 ce 4d 82 cb 54 e7 8d 41 a2 8e 1a a4 e3 39 48 13 23 79 e9 08 23 c7 79 5c 2e d7 11 96 eb 14 e7 3c 05 d1 06 99 a4 f5 30 fd a6 57 e9 12 5e 2b 76 c6 a7 0e b0 4f d9 40 53 e7 3c 0c 90 9b a5 26 6b 12 d8 04 98 b8 02 e1 cb 81 a8 85 f3 06 29 6b a8 8a ae 48 11 0b 1c 9d 7c d3 40 1a 0e f9 9c 41 fb 66 92 64 8c 05 2b 0e de 50 12 0d 11 28 f9 d0 c8 4a d3 51 3a 93 d2 63 6f a1 0e 5f 1b 0f 33 72 79 8a 00 9c 81 6c 94 20 f0 04 a8 69 a6 f4 47 cc 11 bf 1a df be 2e de 3b b4 e5 e9 d3 42 82 02 77 94 dd a3 fd 72 56 03 ad 3c 7b 92 b1 d0 70 9e 22 d0 3f 55 c0 3d c7 80 30 84 84 e1 b5 1b 90 32 93 1c 7f ac 70 ae 15 b1 2e 72 9e e5 93 64 ef 96 e9 f8 4e 29 07 4a b9 49 4e aa 3a 02 8d 6f 8f 4f Data Ascii: Y:4&g/p#}R]%0=%MTA9H#y#y\.<0W^+vO@S<&k)kH\|@Afd+P(JQ:co_3ryl iG.;BwrV<{p"?U=02p.rdN)JIN:oO
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 41 0d 0a 30 30 30 30 30 30 30 31 0d 0a fc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 88 0d 0a 30 30 30 30 30 30 30 31 0d 0a 86 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 06 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a ae 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 71 0d 0a 30 30 30 30 30 30 30 31 0d 0a 30 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 31 0d 0a 83 0d 0a 31 61 39 62 0d 0a b7 98 40 4e b3 35 9d 4d 96 8d e9 6c 1c d2 94 e3 16 c5 17 49 b0 2a 16 69 13 f0 8f 36 a5 4a Data Ascii: 0000000100000001A00000001000000010000000100000001000000010000000100000001Z0000000100000001L000000010000000100000001q000000010000000010000011a9b@N5MlI*i6J
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: a1 08 ce 8f 38 e2 e0 a1 a3 45 a5 ef bc 47 68 c3 49 25 d3 c3 a1 ac 32 f2 6d a2 37 1d fc 4b 8a f0 24 e4 56 e3 32 86 06 af a6 8c e7 37 e0 da 24 a7 2a e5 8a e7 db c3 6d 3c dd 3b 25 61 6d 39 5f 34 37 31 8a a4 31 2c 8c 54 2d 30 71 47 61 20 13 4d 6b 59 e3 4d f2 e0 ba be b7 14 09 d7 81 b8 b5 54 b8 0e c8 8d 82 e1 ba ce bb b2 a1 71 6a 6d 36 6d 3e 77 a7 b0 8d ec 74 83 e5 8e 25 3b 76 c0 5b 91 34 88 0f c3 ef 83 11 ec 39 01 9d da 4e 0a 96 30 72 bd db 56 f7 5f 80 2d bc 60 b6 60 e9 77 7a a8 8a 3f 99 8f 14 b4 79 c3 65 23 e1 6c 3b f3 b2 18 2d ee c2 14 ad a3 62 5e 76 13 c3 ff a2 3c ca 64 d9 45 3f 63 7a 3f ef 9b 9e f8 37 6d 4d cd d8 c0 b5 f1 2c be 1d 62 c1 fe 15 b0 7f 05 6c 44 e4 0d c2 24 b6 fa 1b 05 e3 b7 27 bf 73 62 66 48 09 97 7c d9 dd 5c e0 93 c0 16 25 63 be b4 93 31 4d Data Ascii: 8EGhI%2m7K$V27$*m<;%am9_4711,T-0qGa MkYMTqjm6m>wt%;v[49N0rV_-``wz?ye#l;-b^v<dE?cz?7mM,blD$'sbfH\|\%c1M
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 77 1a 89 6c 35 c1 ea 0d 25 7d 52 74 07 4c b6 0e 40 4e 01 66 af a1 fb f1 ba 8c c8 ef 9a 82 32 89 40 2b d4 10 25 fa c0 77 4f 05 b3 ba 21 eb a3 a4 b5 ec b6 cb c3 4b f5 5b 41 f3 b4 a0 16 ad bf e9 64 0b b0 4f a0 d8 9d 0b 22 11 32 af c5 a3 d6 a2 6e 5a 4e 75 63 6f de d1 ef 2c 73 49 b0 51 28 fa e6 cd 33 de 0f bd 3f 9a 89 15 67 b1 df cb 35 78 32 2c 6e cb 57 4b e3 6a 6e 24 8f f4 78 7c 34 65 2e 85 a5 b3 a3 06 54 ce 7a 1d e3 2a de 71 bb d5 ac a0 ee 91 e0 d7 96 50 9d a6 0c e1 93 ab bf 95 01 f7 62 7e e7 f4 5a 80 f7 f3 c8 0a f4 db 12 1e 51 6e 29 96 28 68 ac 2a 3c a2 bb 91 06 c5 1d e0 1a d4 02 8d 11 c0 66 92 28 bd 6b 7a 0a 64 82 bb 34 ba a9 e1 64 11 07 02 05 78 49 e7 a2 b7 49 ec b6 d8 36 76 3e a7 d2 b6 74 34 21 35 eb 9a d6 4f 19 56 4b 16 96 98 b1 e3 d4 28 ac 15 19 2f b6 Data Ascii: wl5%}RtL@Nf2@+%wO!K[AdO"2nZNuco,sIQ(3?g5x2,nWKjn$x\|4e.TzqPb~ZQn)(h<f(kzd4dxII6v>t4!5OVK(/
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 5a c8 42 08 57 4d eb 85 41 24 9b 73 00 96 4a 0c f0 f0 d0 82 39 46 24 aa 90 84 dc 05 c7 63 df 56 1b 06 98 8f 97 b3 a6 72 4d 0d 35 14 5c c3 cc f5 e0 e8 60 72 68 58 68 7e ac b8 56 fa f7 0e 5d 84 9b 20 07 b4 24 2c 40 c8 ac 07 b3 60 36 96 b5 d8 55 7a f6 87 10 06 30 65 e8 2f ad 92 94 6d 2a ac fb a8 7b 34 e9 6b 6c 94 2b 05 c6 a0 0f 79 d2 a6 bf 8c d0 c8 5b f1 0c d4 44 a9 59 b5 7f 8e 3e c2 75 f7 00 bd bb 06 e3 14 54 44 64 cc 60 cf 18 21 4c 46 d8 dc 2f a6 a2 b4 8d 45 85 4c aa ba 8d 5c bf 13 d7 28 60 72 7c 24 87 6c cb 79 ee 69 55 0b fc 1d e1 cc ae 2a b3 69 b6 3e a7 13 73 20 6f 4c ad 4d 7e 45 ad ec 96 9a 8d 95 de 08 cd 6b 8c 6f 0b 0e 09 7d 92 d8 47 a0 ed 6c 76 22 94 2a cc 28 aa a7 06 86 1f 6b 50 42 35 12 69 5e 93 ab 67 28 87 96 b8 91 fc ef 77 8e 7b f9 01 e4 71 88 01 Data Ascii: ZBWMA$sJ9F$cVrM5\`rhXh~V] $,@`6Uz0e/m{4kl+y[DY>uTDd`!LF/EL\(`r\|$lyiUi>s oLM~Eko}Glv"*(kPB5i^g(w{q
2024-10-24 09:44:04 UTC	1406	IN	Data Raw: a5 64 41 40 f6 de c7 5d c4 a9 28 1e 1d 1d 8f b9 8f bb 98 e0 90 91 3e 79 58 26 b7 bd ef e3 2e 7f 32 ee b2 5e 18 a7 9a c7 57 3a 28 60 b8 45 a1 95 d0 dd 86 0f 96 ae 43 e1 b0 f2 05 2b f6 43 e3 a6 54 d1 ca f8 2e b7 81 76 33 94 7d 5b 65 3e 67 bb 3e b8 46 6f 22 62 e0 48 78 10 b7 45 1e 91 90 f0 43 20 96 bf b8 5c ca d0 ac 28 26 57 54 82 cd ad 6d c0 f7 2f 3e d2 1b 44 9f 5a f2 99 df e6 c2 45 cd fd 55 7a 3c 71 7a 98 88 45 ed d4 ee e3 56 3a be 76 1f b7 fa ff 3c 6e e5 e3 bb 7e e5 04 d2 97 fe f2 61 33 57 c1 e9 35 01 f0 0d 61 cf 3b b5 c8 57 b2 33 18 f2 7a 56 94 8d 3e 8c f4 d3 4a 77 39 7c 85 2b bc 48 c0 e1 1a ad 72 e7 d0 ac 83 6f f1 04 9d 70 57 6d 8c a0 11 3d 36 91 c7 da cb fc aa 32 12 25 ad 80 69 61 0d ad 93 dd 68 13 05 94 87 7c 2b c2 60 83 f9 68 95 69 b6 4f e8 dd 26 b9 Data Ascii: dA@](>yX&.2^W:(`EC+CT.v3}[e>g>Fo"bHxEC \(&WTm/>DZEUz<qzEV:v<n~a3W5a;W3zV>Jw9\|+HropWm=62%iah\|+`hiO&
2024-10-24 09:44:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
122	192.168.2.16	49887	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/33274.186e9fb49d3ce6fbe3b3.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 176283c03f778ef3ad20b4382abfce2f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:01:14 GMT Expires: Sat, 18 Oct 2025 09:01:14 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 520970 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ac 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 31 0d 0a 36 0d 0a 30 66 66 30 0d 0a ae fe be bf 42 d5 b6 59 bb 2b 69 74 b1 64 4b 13 67 37 99 24 4d da 24 6d 73 eb ee f6 e4 69 65 99 b6 d5 91 2d 57 92 e7 92 89 ff fb Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\00000001k000000010000000100000160ff0BY+itdKg7$M$msie-W
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 86 66 c0 4c 76 9d 89 12 a5 c8 3a f4 6c 43 58 9b 55 19 cf c4 d9 9b 37 fd de d4 7a d8 df 6e d6 53 e4 9c f6 72 d9 d8 50 c0 69 2f b7 16 71 d9 d3 95 08 3a 54 d5 16 09 8a 6b 7f b6 0b 97 52 a1 e8 37 52 fa e7 a8 ec 1e 71 bf 6f ec 33 17 25 b1 a7 5e f4 d5 78 dc 2b c6 6d ce a2 44 d2 45 9e 4e 35 1b 89 c5 bd 7b 85 6a 4e 6a bb 36 e1 9e 08 aa 47 f6 56 b7 79 7d fa 24 79 a1 bb ae 3e 7d 5a 59 e8 26 4f e2 64 d1 eb 61 04 30 b7 5b 72 e7 7d fc d9 16 68 41 b4 d0 9e 0e 17 d5 32 eb f7 b2 4f 9f 7a d9 78 f9 bb f6 f5 8d bd fd 7d bf d9 1a 89 fe c1 4a 97 19 26 c8 30 41 86 fb d3 f4 42 e3 1e 32 d6 17 68 ae e4 5c 4b a9 57 98 45 7e a9 3f 60 76 da fd 13 10 3d 00 57 d5 df ce c5 75 79 b8 ce 7d 6b 19 af 7b a8 85 51 60 be 68 15 f7 1c c5 3d bf 55 1c 7a 94 56 e4 1b 54 69 6a 26 69 91 64 42 9b 9a Data Ascii: fLv:lCXU7znSrPi/q:TkR7Rqo3%^x+mDEN5{jNj6GVy}$y>}ZY&Oda0[r}hA2Ozx}J&0AB2h\KWE~?`v=Wuy}k{Q`h=UzVTij&idB
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 8a 47 04 63 2b 4a 63 f2 23 c1 43 0f 7b 6c 74 32 c6 8f ec 00 7c de 13 ec 0f 07 2e 5a e5 6b 82 b1 6b 77 20 ce 33 c6 63 60 20 ef 2b 82 03 3b 24 f5 3f 21 18 03 92 3a c0 0f 04 63 43 4e d5 fd 89 f1 e8 4f e8 6e 04 fa ee 30 04 f9 9f 04 07 f8 03 92 ef 08 46 87 09 51 93 ef 09 c6 5e 35 04 fd cf 04 83 cb 08 34 bf 10 ec b9 01 b5 ca bf 08 76 ed 11 4a fa 37 93 60 a6 01 fa 3f 4c e2 60 fb 8f 7e 57 80 64 18 62 10 a0 df 11 8c 0d 2e d5 7c 45 30 2a 4b 52 c2 a0 22 a5 0d a8 4f 25 04 07 e8 5e a8 6d 45 b0 33 0a 47 e0 59 12 8c 1d 2d 75 9e 94 60 6c ce b9 df 11 ec c3 2f 00 fc 94 61 df f6 91 37 23 d8 f3 b1 1f 46 27 24 38 08 7c 9a ad 9e 13 0c f7 0b 75 ce 35 d3 d3 f8 5b 30 85 3f 22 e9 97 4c 31 44 c3 a1 0b 12 0c e7 0b 8d b6 0d d3 d8 18 b1 e8 82 4c e3 c0 e5 81 2e 48 f0 00 9b 75 e0 2f 09 Data Ascii: Gc+Jc#C{lt2\|.Zkkw 3c` +;$?!:cCNOn0FQ^54vJ7`?L`~Wdb.\|E0*KR"O%^mE3GY-u`l/a7#F'$8\|u5[0?"L1DL.Hu/
2024-10-24 09:44:04 UTC	420	IN	Data Raw: f8 42 44 df e5 f0 ec 5f a8 76 2c 45 5c 24 0b 38 3a 2b 4c 03 98 eb 7f 46 22 a3 5e 4a 0c 67 d3 15 15 7c 91 05 68 fe 55 d3 bc a3 6f c9 98 f3 44 df d7 29 0a 49 27 2a 50 58 f4 6f c2 ab 0f 95 54 55 18 a2 65 f4 1f 4a 91 b0 4c 80 45 26 a2 1c 6e 2f 02 24 2a 9d 2f e3 a8 00 8a 00 85 e2 51 15 ad 08 c9 60 1b 2d ed 8d 5f 6a 59 de d4 43 10 56 08 93 e9 25 f4 67 3a 66 08 d3 15 0c f0 e1 84 32 3f 69 58 48 94 a2 ac e2 82 16 f4 8c 26 ea 12 29 f8 7e ca 9f 32 03 3e a3 4a a2 55 86 cd 44 19 00 29 d0 9b 09 88 6b 4d 6f 26 d3 b4 80 42 f2 e2 da 94 86 af 32 f6 62 a6 6c 12 e1 8b cb 2f 5b 76 5f 79 19 af cd 45 5e a4 1f f5 68 0a 52 7c 3e a3 2f 2e b0 4a 97 82 d6 91 28 2b ac 1a 6e 12 30 d6 a2 89 c4 03 94 02 12 51 6b 00 ad 65 f2 de 08 62 92 e8 b9 4a 91 dc 0a ac e0 d1 02 28 02 24 ea 32 ad b0 Data Ascii: BD_v,E\$8:+LF"^Jg\|hUoD)I'PXoTUeJLE&n/$/Q`-_jYCV%g:f2?iXH&)~2>JUD)kMo&B2bl/[v_yE^hR\|>/.J(+n0QkebJ($2
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 4b 0d 0a 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 81 0d 0a 30 30 30 30 30 30 30 31 0d 0a 64 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 33 0d 0a 30 30 30 30 30 30 30 31 0d 0a d8 0d 0a 30 30 30 30 31 32 33 38 0d 0a 19 3e 99 e0 3a 2e e2 e8 4d 61 d1 af cc c1 cb a5 ea 6b 6a 6b a2 d6 50 ee 63 cd f6 04 46 f5 4a aa ad 8c ce c8 c4 ae bf 98 4d 3a 2d 23 41 a5 f1 e8 d9 6e 71 6e 0c 3f 5f b7 d3 b0 d9 ef 49 bf 66 6b 03 d8 72 20 4a df ce d6 60 97 60 27 af 7a 03 a7 38 d5 9f 07 f8 b0 3f b1 93 4f 7b d3 a7 78 b5 51 07 f8 b1 53 b2 9b 1f ed 1b 49 39 cc 2c 41 7e 3a d2 16 ca 81 9b 8c e1 63 27 5f 10 1d 97 5b e5 c5 Data Ascii: 00000001K000000010000000100000001X0000000100000001d00000001J0000000130000000100001238>:.MakjkPcFJM:-#Anqn?_Ifkr J``'z8?O{xQSI9,A~:c'_[
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 74 f2 a9 4f 6f ba 45 13 ab 0b 91 e1 14 45 4e 31 01 85 ee 74 73 db 9d fb 74 33 84 69 f3 72 47 07 e3 86 a2 7e ba 59 d6 87 44 aa 31 9a 43 a3 03 55 1d 50 cc d0 11 4e ea 6c a9 e1 a4 be 0f 70 e2 88 a3 6e 4e 77 0f a2 6a 9e 77 53 0e 70 e7 18 a6 4e ee fb 27 58 cc f8 bf b5 ea be c0 74 fb ff f4 91 91 59 41 56 80 6f e1 be 8c 35 7a ef 5b 4e 62 9b e4 ea b2 ad 81 e9 e0 ff 23 d3 59 f8 89 6d f9 86 4d 5f f8 07 88 3c 60 30 19 86 ec e7 02 8f da c4 80 a3 6f 5d b3 84 47 0d d7 8e 6c cb 7b e6 38 09 58 7a 06 31 f6 f1 cf 55 bf 7e a9 60 62 4a b8 45 60 0d 51 14 0a 31 1c 2b 00 06 7e 39 fc 3a 56 f8 1e 3c 28 3b 98 c8 ec 75 16 b0 20 79 5c fa a6 7f 8d ff 0f 56 6a 60 0d ce 48 00 f2 cd 81 53 48 86 0e 7f d6 92 7d 3c 2a 3f 1c 81 b8 37 64 0d 3a 84 7f 1f 5a d0 0b 8e 55 58 47 56 08 31 59 d4 85 Data Ascii: tOoEEN1tst3irG~YD1CUPNlpnNwjwSpN'XtYAVo5z[Nb#YmM_<`0o]Gl{8Xz1U~`bJE`Q1+~9:V<(;u y\Vj`HSH}<*?7d:ZUXGV1Y
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 62 c2 08 ed d2 df 16 1a f5 02 5a 04 f4 b7 85 1e 30 3a e1 3f 2d b4 cf e8 89 47 7f 5b e8 80 d1 77 24 1c 32 7a 30 a5 bf 2d 6a 3a b6 38 20 37 6e 02 02 ed c4 f4 57 52 e3 ba 0b a2 1e a8 f2 ed 46 2e 37 49 82 a8 22 62 d1 d2 36 5f 1d a0 06 1d 4e ea 8a d4 b1 92 fb ed 37 a5 36 2d 90 bb dd d2 aa 24 b3 98 4f 22 84 9f 19 1a 9e 08 d2 5c 67 24 e5 50 25 ca 54 3c 76 a3 39 78 f6 46 1b 2a 7d 71 e8 25 67 b4 91 82 77 7a 34 18 3d 32 a3 92 40 66 c4 05 59 a4 23 c6 4d 53 a9 52 12 55 26 5e 55 d2 bc 00 ff ea 5e 2b eb ce 6f 3d 98 78 1b 05 57 eb 53 aa b3 1d b8 93 a1 6a d7 12 cf c9 d0 ad b4 eb 3b 54 74 c9 d8 ad a9 a4 be ee d2 60 53 ed 36 03 07 37 33 e8 84 78 af 28 7b 80 1b a5 fb 35 b9 4d 83 1b a7 18 42 92 46 d5 e7 36 49 30 c5 13 46 aa 56 7c b6 70 a7 a0 76 0f a1 5e 7d 94 a0 6e 2a 3c ec Data Ascii: bZ0:?-G[w$2z0-j:8 7nWRF.7I"b6_N76-$O"\g$P%T<v9xF}q%gwz4=2@fY#MSRU&^U^+o=xWSj;Tt`S673x({5MBF6I0FV\|pv^}n<
2024-10-24 09:44:04 UTC	569	IN	Data Raw: d8 5a 6b 8c 1a bc 89 32 c3 e5 41 51 6a b8 83 0c af 43 89 40 5d b4 27 bd b0 b6 16 e5 8d fd cd cd 2e 52 d8 ac 9f 03 34 af d8 8c db b6 b3 ab 70 2b 84 f9 d2 90 bc a9 f2 1b 5e 9e 68 90 63 b0 d1 49 21 3d 75 03 d3 b3 7f 30 1b 62 91 2f a9 b4 5d a6 92 2e c4 e1 fd b9 ad 0f 74 3d a7 39 a7 3b 02 1e 61 6d 11 f8 d1 bc 05 47 a4 9a 78 88 e0 f2 a6 9d d3 b2 9d bd 82 db c4 97 b8 7d 7c 03 37 c7 37 4d 9f 5b c6 e5 79 53 dd 08 1e 29 fb 1b cd fe e6 f4 30 7a bb b5 e4 93 95 37 d3 14 cf f2 c1 bb 42 cf 46 9e d2 ff 70 39 93 6e d8 92 a1 82 0a 9e f2 5c 82 f7 1a c4 b2 8c e4 63 35 0a 45 4f 27 47 50 ba 40 4f de ca d7 6b d4 83 93 87 27 22 ed ab 74 49 67 88 f1 aa da 5a 7b af 55 36 32 b4 5f b0 6c 53 ab 06 92 3f ed f0 6c 9e 4a 79 6d e9 df 59 8d 79 4e bb 8b e6 01 d8 df 13 06 8f 5a 36 43 50 5a Data Ascii: Zk2AQjC@]'.R4p+^hcI!=u0b/].t=9;amGx}\|77M[yS)0z7BFp9n\c5EO'GP@Ok'"tIgZ{U62_lS?lJymYyNZ6CPZ
2024-10-24 09:44:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
123	192.168.2.16	49888	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/21928.84211e4ee5e5aa330648.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 32cdd6c55c815591ff09ef48ed8a11f2 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:56:53 GMT Expires: Sat, 18 Oct 2025 08:56:53 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521231 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 66 66 36 0d 0a ec 7d 6b 7b db 46 92 ee f7 fd 15 30 93 f1 92 09 08 f1 26 89 a2 4c 2b 8a e2 9c f8 ac 13 cf 5a 9e dd 3d eb d1 23 83 40 93 84 45 02 1c 00 14 25 cb fc ef fb 56 55 37 d0 e0 c5 4e f2 64 77 e7 99 a3 28 96 c8 46 5f aa ab bb ab aa df aa 6e d4 96 99 72 b2 3c 8d 82 bc 76 5a cf d4 6c ec ad d4 68 e1 07 37 17 d3 65 7c 73 9b 5f 2f a3 eb b9 1f c5 c3 cf 3c fb Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000ff6}k{F0&L+Z=#@E%VU7Ndw(F_nr<vZlh7e\|s_/<
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: fd a6 c5 87 bf c9 32 9f 25 09 75 56 f1 62 5b 28 88 08 7c 8b f5 df f9 47 7c 19 cf 7c f9 9d 4d f9 2f 55 3c 8e 89 da 31 2f 89 89 4f 94 4d 46 d4 8b 89 a2 06 27 11 35 32 61 5e 4f a8 8a 89 8c db f4 6f f4 65 9a cf a9 ed 68 84 96 89 5f 51 c0 c2 26 0a 68 de 45 01 27 8d a9 82 28 0e a9 b6 68 31 4d 62 a2 2a ca 28 c7 07 9f 1a fa b0 a0 3e 7d a0 cc 1f 78 68 6f 14 c9 a8 1b ae fa 86 e9 9e f1 28 ce 12 ca 38 5b 52 1f e6 dd 25 fd ee f1 e7 1e f5 63 8e 95 47 95 ce 7d 62 da 9c d9 3f 0f a9 f1 39 4f a1 79 44 7d 9b 27 9c 77 d1 a5 cf 8b 1e ff e6 3a 98 88 79 46 2d cc 33 9a 03 b1 16 bc 4c 7f c2 d5 25 21 0d 4b c2 95 26 21 65 4d 42 ca 9a 84 34 bd 12 1e e5 24 24 76 26 21 11 91 4c 38 4f 4e 44 2c fc 09 57 b8 80 c6 c7 37 ae 6f c1 35 2d 98 c5 8b 1b ca cb 33 6d 11 f3 47 19 c6 05 67 5f e4 54 Data Ascii: 2%uVb[(\|G\|\|M/U<1/OMF'52a^Ooeh_Q&hE'(h1Mb*(>}xho(8[R%cG}b?9OyD}'w:yF-3L%!K&!eMB4$$v&!L8OND,W7o5-3mGg_T
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 8e 11 86 63 44 c3 81 ad 19 21 24 d0 bb c3 1a 80 92 e4 46 59 4c 1c 61 33 a3 d2 82 24 e7 ae 6d 7a 7c d7 31 9f ee 4d 5a 85 3d f7 c5 f3 b9 9f 62 c7 d4 84 e4 67 59 5e ff ca 4f d3 64 85 41 7e 76 40 6d 4b 57 52 74 26 33 94 6b a5 4b 8a 46 c4 11 89 cb 4f 9f 20 e6 78 4d da 7a 53 0b dc c4 8b 13 3c 8b 27 5a 56 a9 61 f7 a8 75 b0 99 db cd b7 2a 78 36 ec 7c fa b4 99 ef 4f 9d e1 b0 75 06 86 1e 0e 5a 5a 08 97 f3 78 01 c6 2d 88 71 60 a3 a3 e7 ca 71 0b 03 6b a6 4a f7 10 5f c8 fa 10 45 51 8e 1d 66 3e 25 c7 10 b9 59 ad 4c 76 78 d2 5b cc a3 71 2f be 3e c3 60 97 5f 20 02 b3 f2 ab e3 3c 13 e6 72 bd cc d6 9a 73 1b a9 d5 f7 09 ad 14 a7 79 e8 b4 5b f8 bf e6 60 7a ff c7 b0 d6 ee d5 8a aa 64 79 21 fd ff 61 5a d6 1c a9 e7 df 65 ea d3 34 95 84 9f f4 f4 a7 94 24 8d 20 22 87 35 7f 89 dd Data Ascii: cD!$FYLa3$mz\|1MZ=bgY^OdA~v@mKWRt&3kKFO xMzS<'ZVau*x6\|OuZZx-q`qkJ_EQf>%YLvx[q/>`_ <rsy[`zdy!aZe4$ "5
2024-10-24 09:44:04 UTC	354	IN	Data Raw: c4 b1 5e 47 bf 48 96 36 db 00 03 60 5a 82 8b 4b 41 84 0e 5b 2d 3b 49 a4 9c 3a 5d 7a 4b 42 05 92 34 27 89 44 1a 94 a4 97 66 f3 cf 51 08 b7 ea 0a 1e 53 56 08 98 12 f6 10 99 09 60 d0 b0 8d 91 7b 97 5e 0d 73 8f e0 44 c6 cf 60 d8 02 39 84 14 56 e9 db e4 25 aa ad d7 c9 58 dd 53 e3 ae 76 64 08 36 5a 21 2d 5a 40 a1 6c 6b 12 10 ca 83 a1 35 b9 21 6f 6b ca 09 81 54 46 46 27 55 7f 5b aa 2c ff 0b 43 c4 75 b8 41 ac d5 4a 93 88 ec 78 00 47 55 a6 58 f3 0a 0e 64 72 c4 8f d0 b3 d4 74 6c 17 2b 21 6c a1 f1 40 37 84 6e 65 75 fc e4 93 17 3b a5 c9 ca fd af 3c c4 68 0a 1e ec b1 94 5f c3 e8 ff 11 28 55 f8 32 57 73 6b 7e 3f 79 52 87 da a4 40 07 03 44 d2 8c 90 b9 5f 83 f3 11 25 e0 5d 82 1a 51 9e 7c 1b 3c a9 d7 e0 66 4e 52 4e 86 a4 a9 d7 a0 d0 6e b1 fa d8 6f 49 ba 4b 79 a4 8c a0 43 Data Ascii: ^GH6`ZKA[-;I:]zKB4'DfQSV`{^sD`9V%XSvd6Z!-Z@lk5!okTFF'U[,CuAJxGUXdrtl+!l@7neu;<h_(U2Wsk~?yR@D_%]Q\|<fNRNnoIKyC
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 3e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 31 66 62 38 0d 0a 0a e3 1f e3 5f cc 14 93 37 d9 ca 9b 94 15 91 d1 3a 07 34 6f b7 87 c7 09 3a 09 d4 d0 4c 37 9a a7 7b 24 d3 a7 4f 44 09 ed f3 28 03 19 39 e8 99 19 ca 8b a9 0a 6e b0 09 d3 78 46 75 98 0d bb 11 5f 41 7d b1 a4 4d 66 78 2d 0e 19 5a c6 0c 8e 17 d3 83 59 ef 16 68 b4 e9 e9 4e d6 95 0f f3 ad 9e 32 67 b9 a7 67 13 6f 75 e2 4d 97 73 3f 8e 3e aa 0b ea 7c 31 1f 84 d9 52 d8 a2 d2 82 b7 b9 8a c6 00 48 e0 5a dd 2d 30 f3 c9 24 d1 33 c1 9a 01 64 ad 19 d1 bb 73 aa 68 c3 0d fb 63 df 13 ff 11 26 46 7d 35 bc 7c ff 1e 13 4e f0 03 1a 4e 42 26 2e 39 40 e3 ac f6 e2 8e 04 1e e0 16 02 8b c7 91 4a b3 da 40 cc 47 04 fc 3c d4 e6 a3 66 b7 46 d6 91 11 b0 a2 6a 21 03 44 fb 00 89 c5 28 67 Data Ascii: 00000001>00000001}0001fb8_7:4o:L7{$OD(9nxFu_A}Mfx-ZYhN2ggouMs?>\|1RHZ-0$3dshc&F}5\|NNB&.9@J@G<fFj!D(g
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: e6 83 6c d8 66 10 d8 b3 e1 54 eb 13 6d 86 ef aa b2 12 f0 67 e9 16 58 20 46 9d 6b dc d4 74 ac 20 82 60 0c b3 45 d6 10 20 61 5a b0 07 c5 cb 5a c0 1c a4 49 60 91 59 91 88 44 98 68 12 d2 9f d8 e8 70 5f 49 49 34 c9 53 f0 1d 8e 9c 60 3a 34 a1 f6 c0 00 66 be 2a b6 31 de ee 79 63 76 77 7a 18 8d 58 86 2f 0b 36 bc 89 42 71 58 21 20 fe 4d 15 01 2a 67 01 a1 03 65 f5 df 2d 92 05 85 c9 6f 37 0c 7f 05 6f d8 76 3c d1 75 98 f8 c3 8a ec c7 5e 74 57 27 79 bf c2 d8 22 cf 4d e9 31 d0 56 2c 01 da 52 50 98 e2 5a db a1 3b 3b 0c 7f 18 07 ba 28 4f 37 2e 92 ff 1a 61 66 7f 96 1e 94 09 7a a7 29 09 c8 20 13 5f 85 2f 98 37 50 0c 12 f7 85 86 c9 1a b2 87 4b 62 93 76 0f 17 0a fd c3 8f 96 ee e3 df d5 60 15 91 7b 3b c6 4b 82 97 76 8f 97 94 fb 87 1f b2 b2 9b 7f 57 a3 16 2d ae cb 10 c9 1d 23 Data Ascii: lfTmgX Fkt `E aZZI`YDhp_II4S`:4f1ycvwzX/6BqX! Mge-o7ov<u^tW'y"M1V,RPZ;;(O7.afz) _/7PKbv`{;KvW-#
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: d4 6d 67 d5 b1 67 0b 1a 8d 6b 90 67 6c 3e 82 c7 8c cc 40 48 51 7d b2 29 33 46 7e 38 51 4e 4a e1 47 d8 5d 2d e0 e0 72 46 93 26 45 9d 00 d0 cc 85 bf c5 37 8b f5 6d 67 de 94 23 44 ce 8f 30 38 12 9c d3 9d 98 a8 07 66 39 98 3c f3 46 b8 23 e5 47 d4 89 e3 c4 90 2f b8 01 c6 1c f0 fa fb 1b 00 b6 35 2a 2c 95 db 5c 52 35 01 4f 6d 3e 8e c1 c7 31 f3 31 9a cb 59 30 3a e4 59 73 8a c8 90 99 ff f1 1e 82 86 a4 1a 8b 2b 73 be ac d3 ab 09 a6 6b b0 59 7b 61 6d 2f 1e 8a 11 61 aa 30 ee 3f a2 05 88 c9 ed a9 43 21 16 34 31 38 fc 0a 5e 82 29 02 9b 7e c1 bc d9 ca 89 63 46 70 41 e2 f2 11 e9 10 0e a0 f0 49 6e b8 35 b4 44 b6 47 67 8b 19 3c 15 b7 52 c7 24 51 00 e2 aa f8 1a 02 43 b9 01 05 84 f1 aa a2 f8 aa 8c 66 ed 8f 24 ac ca b8 30 bd 77 b2 f8 bc 67 2f b6 51 f5 36 b9 db 0b d4 72 e7 1a Data Ascii: mggkgl>@HQ})3F~8QNJG]-rF&E7mg#D08f9<F#G/5*,\R5Om>11Y0:Ys+skY{am/a0?C!418^)~cFpAIn5DGg<R$QCf$0wg/Q6r
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: b3 36 a4 ba 0e a0 22 72 56 ec 02 d7 e6 ce f5 d5 64 bc f4 ec 49 2b 80 1a cb 8c ea 42 90 b2 b2 0c 70 0a ad 84 bd ac 8f d2 92 36 7e 0c cf a8 09 ed 2f 3e 7b 87 bb 16 e9 16 02 b6 b9 ea 87 8d 2b 39 50 41 aa da 92 5b 02 46 31 0d a9 59 0e 7c c7 d7 14 60 34 02 03 27 80 e6 30 c0 cf f2 d0 3c 2d 17 3e 07 95 eb 25 64 95 71 56 cd 36 6e 42 22 8b 59 1f 5f ca 59 7e d8 35 ec c2 d1 71 27 cf e2 0e 17 5e e9 68 f5 5f 5d f1 01 49 26 b0 c9 66 54 11 cf 69 dd f5 64 23 45 d6 b9 0c be 2f 88 70 59 92 ee 3b 65 bb 00 1b c2 a3 1d ac a0 85 84 bb 93 f4 e5 59 b8 0f d5 76 0c 68 14 99 38 20 1f 2b 8c 74 16 10 2d e6 c9 01 b3 49 f7 46 86 57 34 cf cf 08 1b d5 13 49 19 25 f7 eb 66 d8 3d a4 f8 bd 48 71 9b fb db cd 42 ba 1a 45 41 27 7c d8 99 73 07 27 bd b9 4e 87 ae 94 93 18 21 44 30 e0 08 67 99 39 Data Ascii: 6"rVdI+Bp6~/>{+9PA[F1Y\|`4'0<->%dqV6nB"Y_Y~5q'^h_]I&fTid#E/pY;eYvh8 +t-IFW4I%f=HqBEA'\|s'N!D0g9
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 7d ca d5 e9 1f 8f 46 87 92 84 0b f7 03 4d 89 24 b0 b0 a1 ea c7 63 49 c0 81 76 c8 09 74 89 fe 2b 93 f0 22 84 94 0a 76 f9 3f 2b 1d 12 81 8a 9f d0 8f 95 8c 95 48 c9 1d fa b1 92 d1 2f 24 ab 23 fa b1 92 21 da 91 1c f0 7f 56 32 44 35 92 47 5d fa b1 92 8f 38 79 8b 42 48 64 e4 ee 85 f4 63 e5 ee 73 f2 16 dd 27 9c dc f6 e9 47 72 d3 ed 90 b8 79 07 75 d8 83 9c 2d 39 a8 1a a9 36 b7 29 d0 8a 32 b6 8e 47 a6 23 b8 7c 8d 62 c6 90 6a 8f 5f 48 63 8a 15 58 19 69 dd 52 33 9d 8c a0 03 db ae 73 7c ec 3a 9d 76 5f e8 d0 2d ca d3 43 3c 69 1f 77 90 45 f3 8b 43 bc b8 60 0b 4f 3a 5d 14 ec ea b9 a2 29 90 82 9d ce 09 9e b7 0f 5d 47 3f 15 4a 74 9b 27 a8 b6 7b 84 7f 66 d6 4a df 9b ac 97 e0 8d 85 a7 2e ca a8 83 47 9d d1 b1 1e d7 22 42 71 2b 57 e7 84 7e aa d4 6f d6 d4 69 1d b5 3a c5 c2 41 Data Ascii: }FM$cIvt+"v?+H/$#!V2D5G]8yBHdcs'Gryu-96)2G#\|bj_HcXiR3s\|:v_-C<iwEC`O:])]G?Jt'{fJ.G"Bq+W~oi:A
2024-10-24 09:44:04 UTC	1117	IN	Data Raw: 5e 0f 06 98 8b 1f 61 39 d1 32 8e 62 00 38 0f 0b dc eb 41 b3 b8 75 aa e7 31 83 fe d2 00 b2 e3 ad da 37 51 4e ef 27 84 75 88 c3 61 98 df 74 77 22 2e e5 cc cc 89 41 77 5f 36 a2 79 ef 43 84 d9 e0 bd 70 7b 1f e3 1e 68 60 c3 d4 ce de 2c a1 0f 1b f0 b3 39 30 27 70 bd ec e7 f3 dc 93 0b 97 b3 94 ac 20 3e e9 8e 33 93 80 92 02 1a 97 60 98 07 6d 0c 12 08 6c e5 d3 97 40 95 eb e9 c1 d4 40 a7 2a 7d 60 2e 80 59 79 d4 ca ba 79 32 35 b3 15 5d d4 6e 98 b9 93 08 be 5a 6a 89 9b 05 71 11 ad a6 82 26 cf c0 cc 9b 1d 4d 49 36 10 c8 65 65 a6 c0 28 fd 6d a5 df 09 02 7c f5 60 40 40 ea 80 f3 04 ce 68 b8 36 fd 38 5f db c0 15 ad 15 06 00 9b 77 a4 e0 b5 15 51 a6 92 5a 3f 3c 3e 2a 0c 8f f2 c9 1c 10 d5 f1 11 61 a4 62 79 94 4f 48 ab 9d 9c 40 27 6d 3d 61 3d 2f 38 ec 66 21 56 f3 6d 86 f1 d7 Data Ascii: ^a92b8Au17QN'uatw".Aw_6yCp{h`,90'p >3`ml@@}`.Yyy25]nZjq&MI6ee(m\|`@@h68_wQZ?<>abyOH@'m=a=/8f!Vm

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
124	192.168.2.16	49889	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	676	OUT	GET /gui/84569.030dc629fa8cc22ed550.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: c4beb56372182f8d3a79a3a40f12659d Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:02:11 GMT Expires: Sat, 18 Oct 2025 09:02:11 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 520913 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a bc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5c 0d 0a 30 30 30 30 30 30 30 31 0d 0a e9 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7a 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 96 0d 0a 30 30 30 30 31 0d 0a fd 0d 0a 30 66 65 65 0d 0a 3f 4f 01 b1 13 37 90 80 10 49 89 14 45 06 76 dc b6 33 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\0000000100000001z0000000100000001F00000001000010fee?O7IEv3
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: b6 38 e4 5a 1c f2 60 16 cd 5d 08 cf 73 0b fc 19 c0 9f 01 fc 1f 2c 61 6a f2 68 d2 b4 59 a8 59 31 2f aa 94 a4 ad 59 b2 2c e2 e9 0d 6b 38 86 00 89 9c 00 4e 43 0a f8 6a 09 dd 19 94 90 65 9e e7 29 c1 d7 c2 4e 76 94 24 f5 68 5b c4 eb 75 b3 30 09 de fe 1a c4 8b 12 3a c3 7f ad 58 69 af 97 dd dd 1d b1 20 cd ab 74 32 e5 d5 cb 38 66 55 e5 29 1d 2f 82 bc c0 b8 f9 44 a9 54 2a a1 36 7a f8 42 43 cb 77 78 00 f0 32 08 1d fb 38 8e 66 69 96 b2 ca 9e 93 6b 8c 79 50 65 69 cc 00 70 cb 1b 6c af 60 67 08 d8 dd 4d 85 34 f3 ef ca 40 10 47 b3 79 94 4e f2 8d 89 2d e6 de 37 b1 e9 ab 64 cd 12 80 31 04 60 0c 01 10 e2 6f fe 02 6f 24 14 a9 5e 59 ba 4f 7a a6 e8 3c dd 27 3d 0a ac a6 00 6b f9 18 f9 f9 89 60 5d 1e 16 9d cd 11 b5 f0 48 3b ba cf 74 2a fa 4b 4d 7f b9 8f fe 39 e8 9f ef a3 5f 03 Data Ascii: 8Z`]s,ajhYY1/Y,k8NCje)Nv$h[u0:Xi t28fU)/DT6zBCwx28fikyPeipl`gM4@GyN-7d1`oo$^YOz<'=k`]H;tKM9_
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 76 28 d1 ad 24 45 60 8c a1 8e 9e f5 4c 9b c4 49 44 0e d0 97 08 2e ea 8e 35 89 1b 9d 2c 2a 37 db bf 41 dc 95 24 a0 7e a3 39 d3 a5 40 83 64 84 46 bf 98 bf 23 0f 2a 52 1f 00 56 b7 07 fc c2 b3 8a 72 ca 12 59 5d de 2f 46 b2 bf d5 de 94 6d b5 05 52 17 90 45 91 0f 14 f2 9a e6 d6 48 12 2d 59 6d 00 53 bf ea a5 6f 62 76 31 3f 80 57 3a d7 1d 6a ac 4c 63 0b a7 ba 9d c1 e8 e2 17 35 66 8d 8f 6c 25 29 11 f8 dc b0 ea 43 41 e3 c9 32 09 0e 0a 45 68 28 a6 c6 4a df 33 86 38 90 5a 91 66 56 f8 0d 11 a2 23 c7 92 4b bd f8 c5 2c 13 8f 8d b5 5b 20 6a 2e 60 1f 91 6e 04 91 14 17 86 e4 0a 44 c2 66 55 2e b0 ef 41 8a 50 64 00 63 ca 66 c1 86 c0 ac 22 ec 50 c1 d1 8a ac e0 80 f9 a2 e5 80 fb 59 3a 4b f9 a0 dd 6a f9 33 8a a2 3e 16 a2 eb 47 b1 1f ca 7d 96 53 48 9a 20 56 f6 69 1f 32 b8 6c 44 Data Ascii: v($E`LID.5,7A$~9@dF#RVrY]/FmREH-YmSobv1?W:jLc5fl%)CA2Eh(J38ZfV#K,[ j.`nDfU.APdcf"PY:Kj3>G}SH Vi2lD
2024-10-24 09:44:04 UTC	443	IN	Data Raw: 3a 5a ef b2 a2 f8 b4 d8 d5 bc 24 af 3e ca 2a 4b e5 64 41 40 db 5e ca fa ef d1 3c 11 35 43 a3 77 5b 6e 22 6e 47 d7 82 12 64 6d 68 eb 2f a2 6b d2 ef 83 2a 6c 36 7e 12 aa 47 49 6e bd 25 7c 2c 47 b6 66 d9 51 67 39 ce ef a9 d1 72 c6 7d 4a bd 3f d3 f3 80 a8 22 0e a8 d3 3e d6 1b b3 fb d5 79 ef 54 bb d2 5a c7 03 25 bd 55 a9 98 12 a5 1d 81 91 3b a0 dd 48 c0 a4 84 ea 6c d1 03 eb 31 3d 1e bd 16 d3 c3 cc b1 bb 90 3a 3e 96 f0 07 e3 b4 ac f8 47 0b b9 a7 ec 14 45 b7 1b 84 ef 22 ef 64 52 57 3a 2e a0 4d a8 9a e6 1e 1b 25 5b e8 a0 e0 d7 fa e5 e6 43 9a 40 3b 08 f8 57 d9 ff 7e 36 5b a3 de 87 09 9c cc 17 db 31 5b 0b 4f 0f 58 67 4c a7 97 4d ce 79 d3 ad 20 17 f5 80 84 08 87 be ed c3 d2 f9 fd 48 ec 9b e8 10 24 c6 d9 7c 01 07 be ed bb b0 d9 24 99 d8 49 1e 1c f6 58 8f 04 04 91 08 Data Ascii: :Z$>KdA@^<5Cw[n"nGdmh/kl6~GIn%\|,GfQg9r}J?">yTZ%U;Hl1=:>GE"dRW:.M%[C@;W~6[1[OXgLMy H$\|$IX
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9e 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a 69 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a c5 0d 0a 30 30 30 30 63 32 61 0d 0a 56 2b ca 0c 8b a4 ee c6 3b 66 94 5a 6d a4 7c ec 6b a7 6a ae ae 02 70 f1 4d 84 83 b9 38 d4 f6 7c 45 57 e3 f2 70 81 13 b0 b8 56 87 3b 7a 97 ad 2b 3a a6 7e d9 36 c7 d7 e4 94 45 3e 4e 27 c8 37 ff 54 94 a0 f9 6f e3 97 f4 d6 fb 7d 8c cc 6e 99 16 38 ca 22 4e eb 7a ea 0e 17 25 8d 3f e0 bc 35 2e c4 b0 0a 9d 70 3a 13 4a 79 ff 00 e2 2c 0c d2 bb 8c 83 16 9c a4 79 ae 2e 5e a5 38 80 aa 4f d2 e5 08 1c e8 da 94 b8 b0 c3 e4 f9 50 9c 7d c7 d9 51 7b 4d b8 40 40 d7 11 71 b7 8c d1 b5 2c 97 ab 83 a4 6e 81 9b 35 b8 7d 48 a7 72 e3 29 8b 3f bd f9 9c e2 c5 13 4e Data Ascii: 000000010000000100000001i00000001F000000010000c2aV+;fZm\|kjpM8\|EWpV;z+:~6E>N'7To}n8"Nz%?5.p:Jy,y.^8OP}Q{M@@q,n5}Hr)?N
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 05 49 d9 5c cf 76 93 5e d2 3e 6d ab 55 21 8a 9a f2 9d 89 6c 09 21 a9 be b7 81 66 15 2e d2 23 a7 04 6b 4d ac 1c 27 c9 58 a9 5d 0d 8a dd 82 b5 e8 67 13 90 8d fa 78 7c ce 98 ac 17 0c dd a8 ec 8e 4f b4 36 ea cb fb 76 3d 54 b5 c3 94 3e 2b a6 6e 54 47 ac ad e7 96 00 6c d4 c6 63 fc c8 99 c5 e2 ed 4a 5b 01 cd c2 c5 b5 c7 7a f1 e7 c9 a8 3f d6 4b 33 12 31 da 6a 15 77 e8 67 0b 80 ad 36 a3 56 c2 46 ca 54 49 10 b6 1a 9c 9f c7 d1 58 2d d4 00 b1 d5 66 dc 8d cf ce 95 e8 69 30 b6 9a b0 7e 74 16 29 ed 51 80 6c b5 b0 cd 94 04 65 ab 81 6d 82 84 c5 94 6a d4 e9 42 bd f4 5f 72 b1 c2 c0 1a fd 84 8a 2a a8 c6 48 05 35 ab 28 af 9a b8 84 9f 8e 07 4e e3 3d 42 b4 98 39 ef 51 46 d7 11 f1 0d 84 77 c5 08 d7 98 f5 bf 08 97 c6 dc 77 fe cc 70 fd 91 e3 f8 a5 ef bc 2c d3 28 f3 9d 7a 14 39 a5 Data Ascii: I\v^>mU!l!f.#kM'X]gx\|O6v=T>+nTGlcJ[z?K31jwg6VFTIX-fi0~t)QlemjB_r*H5(N=B9QFwwp,(z9
2024-10-24 09:44:04 UTC	374	IN	Data Raw: a0 da 9a 60 03 47 4f b1 7f 80 f8 9d 2f 57 1a 3c a1 64 3f 7e 62 cb 71 89 54 74 e5 cc cb 02 09 b8 0a 29 41 28 3a 9d 43 9c b3 6a d5 fa 76 35 42 6a 6d 22 be be d7 34 9f 7f fb 2c 76 34 eb b5 d5 9d 54 1f 76 b2 29 a7 5e f1 02 5f cb 41 a4 46 fe 0e 7e 87 c3 2e ba 27 3d da 85 21 af bc a7 1b 66 b8 a5 d9 ea 4e f8 94 60 86 ef a8 79 eb 2e 8a b5 7b a7 8f b2 e8 51 c5 02 ec b1 20 13 31 9b 16 19 05 98 13 a4 17 57 76 cf a0 d5 de 98 d8 6e 7c 8b af 1a ad 90 f1 fb d6 18 a3 59 54 7d 32 cb 1d 20 39 db fa d6 69 7d 3b dc 5f bc 5e 07 06 19 fd 61 bc 95 2e 19 e8 12 e7 48 de 36 89 72 8e ef 8a c0 e4 ef 7c ae 50 39 60 c3 4b 9d 1c 10 8d f5 e6 cb db 18 07 1b 11 dd 4a e6 71 6c 76 6d c9 9e 6e 68 52 23 9b 43 d9 1f 58 44 b8 61 29 9c 25 be 76 b1 08 47 37 c6 a0 cf 39 ae 64 7c 41 42 b4 35 7f 9a Data Ascii: `GO/W<d?~bqTt)A(:Cjv5Bjm"4,v4Tv)^_AF~.'=!fN`y.{Q 1Wvn\|YT}2 9i};_^a.H6r\|P9`KJqlvmnhR#CXDa)%vG79d\|AB5
2024-10-24 09:44:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
125	192.168.2.16	49890	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/74278.4e291418bc556b622962.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 0afb4839d00ad387b38a474cda92952c Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:58:31 GMT Expires: Sat, 18 Oct 2025 09:58:31 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517533 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 31 0d 0a 00 0d 0a 30 66 66 61 0d 0a 00 00 02 ff ec 7d 6b 77 db 46 92 f6 f7 fd 15 30 32 f6 00 1b 10 22 c0 3b 29 58 71 64 67 9d b3 72 9c b5 14 cf 4e 14 bd 0e 48 b6 44 c4 20 c0 05 40 5d 46 e2 7f df a7 aa bb 01 f0 22 4b f6 24 f3 9e 39 3b 39 b1 89 be 55 57 57 57 57 57 57 55 b7 ad 5c c4 e7 ee 95 18 2f c2 c9 c7 c3 d9 32 f9 78 59 7c 58 46 1f e6 61 94 04 9f 28 bb bb 3b 3d b3 dd c5 32 9f 59 a7 a7 bd b6 df eb 9f 39 b7 6d 6f d0 6e 0e ad c2 11 4e 64 07 cf 6f cd 65 2e 8c bc c8 a2 49 61 8e 2e c3 cc c8 83 c8 6a f7 7b cd b6 ed 64 f8 f4 ba dd 76 c7 76 12 7c 0e 5a fd ae 67 8f 62 51 Data Ascii: 000000010000000100000001000000010000000110ffa}kwF02";)XqdgrNHD @]F"K$9;9UWWWWWWU\/2xY\|XFa(;=2Y9monNdoe.Ia.j{dvv\|ZgbQ
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 1d d1 1e d4 ef b5 da 3d 1b fb 07 36 29 df 6f 77 6d 27 a4 9d a9 db ef 74 ec 11 cb 46 23 0e 4e cd f3 28 2e 44 66 3a 66 1c cd a3 c2 3c 73 26 db 99 8e 99 66 58 a6 28 9c a1 10 92 25 2a 6e 3e c4 51 8e ea 23 bd 8f 18 53 da 1c b4 cc 30 74 36 49 52 6c 44 cc 14 6e 94 f3 2f f2 6c 2d 43 57 48 dc dd 55 b5 09 04 09 c3 28 90 12 b0 38 a0 df a1 b9 84 48 a2 8d 60 6a 3e d1 7b d9 f1 cd 7c 9c c6 cf 9e 15 a7 f2 cb 8d 30 90 10 d2 fe ec ee ae 38 35 bf f9 46 a7 81 25 50 20 38 4f 82 48 82 cf 1d 6c b6 0e f6 66 88 7d 27 0e 9e 34 31 ec 27 de a8 c8 6e 08 db 24 b0 a2 20 72 27 61 1c 13 ae 6e 82 45 ea 90 d0 05 72 28 96 3b 93 15 d9 4f 02 c0 93 23 19 01 88 b7 2a 77 c5 d1 13 48 10 2b 0f 12 09 24 02 90 69 9a 08 da 0b 43 a9 67 e4 52 6c 63 56 d4 d6 09 60 02 2a 03 70 b1 47 ab 09 09 71 a2 1d d0 Data Ascii: =6)owm'tF#N(.Df:f<s&fX(%n>Q#S0t6IRlDn/l-CWHU(8H`j>{\|085F%P 8OHlf}'41'n$ r'anEr(;O#wH+$iCgRlcV`*pGq
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 8d 12 cb 34 4c 1b 8a 70 8e bd b1 d4 ee 9d 25 c8 95 3b 33 db 59 6c a2 b0 fc a3 50 b8 09 e2 03 35 11 3f 8a ec 15 23 c3 73 80 59 20 aa 3b f8 5b 4f 47 48 d8 33 97 f0 d1 9a f7 08 35 54 a5 eb 48 16 dd 60 6a ac 44 c9 ac a4 d0 df dd 49 89 45 35 85 0b 13 d1 07 49 80 b5 4a da d4 22 4a f2 5a b7 d1 14 cb 45 11 2b 9a 3a 6c 94 a8 72 58 ac e2 18 52 ab 01 dd 0c a6 c3 7c 78 5a b8 58 fa 1f e2 34 fd b8 5c e4 8e 4c e5 cb f1 3c ca 73 32 44 9d 61 54 36 ba 87 3d 0a c3 93 07 01 e6 4f 98 28 ed 21 0c 61 a8 28 a0 e6 e7 69 7c 29 2c 64 3a 97 d8 b6 98 75 1f a4 d8 42 31 70 76 77 e7 43 92 ff 5f a3 9e 62 0e 43 13 91 ce 77 a7 37 ce 25 6c bf 25 1b 59 52 14 d6 cf 14 20 f6 74 89 c3 0b af 60 08 0a 0b 92 45 2b 6a 42 d9 74 22 70 0f d8 80 a4 0e b3 02 f6 3b 70 8b 9c f2 51 41 7b 17 94 2b 62 08 d8 Data Ascii: 4Lp%;3YlP5?#sY ;[OGH35TH`jDIE5IJ"JZE+:lrXR\|xZX4\L<s2DaT6=O(!a(i\|),d:uB1pvwC_bCw7%l%YR t`E+jBt"p;pQA{+b
2024-10-24 09:44:04 UTC	295	IN	Data Raw: fd 3c 4e 0b f8 d0 f9 87 7d d8 f9 fe 1e f2 8d 7d e9 5a 85 b1 ec 02 e7 5c 32 02 22 5e 41 64 73 b8 c0 0a 81 06 eb c5 65 28 40 0d 43 72 72 e3 6c c7 06 1e 3a 1a 4b 47 ef a4 ee d4 ae d5 ae bc bd 38 07 a9 56 bb bd bd aa 11 39 99 27 f0 f2 f6 7b ed 7b 65 9c 96 6d ca 0f 4b 11 42 2a 58 88 bc b3 2a 58 88 bc b3 5d bf 0f 77 14 7b 67 fb 1d 9f b8 25 66 47 ed a0 0f f7 ed 84 9a 75 fc 36 fc bb 33 6a 06 b7 32 5c ef 94 e9 79 1d 7c 2e f1 d9 6d b7 bb 5d 29 1c 17 ce dc b9 71 ce 9d 4b 67 ec 5c 38 c7 ce 95 14 95 fa d4 64 9c 90 11 4a db d8 ff e5 a4 fd 3f e6 a4 c5 79 11 b3 2f 4d f2 ff fc 4e 5a 39 1a 7d 94 dd f2 5c ff 93 39 69 e5 68 fe 20 27 2d c9 a2 8f ff 52 95 54 f4 e0 df 1b 75 78 14 58 8b 0d 6d 29 fb 82 c0 43 1c 13 39 fc 84 37 7a 18 14 e7 14 37 30 85 52 51 e5 5e 45 d3 62 16 78 10 Data Ascii: <N}}Z\2"^Adse(@Crrl:KG8V9'{{emKBXX]w{g%fGu63j2\y\|.m])qKg\8dJ?y/MNZ9}\9ih '-RTuxXm)C97z70RQ^Ebx
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a b7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 19 0d 0a 30 30 30 30 30 30 30 31 0d 0a a2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5e 0d 0a 30 30 30 30 30 30 30 31 0d 0a a1 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 45 0d 0a 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 31 35 39 34 0d 0a 5d 1f a6 f1 72 9e 50 60 0c 57 19 53 85 00 3b 29 1c 33 08 1d 82 e5 87 b3 e7 f0 67 23 88 21 b8 3d 7a f5 dd c9 d0 f3 9a ce bb ef ff e3 b5 fc fa f6 ed c9 c9 db 37 c3 76 d3 39 79 fb 23 7e 70 ce 23 75 e7 fa 98 6c 84 12 d4 8f 8b bc 04 75 53 cb 9f b7 ff 5a e5 fb f7 14 5c bf b8 8e 72 09 27 ee f5 e1 18 ad a0 43 f9 8a 26 1f 73 6c 94 0e ce 78 8d 9f 8e e9 80 34 71 ff Data Ascii: 00000001000000010000000100000001^000000010000000100000001!00000001\|00000001E00000001f1594]rP`WS;)3g#!=z7v9y#~p#uluSZ\r'C&slx4q
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 42 a4 ee 60 08 ca 7f fc 92 df d9 0d 81 d8 39 d0 06 0e ca 8d f6 d6 d8 aa 45 5e 93 7e 04 64 9f 06 6a 40 d9 8a 03 73 b2 cc 60 e8 2f 26 69 9c 66 e6 73 e5 bc dc df a3 1a eb c3 aa cb 48 b9 13 ee f9 5f fb 4d 07 1b 15 fc c5 e7 2f e5 cd 1e 75 ce 85 e2 49 81 71 47 e2 02 6a e7 11 5d 02 3c 91 34 3e 01 5c 18 c4 e9 2c 4f 53 ac 72 3f 4b 3e 5c 80 09 2e 1e cd 04 c4 01 ff 1c 6c b0 21 1e 68 a2 fe 7f b1 41 cd 37 fd 10 2b 48 e9 80 a5 c6 2b fb 41 c6 c8 ab d0 96 2f 62 0e 9b ee f7 be a6 85 28 a6 ef d2 ab 7a e4 0a 23 20 37 31 7d 2a d0 31 4f ff bd 2e be 48 34 d9 f2 c4 31 83 e6 1a 93 f6 aa 60 fe 90 4e 05 02 47 4a 4f a1 bd da 59 a3 16 30 03 fe cf dd bf bc c4 5d 24 89 80 b4 bc 21 08 90 ce 38 db 7b a4 e0 d0 8f ea 80 83 08 3f 52 64 e9 ba 1f d7 56 bb 6b 19 f7 47 a6 1d 04 fe c9 32 65 b3 Data Ascii: B`9E^~dj@s`/&ifsH_M/uIqGj]<4>\,OSr?K>\.l!hA7+H+A/b(z# 71}*1O.H41`NGJOY0]$!8{?RdVkG2e
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: fd b9 80 b6 79 ab 54 66 55 60 45 e9 f5 50 04 51 f2 ad ce 31 a5 46 b9 d3 60 a4 ce f7 78 71 47 2b 9e 52 2d 56 27 dd 69 4a cf 22 5a b8 25 12 95 03 93 94 d3 25 6c a1 cd 5d 66 2f 1e e4 5a df 35 9d ad ee ba c1 b5 1b 1c b0 d7 09 f5 c5 00 01 89 ee 42 93 ad 4a 72 05 9e 71 e4 0b 89 7c df a8 d2 de c9 08 a6 82 ff e9 11 13 04 53 23 74 01 e1 2e 8a 94 8c bc 8c 1a 4b 9e 7b 38 c1 93 05 ea be d0 b1 d0 e1 c0 b0 bf 92 9d e1 fe 80 b0 e1 43 30 fe 81 d1 67 e5 65 7c 15 6d 13 e5 74 c7 e1 02 6f 86 a8 69 a8 e2 c9 b6 a2 d2 78 8c 1c 44 84 17 62 68 f5 c8 18 b7 4f 8e 9d db 7c c7 11 8b 1c aa b5 c3 d4 a3 5e 25 a4 33 14 fe d3 dc 70 6f e8 db 83 23 f8 64 48 dc f6 18 64 90 dd ef 3c 88 ba 08 a3 a0 96 4f 4a 31 39 e4 da a6 84 c3 24 58 06 cf 5e f0 4b 8a c7 f0 44 1c 93 27 62 1a 5d 6a e7 ce f8 a2 Data Ascii: yTfU`EPQ1F`xqG+R-V'iJ"Z%%l]f/Z5BJrq\|S#t.K{8C0ge\|mtoixDbhO\|^%3po#dHd<OJ19$X^KD'b]j
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 07 d2 ab 89 c7 34 d6 60 6e 90 35 4a ce d3 b5 0a b2 9f 6a 92 a8 02 47 24 36 f0 0e 31 7c a7 f0 6e 29 78 d2 25 a4 70 e4 84 8f 17 a5 1f 89 d3 88 59 81 76 a8 35 68 b8 36 92 a5 1f c5 7a f7 6b 1d fa 3b ab 6c 62 a8 78 ae 16 af bd 73 dc 5b d5 1e 35 7a 52 7e 39 e2 7f 27 2a f6 a8 9c a3 f6 aa c6 a2 f1 ca c1 dd fb 6e 8b 5e a6 b9 25 43 f7 02 ef b0 e5 c1 9f f9 62 c5 65 24 ae be 4d 11 43 dd c4 e6 df e9 e2 7f 53 05 46 ca 43 f4 f5 3c c6 fd 48 73 56 14 8b e1 de de d5 d5 95 7b d5 c2 b3 42 17 7b b8 e3 df a4 9b 02 e6 73 92 b0 fb b4 7e e8 c3 d0 57 35 00 48 a6 a5 88 0e cc 32 23 43 6f 7e 5f 95 f2 01 2d a0 07 dc e3 9a 18 db 5a a0 8e f1 d5 b4 35 ed 9d 9f db dc 6e 4f 76 4a 1c 2b 3b a1 f6 4c 99 c0 24 25 24 9d 4e 15 7c b8 36 10 65 82 4b 12 9b 05 38 b3 bf f1 da 2e 5e 78 f1 0d af e5 f6 Data Ascii: 4`n5JjG$61\|n)x%pYv5h6zk;lbxs[5zR~9'*n^%Cbe$MCSFC<HsV{B{s~W5H2#Co~_-Z5nOvJ+;L$%$N\|6eK8.^x
2024-10-24 09:44:04 UTC	30	IN	Data Raw: ee fa fe a0 eb bb bf e1 3d e0 70 f1 bf 00 00 00 ff ff 03 00 6e 01 c1 d4 41 6f 00 00 0d 0a Data Ascii: =pnAo
2024-10-24 09:44:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
126	192.168.2.16	49891	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	676	OUT	GET /gui/13420.2099364bebdd02277cf9.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f86025229c14c34778722cec42e60789 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:56:58 GMT Expires: Sat, 18 Oct 2025 08:56:58 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521226 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 79 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 66 65 65 0d 0a 7f 3e 05 8c cd 7a 81 31 08 53 b7 4c 99 56 14 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001]00000001y00000001w0000000100000001F00000001000000010fee>z1SLV
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: fb 6e 34 1e bb 8b bc 88 8a 78 e0 80 2a 21 af e6 63 95 03 15 b2 a5 5e 37 48 c3 59 92 47 67 6a ff f0 d0 f7 4e c3 3d 7f c1 fd 30 cb 5b 95 ab e2 ab 59 51 80 1b cc 00 87 d1 65 5e 4c 8b d3 e4 75 ff fe d2 93 e3 ee c9 bd 3e b6 b5 be f4 ab ab 5a 47 59 11 fa ed 5f 5d dd e3 27 16 36 c1 0c b4 00 3c 95 31 d6 d2 18 ca 21 de 7f 10 9d aa 31 e0 23 6a 2f 34 e9 a9 3e f1 24 86 81 94 6a 6f 23 80 01 16 08 ff 22 8d 87 4e 97 66 de 2d 7a 4d 18 35 c1 3f 3c fe ef 07 9d 93 2f 1e 86 85 ca 0b 4f f9 bb ee fe 2c 2f d2 89 db 53 4b 64 c9 f0 08 19 19 88 84 0d 1a 10 c8 7a 0d 47 31 70 32 ca 10 5f 38 8a 72 af f0 77 27 61 4c 72 64 3f 9d 25 45 36 7f 15 4d 14 5a 7b ae 8c 77 65 93 d2 ac f8 6a 6e 5e a7 99 b4 b6 5e a1 8c 7e ff 68 d7 3d 44 67 e7 74 ee 68 f4 ba bd d6 8e 2f ab 8e 16 7f ba 3d 33 5c bf Data Ascii: n4x*!c^7HYGgjN=0[YQe^Lu>ZGY_]'6<1!1#j/4>$jo#"Nf-zM5?</O,/SKdzG1p2_8rw'aLrd?%E6MZ{wejn^^~h=Dgth/=3\
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: b3 64 c5 47 c8 8a 8f 90 15 7f 82 71 80 8f 3a 01 c3 f0 18 c2 e7 60 71 4b 93 30 cc 01 25 9b 5f 72 c8 97 ed db d9 64 90 e6 fc cd 0d aa d8 9e f6 88 37 c8 3e a2 98 d6 9a 7b 73 ac fd 4b 95 55 aa fd 4a e2 31 09 6a 8f 8d 96 60 ba 98 df 8b 7a 37 db 5c 35 5d ed b6 c5 49 70 bc 04 9d f6 04 c9 96 1e 5a 2a 90 56 53 f4 82 48 4a b4 2e 84 27 94 d1 4f d1 c7 f0 5e e0 d2 08 39 7f e0 5c d3 58 b1 ac 38 1c 4a 4d af 87 06 45 c4 41 db cb 8c 87 46 7a 94 0e 8b 3c fe 5d c9 0b e4 41 5e 7f db 5b d6 ea 03 f2 ea 15 d0 27 f6 ed a3 eb 0b 90 e3 17 20 47 12 a4 b4 77 30 5e c8 23 25 e7 da 01 1e 1e d8 b4 3a 8e ce 8d 74 8a c6 f1 39 53 dc 59 67 00 4d 5a 65 10 47 71 9e 1a 89 50 92 10 86 3c 31 93 07 ad e6 3d 3c c3 c6 0f d0 fa 3c 2c d2 83 f4 a3 ca f6 a3 1c 26 19 8e e1 c1 78 06 d6 f4 54 fd 01 a6 31 Data Ascii: dGq:`qK0%_rd7>{sKUJ1j`z7\5]IpZ*VSHJ.'O^9\X8JMEAFz<]A^[' Gw0^#%:t9SYgMZeGqP<1=<<,&xT1
2024-10-24 09:44:04 UTC	446	IN	Data Raw: 40 72 da f4 28 c5 69 ce 07 22 84 9e 3e 20 15 72 48 d4 03 d7 5d 80 37 fc 38 71 8a 56 9a 90 1d c3 b2 29 fb 01 1b 53 f2 85 44 32 92 b3 f8 7c c6 12 8b 7e 7f cc e2 42 47 39 16 7e af 00 31 f6 e3 a0 58 d0 ae 0c 8b da b6 20 d9 e3 df 39 2e 7f 20 c7 c5 10 bb 33 63 69 23 d4 e0 be 4b 3e 24 70 85 ec a7 43 45 87 1a 9d 8c 43 b5 a0 74 a3 69 d1 f7 de ff 1f 64 aa 90 67 e3 28 2d a2 71 2d db c4 d2 cc cb ac 14 b8 a3 a3 49 8e fc 8b 9f bf 09 9f 3e fb 7a ef dd 81 ce 10 e1 70 35 e9 e3 e2 41 62 0d 4e 0c ad 81 24 1b b0 b5 52 4f 82 29 10 90 94 a4 12 d2 c4 d8 7c d5 9d 1b ad 17 71 1e e3 d8 d4 69 0b 8d 87 67 71 96 17 87 e4 c6 86 76 22 51 4a a4 c5 ac 70 d0 1b 56 38 42 f1 3c 73 bd db b3 64 38 4d e3 a4 20 3b bd 0a d6 eb 50 6d 63 2d c2 80 da 4c 24 0f 88 2c 51 9a 11 c7 e5 e9 09 85 da 62 84 Data Ascii: @r(i"> rH]78qV)SD2\|~BG9~1X 9. 3ci#K>$pCECtidg(-q-I>zp5AbN$RO)\|qigqv"QJpV8B<sd8M ;Pmc-L$,Qb
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 31 0d 0a d6 0d 0a 31 63 61 39 0d 0a 43 6b 67 cb 01 d6 b6 5e 3f c8 ea c4 03 2b d2 69 1f 43 cf 1b 1d 85 c6 1a dd 11 c8 89 a1 69 fe ce 39 1b 42 32 1e bc 07 67 e1 8f 53 1c 0f b4 39 d5 9b b0 4c 68 09 c8 cf 81 3d f3 b4 41 ba 77 98 96 67 6b 0c 96 19 35 3a 6d 8a 2d e7 73 0d b5 d6 3a ed fe e2 98 6d 6b a3 fa c5 2f a0 57 7f d1 b6 38 b1 3f ca 23 dd 75 75 fc 8f 48 96 23 fe 01 d9 0b 88 85 69 52 02 6b 11 08 31 de 48 49 00 5f 5c c6 7a 72 69 57 68 e7 61 78 a2 f4 93 5f 18 4d 35 78 cb e5 48 7a 9a a6 06 dd 85 bb b3 de de de 8d 1f 71 27 21 e6 2a 9f 48 92 16 1a db 14 18 cc 70 7b 0d 0c 4e 45 d0 2c 5f 65 22 e8 06 7e 68 d1 59 d5 c1 6a 14 3a 67 9f 43 93 9e 58 8e 17 29 c7 17 f5 33 86 40 16 eb 53 6a 46 c2 19 87 fb b0 3f 4f 11 fc c3 6a 39 df Data Ascii: 00000001011ca9Ckg^?+iCi9B2gS9Lh=Awgk5:m-s:mk/W8?#uuH#iRk1HI_\zriWhax_M5xHzq'!*Hp{NE,_e"~hYj:gCX)3@SjF?Oj9
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 4a 74 28 15 5e 47 79 38 5b 3c de 8d ad a6 85 44 f4 70 f6 c8 59 d7 10 bc 96 87 4b 6b 58 75 05 44 1a b5 bf 82 f5 8d 1c 7c a9 b5 b1 cf d9 52 3a 33 a8 3f 30 1a 81 c1 6a fb cb 79 fd 9e ab 19 c9 05 c2 e9 bc 17 78 6f 87 aa 94 02 04 d8 10 a4 82 54 1f d0 f5 58 3b b8 88 ef ae a3 2b 2c 08 7e a1 02 24 ae c6 c3 1d 21 27 ce 4b 25 a2 51 a2 13 dd 0e 00 a3 a5 b9 41 00 a6 e7 d2 91 f0 f9 53 95 3b 50 29 a9 75 3b 0b 2c 4f ee 23 a1 00 21 98 05 47 54 10 63 2e e2 f1 df ef 8d 20 68 13 4f 94 f7 99 2d 23 74 69 75 f1 76 7c 99 0d 33 1e 2c 3e 71 b0 4b 2c 3d 44 e3 ed 97 38 b0 1a 65 d5 7c 46 50 8d 63 69 ad ec 8b ed 2a 87 31 62 86 da cf 4a 94 66 12 da cd ec ad 2e 58 08 4d 29 a3 e1 00 c2 22 4d de d6 4a 75 30 96 3d 8b c8 46 6f 0a 2c 72 9b 9a c1 b2 6e 56 06 61 eb 8a ec d9 35 5c da d6 89 b7 Data Ascii: Jt(^Gy8[<DpYKkXuD\|R:3?0jyxoTX;+,~$!'K%QAS;P)u;,O#!GTc. hO-#tiuv\|3,>qK,=D8e\|FPci*1bJf.XM)"MJu0=Fo,rnVa5\
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: a5 21 0c 59 0b 2a 05 98 45 cd b5 36 8b a0 75 7b 29 9c 1a 60 95 72 5b 7d 82 ae 0e 31 cd f7 d4 98 7d 99 94 2a 3f 69 b9 e5 2b e2 04 4a 75 34 de 27 5b ba 6c 94 09 5e 40 49 2e 9b 48 61 ce a2 41 61 37 7e a9 cd 6a a3 38 b3 a7 b1 ac 1e 35 22 b4 06 4d db 79 5e 52 32 09 86 28 64 79 47 e1 0d ef 12 46 28 5f 33 24 68 bf e5 24 2e c9 db b8 08 da 8c 7e a1 ed da 7e 48 13 6f 46 45 f9 07 26 7a 4b 7a 43 e3 cc a9 cd 21 de 87 60 b5 1b cc c2 c1 48 5d 64 69 f2 14 f6 34 a1 a9 6a 79 37 e5 df 2c 44 97 bd 14 32 df 9f e5 5a 28 1f 16 6b fe 06 d6 fc ad c9 9a 77 57 ba 6c c5 4c 13 ce cd 3b c7 4b 13 89 22 86 2e 69 53 d0 c4 62 b2 64 1d 52 0b 98 0f 91 42 01 b7 3b 5d c5 c5 cc 2a 67 10 35 c8 49 05 2f 75 b5 05 b7 08 9f 77 58 e1 bb 25 81 2b 1a 24 71 2e 99 b0 8e d4 28 e3 e4 cc 22 aa 2a 8e 5c f0 Data Ascii: !YE6u{)`r[}1}?i+Ju4'[l^@I.HaAa7~j85"My^R2(dyGF(_3$h$.~~HoFE&zKzC!`H]di4jy7,D2Z(kwWlL;K".iSbdRB;]g5I/uwX%+$q.("\
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 49 ba 0e 1d 39 8b aa 2c 7b 40 b8 33 01 f0 6a 11 98 07 89 ad 92 34 f8 ef 8b 27 90 28 ff af 79 f1 04 b2 21 b1 fb cc 84 ff 02 f7 4e c8 6a 4c 9a d8 d2 6d 1c ff 64 d7 4e c8 6a 2e ff 3e b7 4e 90 74 9c ed dc 33 92 83 e4 46 61 5f 85 df ff 2f 17 79 c1 0e 44 18 ae 84 99 bb ff 05 93 ef 60 ef f0 e8 fd d6 fb a7 7b 3f 1d e2 e9 41 04 77 d0 16 dc aa f3 bc 7a ba b2 5e 7b bc b2 de 78 fe f2 f5 ab a3 e7 66 f0 04 ee fc 51 35 76 f3 3d 3f 2d e7 de 74 b8 03 66 5f 78 33 68 b8 33 dc 8b 82 6f 0b 88 1f 6a da 3f 9e d9 e0 c2 cf cd e0 99 49 cc 6f 9e d2 fc d0 d0 99 9f b2 94 93 4a c2 72 9e b4 2e dd 05 3e a8 d2 d6 a9 bd 45 d7 ef d6 b2 1f 39 8b 4e 27 42 72 71 2e 86 d4 40 a9 0f 4a c2 b7 9b 45 98 9e 9d 51 02 35 b4 dc 24 1c ee 21 fd df 0f 3a 9b 3a f3 97 f2 7a f9 8a 69 a8 50 86 94 6b 13 f3 9a Data Ascii: I9,{@3j4'(y!NjLmdNj.>Nt3Fa_/yD`{?Awz^{xfQ5v=?-tf_x3h3oj?IoJr.>E9N'Brq.@JEQ5$!::ziPk
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 05 5a 2e 3d da 65 72 ce 69 df 1b ca c7 cd d7 0c e9 c3 86 fa 6b 86 e4 9c d3 5f 33 ac 9c 73 70 b8 91 9f 8e bf 46 88 0f 1b 7a 2b dd 4d 78 f7 e4 cb 86 eb dd 6d b9 3f 75 18 cc 82 69 30 09 ce 83 79 70 11 9c e1 5b 80 94 ce c1 de 88 c3 7f 5f 87 f6 7f f6 c9 bf 8f fd d5 8d e0 8b fe 76 b8 11 1c f4 57 36 ba c1 eb fe 7a 17 df 57 44 c2 d8 1e fe e2 b2 d5 fd be 37 6c dc 83 96 fd 81 2f f6 11 31 37 af 22 d3 29 87 5c ba 24 54 6b 59 25 30 aa ca 36 db fe 30 ed fc 6d 83 fe e6 8a fe c6 9f 64 89 f7 b7 bb 7a d8 a7 43 50 2f 2e 66 80 b5 16 4e d6 7f 22 43 9a a7 9b 5b ed 3f e0 2e 19 dd fc e9 08 81 3b b0 18 c9 39 19 8a 0b 18 d0 e2 e1 db 94 d2 b8 f7 29 e6 e8 13 6e 66 18 bf d5 97 41 49 4f 33 73 d5 e3 fb f5 5c f7 90 d7 41 2b c2 64 3a 20 4f 4a 51 dd 40 38 a4 70 bd fe 62 1c 29 64 e8 7b 08 Data Ascii: Z.=erik_3spFz+Mxm?ui0yp[_vW6zWD7l/17")\$TkY%060mdzCP/.fN"C[?.;9)nfAIO3s\A+d: OJQ@8pb)d{
2024-10-24 09:44:04 UTC	325	IN	Data Raw: 7b f7 e8 63 eb 3b e3 30 46 f6 18 28 62 2c d7 f4 1d c3 2b 3b 0c f0 0d 74 97 92 11 54 b8 d7 1f e3 b5 f4 55 a9 7f c4 6b 8d 7f 5b ea 59 2f e9 fb a1 82 b9 de fa 23 7c 3f 74 51 07 6b 7d 15 ce da 7f 04 58 a4 58 23 6d 13 06 1e 5f b0 d3 e3 bd c7 67 3d 32 af d3 c1 7e 55 4f f2 c0 d9 e8 76 11 b5 85 84 19 50 dc 4e 45 74 2b f4 b8 a3 2f da e9 85 ab 0b 72 05 88 fe cd 8f e8 96 7c 4c 73 9a b3 09 e1 5b 8f e9 ec 6f e9 82 eb 0d 70 d1 01 6e 16 45 ac 89 c2 8e fc 26 a3 4b d6 df b6 22 0f 2d 61 5e 7f de 5d 7a de e3 12 ae 7a af 70 65 87 40 ae 00 2d 1d 00 48 78 9a 65 b8 59 aa c7 c1 52 95 2d 20 2f 21 69 a1 ad 57 9d cd 65 0c b8 51 08 ed 88 ec 41 a4 d2 0a f0 b1 1d 5c 2f 74 16 4d e2 f1 bc ea cd 8d 48 ad 4a 21 db 07 c8 fd e3 df e4 69 c4 27 0e b0 ff e7 f6 2e 94 06 f1 cd 3b 51 a3 99 05 ae Data Ascii: {c;0F(b,+;tTUk[Y/#\|?tQk}XX#m_g=2~UOvPNEt+/r\|Ls[opnE&K"-a^]zzpe@-HxeYR- /!iWeQA\/tMHJ!i'.;Q

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
127	192.168.2.16	49892	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: dc062c0a5c6ca5748526f4b6e60af6e3 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:24:07 GMT Expires: Sat, 18 Oct 2025 09:24:07 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519597 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 66 66 61 0d 0a 00 00 02 ff c4 5c eb 96 db 36 92 fe bf 4f 41 2b 1b 8f 98 21 d9 94 d4 52 b7 28 cb 49 c6 49 ce e6 4c 32 33 27 ce fe f2 fa cc f0 02 4a 1c 53 a4 0e 49 b5 dc 51 f4 14 fb 77 9f 6e 9f 64 bf c2 8d 20 29 75 3b d9 3d 67 ad d8 ad 46 15 0a 85 42 a1 6e 00 32 3a d4 cc aa 9b 2a 8b 9b d1 6a 5c b3 3c f5 8e 2c da 87 f1 87 37 db 43 f1 e1 a1 f9 fb 21 fb fb 2e cc 8a f5 13 b0 5f 7f 7d f7 de f6 f6 87 7a 3b 7e f7 6e 7a 37 59 de bd 77 4e fc 67 30 2e 9d ca 61 f6 fa f5 89 8d 97 f7 cb 89 bd 7a 08 2b ab 59 b3 f1 ed fd 9d 7f 6b Data Ascii: 0000000100000001000000010000000100000001000000010000ffa\6OA+!R(IIL23'JSIQwnd )u;=gFBn2:*j\<,7C!._}z;~nz7YwNg0.az+Yk
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 61 56 eb 51 74 68 1a a8 b9 f5 55 9c 67 f1 87 f5 e8 5f 4f fe 79 64 d1 02 bb 62 75 3b 4d 98 31 6c e1 c1 8d f3 b2 66 6e 59 e0 0b 7a 59 61 95 01 5d a8 88 c4 7f 6d bd 4a b2 07 c5 c7 03 e7 63 84 46 93 bb f4 e8 46 65 9e 8c 5e d3 a0 af 6e 08 d4 c3 68 60 10 dc a8 62 e1 07 8b 7f 3d 56 e1 be 87 7e 83 61 d0 4b f6 fe 87 b4 0a d7 b4 1a 76 e8 21 cc 0f 4c fd bc ae 73 c0 d8 b2 10 72 c7 97 44 9a 72 6c 0e 5b ae 06 36 96 d2 66 21 a7 1f 21 17 a9 a7 62 af a9 6d fd 25 df a8 62 95 f6 58 a5 fd 53 ab 34 21 19 3d 34 ee 21 73 f3 32 4c 48 53 e4 cf d7 af 6e 3a ed 24 a9 bc 6c 94 84 d3 da 5d 8c 80 43 6d 5a 1c ff b0 ed c0 18 7d 83 d1 37 34 3a c9 5b 0d 43 eb 69 65 c9 7a 44 2e 7d a4 c8 ed cb 3a 23 5b e0 56 2c 87 01 7a 60 56 e2 46 79 19 7f e0 6b 48 e3 16 e1 8e ef f9 6c b3 61 d5 c8 a2 71 c9 Data Ascii: aVQthUg_Oydbu;M1lfnYzYa]mJcFFe^nh`b=V~aKv!LsrDrl[6f!!bm%bXS4!=4!s2LHSn:$l]CmZ}74:[CiezD.}:#[V,z`VFykHlaq
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 55 a7 4c ee 67 b9 a8 1d 70 c8 26 6a 6c 21 80 0e 34 4e f1 11 23 f3 c9 9b 40 73 03 ea 89 97 15 ec 68 3b f9 65 12 dd a7 6a 6a 5a 23 a2 1e 56 3c a5 4f 4f 00 3d 9c c8 4f 58 24 4d 95 10 42 0f 61 b9 8c c3 54 4e 54 0b a2 87 93 ce e3 bb a5 54 3d 25 8c 1e 0a bb 0f ef 42 b9 7b a4 40 7a 18 64 a4 94 99 12 42 e9 21 98 26 88 5b 4c b9 c7 e6 d8 5e 53 f9 8f 98 2c 37 b0 7a 7f 62 8b 4a 51 a5 28 1e b9 75 58 d4 48 50 ab 2c 0d 2c 14 7a 0e 55 cc ac b7 68 b3 50 2a 1d 39 d6 4f 65 84 48 56 fd fc a6 0a d3 c6 b1 fe 8d e5 0f 0c f5 bd d0 b1 be 46 0d 25 77 50 5a 52 54 c4 90 9c f4 ae 2c 4a 54 47 62 d8 72 45 f9 4d 99 30 49 59 43 45 8f 4d 85 ba 01 a2 80 c0 42 26 cd c2 ca 55 0d e3 c9 3d 16 65 e3 58 b0 4c e1 58 cd 4c ce d1 f7 26 a8 b7 5f 06 c1 dd 0b 2f 59 26 8f 2e 67 28 0d 77 59 0e 4f 82 c0 Data Ascii: ULgp&jl!4N#@sh;ejjZ#V<OO=OX$MBaTNTT=%B{@zdB!&[L^S,7zbJQ(uXHP,,zUhP*9OeHVF%wPZRT,JTGbrEM0IYCEMB&U=eXLXL&_/Y&.g(wYO
2024-10-24 09:44:04 UTC	305	IN	Data Raw: 4d 2a 23 3b eb 60 19 00 7b 25 d6 a6 03 e7 4d f6 8a fb 26 e1 5b 29 80 65 d5 ea a2 c7 5d 75 3d d4 4a 59 16 dc 4f 43 c9 82 5b 11 ee 1a 56 dc 8f 5c 68 ad dd 41 e3 a0 41 28 52 d0 61 d3 d4 71 5b 44 e7 5d c9 9b da 67 2b 5f 25 35 f8 12 25 a5 c4 11 ea b3 9b 0a 07 b5 2a b8 ea 22 6f 20 1a 8a eb f9 c9 7b c0 85 65 21 2d c7 b5 28 dc 63 81 8b 74 11 2f 38 7d 1a 17 30 8c 4d 77 09 aa b6 c5 00 f6 5c 20 25 02 2b fb c4 2d 9d c1 29 77 25 dc fe 05 7c 77 e2 22 0e e5 e8 9d c9 19 b9 19 24 f6 a4 1c e4 0e 87 34 4c 39 5f 22 67 c2 6d c1 80 d8 6d 32 c2 fa ff 61 64 a5 c3 3a 4c 40 09 bb cb 7e df 8a d8 67 1e 2c 91 60 71 ed 86 c5 1f ec 3f d2 f7 00 37 92 70 f7 c2 e1 df d3 ac aa 1b 40 b3 3c 31 db f9 1d a3 4b 13 15 7d 85 b9 7f 4e e4 12 37 7a 52 e6 0a c9 50 af a7 f9 ee 86 bb d7 66 71 01 8b cf Data Ascii: M#;`{%M&[)e]u=JYOC[V\hAA(Raq[D]g+_%5%"o {e!-(ct/8}0Mw\ %+-)w%\|w"$4L9_"gmm2ad:L@~g,`q?7p@<1K}N7zRPfq
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 36 62 33 0d 0a e3 4a a8 d0 6e 7e 37 a6 8d 31 b8 71 57 de bf 2d a0 91 0e 89 22 99 26 09 c3 2c 4b 2e 86 27 7d ce c7 4b 22 17 bd b6 b1 9d 8d fc 9d 0f 63 80 8c c1 e4 a6 36 66 7e 25 c0 30 d5 f6 d3 48 5f d0 cb 2b b4 b5 54 fb f2 e9 02 0c b6 35 c0 34 35 57 a8 1b 1a 4a 01 01 3e ed 49 1c 6d ec 7e 20 10 58 0b 54 98 17 28 de e1 f8 87 fb c4 36 62 17 39 0f b7 07 24 d4 de 5e b8 60 5f 79 93 a1 25 9f 66 89 cf 9e be c9 24 2e 5a 9d 44 01 5c 14 9b 8b 92 b2 aa 01 8e 4a c6 21 9b 41 2a bc 12 19 ac 4b d7 7c 03 c4 bd 73 54 7c 7b ce 5d b6 e2 b8 09 77 7d 1b dc 57 52 66 be 29 f7 81 37 43 15 45 d4 c3 a4 c4 f9 e1 b0 d1 de af 93 68 2f 81 f2 3a 8e c0 db dc 51 b0 a0 e9 0d fa 0d e7 85 ca 2e 6a 27 b2 d4 60 4e c4 37 70 e9 56 96 d8 82 5a 74 a8 47 24 8c 02 7d 5d 23 d6 20 64 96 aa 66 33 69 Data Ascii: 06b3Jn~71qW-"&,K.'}K"c6f~%0H_+T545WJ>Im~ XT(6b9$^`_y%f$.ZD\J!A*K\|sT\|{]w}WRf)7CEh/:Q.j'`N7pVZtG$}]# df3i
2024-10-24 09:44:04 UTC	315	IN	Data Raw: 14 51 19 32 65 2d 86 10 05 75 59 d9 6a fd ae 74 d6 e2 5e e8 b0 97 9a a4 3a 78 23 97 d8 0e 1a c6 f8 bf 12 24 f4 46 d4 d8 88 19 e6 6e e3 5e 1e 1c 08 6e 8c 34 b8 a5 f5 39 fd d5 67 77 dc ab f2 dc 2f a6 cb 7a 9d f6 df 49 fa 7f c1 55 9f 1b 23 fe 11 4a 26 df 34 bf 21 8d 53 e9 a0 bf 92 b7 2e 78 9a 2e f3 06 ac 97 4a 70 3d ba eb 46 e5 5f f3 30 4f cb dc f2 a6 e2 3c ef 4c 2f 82 4f e2 1a 12 85 61 3d ad ce 8a fd 01 4f 9f 8d 3d 6b a4 1b 66 b9 65 a0 26 6a d5 f8 90 e2 28 d1 18 7d 22 47 7f 47 2f e3 de 5b 6d 0c 2f 14 a5 d3 d9 0c e8 94 8e 20 f6 c7 6b f6 77 fa ca e3 7b db fa ac f7 c0 f1 14 16 78 5b ca ef 5e a5 b8 32 f4 e8 ee 0f f4 ff a6 c0 c8 73 8b 32 a1 f3 67 b8 6c cf cd 87 10 9e 50 e3 cb 2f 96 1c ba 18 bc ff 68 9f ff e0 8c 46 ef 6d a7 f2 be 5e 17 e7 f3 7b 7b f5 2f 37 37 9f Data Ascii: Q2e-uYjt^:x#$Fn^n49gw/zIU#J&4!S.x.Jp=F_0O<L/Oa=O=kfe&j(}"GG/[m/ kw{x[^2s2glP/hFm^{{/77
2024-10-24 09:44:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
128	192.168.2.16	49893	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	676	OUT	GET /gui/30192.1c2ba98f9e3aa24d1929.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 2a511da9cd66121d7c08ee7d9f16b424 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:22:07 GMT Expires: Sat, 18 Oct 2025 09:22:07 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519717 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 77 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 46 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a ef 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001{00000001w0000000100000001F00000001000000010000000100000001
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 2c 8d 26 72 e0 7d c8 62 e1 18 7f e8 5e 25 ee 9a a6 96 ae dc 30 34 03 c9 89 d1 5e 77 53 1c e4 c8 77 93 2d ea bc 70 d3 cc da ac 7d 4c d6 1f 9b 29 ca 76 37 0c ce 07 91 db d6 b8 77 ee 63 6c 5c e8 fc df 53 a2 48 af 84 1f 24 d8 a7 5f 93 b0 dd 2a f6 ac 65 67 4e e0 63 7f 1d 37 03 79 9f 6d 32 91 3a 84 c4 e5 2f be 26 62 d8 e5 b3 c8 b9 1a 39 89 58 c5 97 e2 a5 9b bc f7 e3 ab e8 c7 38 59 a1 3d b0 a9 5d ea 88 35 eb 38 e9 66 46 37 08 ea f4 ec 7e af d7 19 b7 ba 2d 3b 12 57 d6 53 ac bd dd 17 87 df 97 da 82 78 64 ef 56 b1 1f cc 03 ec 24 06 7e 47 30 ea 38 59 fc 22 f6 dc 50 50 ab 0b d5 5f 4b 44 dd 5f 2f 5a f6 f5 0a 27 77 39 6e 85 71 b4 68 d9 be bb 1d b7 22 10 6d dc 5a 2d 7b 2b dc a4 f8 75 a7 31 1a 80 79 1d 67 6e f8 3c f6 d2 76 d6 39 63 24 65 09 ac 5c 4a ac e4 87 7f e6 fa 0b Data Ascii: ,&r}b^%04^wSw-p}L)v7wcl\SH$_*egNc7ym2:/&b9X8Y=]58fF7~-;WSxdV$~G08Y"PP_KD_/Z'w9nqh"mZ-{+u1ygn<v9c$e\J
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 82 2a 10 d8 07 fb b6 a6 98 46 67 cc e6 b4 67 42 4d 03 6c e5 24 6f 19 00 c0 15 60 6b f1 af 06 70 56 00 58 af d2 6c 24 04 39 03 7b 82 3c 69 f3 f8 17 c2 34 a6 47 84 08 a8 f4 88 d9 c7 8f 0f 32 c3 60 2a ad 66 00 6d 9f c2 21 c8 ce bf 80 f4 07 59 70 29 de 12 4e e6 b2 61 a0 46 80 9a d5 81 6c 1d d2 5a 3e 7e 6c 01 82 ee 26 cc 5a 12 7f 8d ca 32 1f 2a 35 c3 a4 93 6c 99 c4 57 16 dd 00 af 31 8d 67 49 02 b5 5e eb 87 1f d8 70 d6 0a 57 83 a5 57 ed 5a 74 03 c9 69 58 97 6e b8 11 0e 88 bc 2a 6b b7 94 8e 00 da cf a9 38 53 24 6f ac 88 78 07 70 d8 61 66 a6 86 51 4c b6 52 79 88 0a 7d a9 80 56 56 fc 0d 5a 43 1c 8b 4e 10 59 59 23 46 a8 0d 03 60 31 fe 18 fb 92 1f 09 75 4b 45 f3 60 b1 49 f4 dd 64 5f 25 01 a8 9d be a7 c6 19 50 71 1a d8 d9 8e 76 e5 57 b6 4f a4 b2 fe a6 34 fe 14 a5 31 Data Ascii: FggBMl$o`kpVXl$9{<i4G2`fm!Yp)NaFlZ>~l&Z25lW1gI^pWWZtiXnk8S$oxpafQLRy}VVZCNYY#F`1uKE`Id_%PqvWO41
2024-10-24 09:44:04 UTC	470	IN	Data Raw: 0f d3 d6 4f b1 72 09 b1 7e 30 76 1f 5d 29 77 2c 6b 1c 1c 93 7a c8 0b f4 a2 c9 2a 26 6c 58 0e 0d 1b 28 f5 9a 85 7e 41 1d 1a 12 2f 63 cd ce 32 67 80 95 c8 5c 47 d9 fa 99 fb 4b 7c 16 8f 7b 76 84 02 e3 af 26 8d 6d b9 9c ea de b5 23 f7 cc 1d f7 3a 8f 07 98 a0 44 bd 12 3e ea c3 9c 18 76 39 29 bc df c8 ed 54 48 fe 93 50 ab 95 73 4d 46 b3 03 05 66 70 26 a6 5e 93 c3 56 bd 72 4e 35 c0 fa 31 4f 0a 7e 9e 62 33 89 18 93 50 9c e5 bb cd 06 de 5e 63 81 91 9a c6 09 f2 5e c1 da ed e9 d5 35 bd ba ca 4f ec 7a 47 9a fb 71 53 77 cc f5 40 fb 99 d5 cf 00 0e 7d fb 72 fa 1c 96 5d 8e 06 c5 26 49 0b 93 c5 76 cd e0 1e fb f4 02 46 4d 83 6d 65 74 aa f4 f3 d8 22 6b 2b 74 e7 64 f6 d0 e6 66 ce e3 14 ba 91 5c 0e 91 5b 5c 65 03 89 30 18 37 0e 66 7a 5d 61 2d 2b ac a5 b4 94 ff ba e7 f9 dc 48 Data Ascii: Or~0v])w,kz*&lX(~A/c2g\GK\|{v&m#:D>v9)THPsMFfp&^VrN51O~b3P^c^5OzGqSw@}r]&IvFMmet"k+tdf\[\e07fz]a-+H
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a bb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 99 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 67 0d 0a 30 30 30 30 30 30 30 31 0d 0a 65 0d 0a 30 31 0d 0a 52 0d 0a 32 30 37 36 0d 0a 74 ee 6b ce d4 7e 4a 95 97 33 bb 05 ff 17 e4 ea 4c ad 03 bb 43 67 9c 31 6a e4 15 83 b3 a0 72 61 98 19 6b 25 d4 1d 06 61 2c e0 1d af 83 ef 80 80 df 11 02 ba 15 c7 2c 1e 14 91 c1 8d 42 80 df 7e 37 0b dd e8 3d dc de ee 1e f1 42 95 b9 2f 3b 39 a9 d5 22 25 2a 41 Data Ascii: 0000000100000001_00000001L00000001000000010000000100000001000000010000000100000001!00000001g00000001e01R2076tk~J3LCg1jrak%a,,B~7=B/;9"%*A
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 35 a4 7f 86 1d 78 f6 65 76 00 02 89 b8 84 17 18 72 c2 90 97 0c d8 bd 02 fb 11 06 5b 26 d3 66 7d 0c fa be 81 3e e2 88 3f 99 fc eb 7e 6d c3 bb 35 e3 7d cd 61 a6 6a dd 67 60 df 14 60 df 4c 6f f5 c4 44 6d b8 d7 d4 c0 fe 0b c0 fe cb 97 01 7b 65 ea 05 cc 6b be 34 95 9a 9c ee ac 0d ec d7 7f 02 f6 95 fe ed d6 65 85 41 e6 f7 2f 45 47 c2 d3 94 12 c1 c8 80 f1 52 74 e4 9a a2 23 97 9d c9 af 32 3a 32 71 fe bd d3 46 98 de 4b 1e 09 d9 24 51 17 41 80 37 34 6c d0 1f dc af 5d 4e 52 f3 a0 f4 1b 46 cb 55 fe ca 61 f0 2e 4d 14 cf a2 b8 28 e9 84 77 97 46 7b 34 5f 77 5a 59 41 1a 5f 33 af c3 7b 36 ad 5c f8 f7 6c 9d 5f 59 f7 6c 57 26 b6 f7 6c ac 69 c5 3d 5b 55 b0 bc da ba 1e ca 5b c4 bf 96 10 18 f7 c2 73 ff cf b4 26 99 aa 68 ff 72 aa b0 30 86 55 a2 9c e7 80 2b 79 48 29 81 64 07 71 Data Ascii: 5xevr[&f}>?~m5}ajg``LoDm{ek4eA/EGRt#2:2qFK$QA74l]NRFUa.M(wF{4_wZYA_3{6\l_YlW&li=[U[s&hr0U+yH)dq
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 41 97 b8 57 17 89 97 3b 4d 52 2c 2a b9 66 64 c1 ba aa 9e fa 3a fa 3a c5 d1 30 f2 f3 4f a1 90 ab b0 57 65 77 ff cf a1 8b a3 65 b3 41 6e 54 c1 81 e3 92 fa 57 30 73 d0 5b c3 d1 d4 30 d1 f7 53 c1 11 ab 5b 11 a3 18 ab 2b 7d 83 70 99 c0 e5 30 e5 ec ae 62 b8 cb 28 ca 19 ee 5c bb 58 59 11 5d 2b da 99 8c 3c f2 6f e0 f7 8b 28 96 78 1a 3b 7a 0a fc 88 31 ff 9f 3f e2 20 6a b7 6c ab 6c 45 df c7 ac 56 18 7b c6 ac 32 b7 96 3d cc 2a 14 9f 35 dd 97 11 18 4a 69 9a f6 b0 c3 2c 29 93 b4 1f 40 ac c5 ed 2c 53 c4 e9 f4 e9 0c f8 94 97 09 49 7d ea fa 33 4e 74 6a 2c 81 92 44 b0 35 37 84 b9 dc ca 21 ab 11 94 43 9a 66 92 d9 a0 37 b1 c9 ac da dd 18 e5 cb 92 f1 7c c5 6f 77 d6 57 71 c7 af a6 aa c5 cd 0a 30 be 80 9c 5b 5e e1 c6 97 86 bd 7b df f8 27 fd 5e 1f e9 6d e5 33 48 48 a4 de 53 0c Data Ascii: AW;MR,fd::0OWeweAnTW0s[0S[+}p0b(\XY]+<o(x;z1? jllEV{2=5Ji,)@,SI}3Ntj,D57!Cf7\|owWq0[^{'^m3HHS
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: f2 d2 a1 5a 52 b5 95 f7 11 a4 cf 3e e8 48 c4 fc 31 47 b0 76 32 a3 2e 69 0e c8 01 ae dd d2 9a 28 99 e0 41 e8 e7 c8 8b 1e 21 99 af b7 2d bb 78 3c 50 c9 ae c5 c4 ce 51 fe 1a 0f 85 e7 ea c1 fa 08 4a 70 27 17 24 f2 af ed ca 24 4a e8 92 5e 16 97 fc 92 2e 80 f6 02 e3 ba 01 a4 34 55 93 82 10 84 04 0f d1 75 99 86 75 9a 3f 46 a6 83 0c 1f f7 99 5d 23 2f 7c d3 e7 cf 96 f5 df ea 3c 0c 3e 99 44 e6 81 48 26 9e f3 9f ef f0 9a 1a 81 5e de 88 3a be 42 4e a9 78 cc 8c 94 ef ac 44 36 32 09 43 5e c9 b4 42 90 d3 5f 89 ff dc 04 89 f0 91 c5 dd c7 0e 9e ab 60 11 e4 ab c4 13 c5 95 2f 7e 47 09 b3 6a 60 b3 e7 f4 2c e2 32 98 93 22 47 cd b3 52 bc c6 93 f1 28 53 d8 53 2e 9b be 71 1c 4c 90 74 2f 25 34 7a 0b d0 b1 d4 ed d7 f8 15 b0 c4 bf 7b 77 4f ab 90 74 34 49 b1 ff 12 a3 f2 77 eb 00 10 Data Ascii: ZR>H1Gv2.i(A!-x<PQJp'$$J^.4Uuu?F]#/\|<>DH&^:BNxD62C^B_`/~Gj`,2"GR(SS.qLt/%4z{wOt4Iw
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 22 72 a0 f9 b3 8a 78 ac 13 07 5e 28 89 70 aa 9f ee c8 25 46 12 7d ca 55 c0 fe d7 a2 f5 35 ef db 50 a2 45 f2 3d 42 31 ac 8f 60 79 d6 5c fc 05 0f 01 7e 46 8a 2c 74 f8 db 2d c3 23 81 9d 60 31 fa f2 62 a4 f7 5b e8 69 3b aa 98 b6 f1 d8 86 1a 4d 71 ed 17 b8 b2 64 fe dd 1b 04 67 25 9a cb 59 f8 88 d6 bf 71 1e 39 7f f7 85 27 a2 e4 26 2e be 6b 90 80 8b 8c 25 48 72 31 9e 26 fe dc ff 64 b8 10 8f 22 e1 58 d7 28 00 30 6a 54 f5 96 bd a4 a2 60 29 ee a4 52 d8 d7 67 bc 16 91 e9 95 b1 29 d4 a7 9c 45 1c fd 8c 1a 8a cc 91 cc 2f d9 18 50 16 30 04 4d 42 95 52 6d 04 b9 ca 01 bc 22 f2 69 2b f9 5b 3e b4 fd 4a 40 c6 12 97 d0 20 14 32 9a 89 63 be 85 a5 f2 c2 18 4c 37 c4 d7 24 74 71 15 5f ef a3 ed 1d fb a8 d7 93 71 d3 c4 15 6c d2 0e 25 83 94 8c 18 45 9a 93 e4 5d 16 ae f3 62 50 67 e7 Data Ascii: "rx^(p%F}U5PE=B1`y\~F,t-#`1b[i;Mqdg%Yq9'&.k%Hr1&d"X(0jT`)Rg)E/P0MBRm"i+[>J@ 2cL7$tq_ql%E]bPg
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: e9 dc 2c 2d c7 08 e5 e7 59 d4 f2 06 f4 a7 02 80 4a 4f b3 9e 2f 66 9a 54 29 20 54 2a 8c 46 9e 3b d7 0b cd 01 51 a9 33 1f 7a 27 23 8d 7a 06 18 95 2a e2 d4 3d 71 f5 e9 d1 00 a9 d4 e0 64 4a 01 a5 52 81 93 20 49 31 f5 19 1b e2 78 81 cb 95 ff 53 8b 95 04 36 3f 9f 38 a2 1a 54 73 84 7f 75 91 fc 39 85 4a 38 09 e6 63 ab 75 21 0d aa d6 05 be 91 4c 85 58 d4 57 f1 2c ce 62 f3 f7 d3 c4 9d 67 b6 f5 bf 05 f4 98 c4 1f da d6 93 24 70 43 db 2a 7a 51 43 ca ae 61 41 8c e1 f4 e9 81 96 9b 9e cf 11 b0 a1 7b ce 4b 55 8b 45 82 e7 87 89 f5 b4 88 37 75 13 84 29 a9 0f 6d dc fa be 58 d8 16 68 8f db 36 2b d3 6b ec 39 7d e8 79 9b 8b 20 9e a8 5b 32 f6 b7 5d 39 21 f5 be ca 18 51 1a 49 5b 16 55 20 50 6b 20 b3 3f f6 a1 84 aa f6 74 25 e8 18 8f 2d 1c 7d 56 24 b9 ea a5 2e ea 3b e6 7e a3 f1 61 Data Ascii: ,-YJO/fT) TF;Q3z'#z=qdJR I1xS6?8Tsu9J8cu!LXW,bg$pC*zQCaA{KUE7u)mXh6+k9}y [2]9!QI[U Pk ?t%-}V$.;~a

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
129	192.168.2.16	49894	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/11358.f3f57088de337b2eacd2.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f94407868fd93c7cedeab8b3567d54f9 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:57:01 GMT Expires: Sat, 18 Oct 2025 08:57:01 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521223 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a fd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a d3 0d 0a 30 31 0d 0a 46 0d 0a 30 66 66 30 0d 0a f2 e7 ef f7 57 08 27 cb da 89 2c 6c cf bb 27 86 90 81 dd e5 02 21 5f 06 f2 7d f6 c8 3c 20 db b2 ad 60 5b 5e 49 9e 61 62 fc bf df a7 aa ba 5b Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001000000010000000101F0ff0W',l'!_}< `[^Iab[
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: c6 16 e6 09 bd a2 ab 2e b6 66 13 78 bc ef 47 f3 78 f4 4e 0d 78 df fb 6f c2 b5 f7 dd bd b0 32 c0 2a 8d 2e e3 e8 ca 2c 13 00 d7 0f f1 b3 34 54 83 dc 73 97 8b 61 09 6f 0a 55 1a 25 56 11 61 b3 21 90 03 0f 8b 30 1f 34 86 8d 32 94 0a 87 c3 75 9e 27 4b 2f 06 6d 79 c1 30 42 7b a6 83 27 f8 5d 2f e8 3b 35 bf 34 35 d8 a7 59 f2 78 e5 85 cb 18 53 44 63 6f 1c cd c3 eb 41 a3 d3 b8 ff 03 88 4b f7 52 cd d0 ed 1e 40 74 61 af 01 34 fe 53 01 7d 92 87 d8 ba cf 04 75 fd a7 82 fa 8a ce d6 1c 1c e5 73 31 fb af 75 42 f4 5f 22 d6 7f 27 19 fc 17 cd e8 0d e7 c9 e8 dd 67 a2 78 04 e6 f5 a7 82 7c 86 09 3f 02 b1 22 e3 1a 6a 06 ff 04 d3 5a e6 90 83 a2 94 d8 54 ae 38 aa f0 38 f5 8b 39 fd 74 36 b9 7d 9a cc bd 61 92 62 7f db 1d 6f d5 ee 34 3c cd c3 85 45 7d 1f 2f 57 6b 1c 62 f9 cd 61 df 52 Data Ascii: .fxGxNxo2*.,4TsaoU%Va!042u'K/my0B{']/;545YxSDcoAKR@ta4S}us1uB_"'gx\|?"jZT889t6}abo4<E}/WkbaR
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: e8 1d cd a8 6d 39 d0 f6 04 c3 46 d3 1b e6 4b 0f ff b5 61 02 23 13 42 7b 95 c2 66 93 5e 7b 8b ac 1d ae f3 a4 e1 b9 1a 60 d9 48 70 ce fb 05 0b 8e 31 01 39 4a 30 34 c4 ea a6 4b 91 43 1d aa 68 9e 84 63 dc 3d ea 37 87 16 5a e0 ae e7 37 72 57 9f cc 7b 31 e0 88 fa ac b4 c0 ce 07 ea 21 da 6d 10 e3 3d b3 19 af b3 8d 05 2b 3b 1b e8 29 ea 59 99 26 1a de 48 1a b3 b5 f5 bb 27 87 dd 5e 8d d9 9e 1d 17 e2 4a 80 5d bf 0b b3 3b d9 ed 95 09 9f ec f6 ca 84 5f b2 db 9f f4 0e bb b0 cb 93 dd be 7b b0 d7 43 37 32 dc 9f ec 77 8f c4 6e bf 4f 6e 02 63 b7 3f 54 cc 73 ed cf 60 9e 67 6b bc 36 82 7b 97 da b2 ed c3 08 0f c3 f4 26 4f af 59 9a 85 69 fb 75 76 01 bb 35 1c 05 a1 16 ad 49 67 20 31 46 c8 d8 e3 2b 29 41 c1 36 0c c6 c9 32 7a 90 37 e7 ad 3e 4c d6 8b 38 23 b9 33 4b e6 97 11 8a 82 Data Ascii: m9FKa#B{f^{`Hp19J04KChc=7Z7rW{1!m=+;)Y&H'^J];_{C72wnOnc?Ts`gk6{&OYiuv5Ig 1F+)A62z7>L8#3K
2024-10-24 09:44:04 UTC	416	IN	Data Raw: f1 2f 56 57 75 ed 92 54 e5 cc 5d b6 e7 14 97 6e 9e 40 0e 90 90 1d 8c dd 36 31 3b da 34 a5 2f 72 02 a2 e1 2d 93 78 f9 4e 21 a5 1c c2 01 fc 88 c7 f3 cd 9c dc 77 05 86 2c d8 2b cb 1c ab 60 bf d2 ba 86 58 d7 90 10 59 b3 2c 77 c7 bc 62 29 69 3c 9d e5 7a 0b 6b a0 63 d1 ca 9a b0 d5 6f 34 e8 bf 12 35 d9 f8 5d 01 8e 15 e3 77 75 ff 25 f4 2d 44 8b 09 99 c7 d9 f2 af b9 97 ac f2 78 01 fd 65 cc 62 ac 50 36 c2 9e 2e 63 44 32 7c 77 6f 45 5b dc ea 5b c4 b7 c6 70 6b 1e 2e 9b 27 b9 b7 84 bf 71 d0 88 96 10 cb b5 a0 d6 b8 0f ea 40 1d 77 75 dc c5 5a c9 d7 44 6f a9 f7 6f f8 90 b1 7a 2f f2 e3 1b dd 48 b4 37 fd 9b a2 27 69 4e a6 b5 c5 8d a6 35 b2 9f 5d da 97 ae 9c 11 73 d7 7e 62 6f 0b f3 c5 15 b7 6b 8c 1f 10 4b 10 85 10 ae 0b eb 9e e1 1d 6c d8 73 00 d3 0b ac 8e 5b 5c b4 4e 07 83 Data Ascii: /VWuT]n@61;4/r-xN!w,+`XY,wb)i<zkco45]wu%-DxebP6.cD2\|woE[[pk.'q@wuZDooz/H7'iN5]s~bokKls[\N
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 7f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 78 0d 0a 30 30 30 30 30 30 30 31 0d 0a b4 0d 0a 30 30 30 31 0d 0a d7 0d 0a 30 66 66 63 0d 0a 3d b6 a4 1e 05 f0 2f 1c f3 fd 9b 05 30 d6 d5 81 c5 95 62 be 7b bd e3 13 15 60 7d 70 88 60 6b 0a b0 46 24 b4 08 4a da 78 2b a1 d6 ca 7a cb a1 d6 07 bd 0e 9a 92 c9 56 59 6f 39 d6 5a ac b7 14 6b 7d d8 3d ea a1 01 c5 5a 77 0f 60 17 96 58 eb 93 c3 93 63 18 75 67 d4 8d cd bb 14 5f ad cc bb 97 54 08 10 10 b7 3d a5 52 09 cb 86 4d 10 81 dd 47 c7 1d 0e cb 46 78 fa 3e 80 45 c9 c1 41 ef 18 c6 9e 6b aa e6 28 72 2e 3d c6 0a e8 07 36 50 d3 0f 2c 07 d2 0f 7b c7 7b 27 18 19 3f 1c ee 1d f2 10 3d 48 88 f2 43 f7 84 c7 ba e2 a9 ba c7 52 7d d8 ed c0 e4 01 fc 9c 1c 17 de 3a ff dc 3f f3 bf f6 5f fa 2f fc 57 fe 13 ff b1 Data Ascii: 0000000100000001x0000000100010ffc=/0b{`}p`kF$Jx+zVYo9Zk}=Zw`Xcug_T=RMGFx>EAk(r.=6P,{{'?=HCR}:?_/W
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 0e 7f a7 db ba 4c 3a 4f 71 f6 40 85 d2 d3 bb 9a 41 8e 65 ba 99 42 14 40 c2 36 87 b7 90 3c 30 49 d6 e0 8d 42 54 71 0a 6b 27 18 6a 89 58 f4 ec 9f 48 27 4f 40 27 4f 98 4e 70 1b f3 18 42 1c 8b 98 b2 0f e6 5e 40 bc ee f9 44 a0 d7 c4 f2 bd 34 b4 b3 49 bd ef 69 97 db 4e 11 5f d6 67 94 72 4a 32 8b 3e fc 10 34 9c a9 98 7e 36 44 8b c2 10 9d 85 6c 85 82 e0 92 87 8c cd 40 f0 78 76 e9 2b cc 2b 85 f5 04 26 e3 15 b4 a5 c7 d7 cc 76 7f 37 59 a9 ae 12 5e 91 9d ee a4 2a a6 1b 76 72 9d 9f 15 14 a2 d9 c8 2f 49 4e 1c 40 22 4b 2b 14 40 6a 05 d2 c6 b9 b7 07 a9 8f fc be e0 38 f0 58 10 03 11 42 40 9a ee 02 db ed 5e 3b d6 61 7f 8c 4d 7c ac 37 11 f9 c6 3c 98 3a e4 fc b3 c6 bd d6 4d 8a 06 c5 e9 e5 32 c5 67 ea 0e 2a d7 17 68 54 cd 35 16 f7 b6 17 ea 6e 52 51 89 38 08 14 d5 a5 ce a1 c6 Data Ascii: L:Oq@AeB@6<0IBTqk'jXH'O@'ONpB^@D4IiN_grJ2>4~6Dl@xv++&v7Y^vr/IN@"K+@j8XB@^;aM\|7<:M2ghT5nRQ8
2024-10-24 09:44:04 UTC	1332	IN	Data Raw: a8 ec 91 65 11 38 3f bb 01 72 33 63 73 33 47 c8 4c de ef 22 12 8a 96 61 2a 20 e3 a9 4d 62 cc 59 35 bc 18 2d ee 85 55 38 2d 91 0f f1 68 77 c2 92 07 ed c3 07 84 4b eb 65 ce ab dd ad 65 ce ef de 9d 3b cb 04 11 37 57 0f 84 1c 8b 23 5f bf d2 95 6f 99 34 4b ab b1 fb 22 24 88 a9 ec 85 61 21 4d 9d a2 42 c7 55 27 94 48 d6 ca a3 22 30 9d a2 fe d9 bb a8 4e b2 9d a4 31 86 e3 a1 ec 13 c4 c3 2a 1a 69 94 95 41 e2 1b 96 23 5c 1b 52 5f a9 da 36 ed 17 0f db 39 ac c5 4a dc 30 49 1a d6 92 91 c5 c9 fe 50 7a 36 04 c7 92 ad bc 10 24 c7 f5 5e c7 41 8e 83 a8 8e 98 8d 9d 5a 1a ba 2d 66 e9 6c df 41 90 95 de 6d 04 d0 96 7d ae d6 6e 4f ee de 9d 38 bb ad 19 8f 6b b7 aa 83 68 ed 37 1c ee 8e 6b 19 56 2b 3a a4 6c 3c c9 f4 a9 d6 46 90 ba 31 ac e6 74 a2 b5 11 c4 39 05 ba 3f d6 65 65 2c 9d Data Ascii: e8?r3cs3GL"a* MbY5-U8-hwKee;7W#_o4K"$a!MBU'H"0N1*iA#\R_69J0IPz6$^AZ-flAm}nO8kh7kV+:l<F1t9?ee,
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1c 0d 0a 30 30 30 30 31 37 66 31 0d 0a 92 28 84 1f 68 bd dd 88 82 ae 65 75 e4 c8 34 3f 5a 52 97 1f 2b b9 0b 81 f2 16 75 e4 15 ea c0 12 6b a8 03 60 b2 04 a6 c8 01 5e ed e4 13 c8 c1 c5 27 61 f1 05 ad d8 da 29 da 4e d9 25 3e 42 84 95 4c 9f 9f 5a 18 6b b6 41 b0 48 27 c7 20 a0 1e 17 ff 47 98 a0 a5 eb 63 42 60 d2 19 61 11 54 e4 52 72 3c b2 57 9b b8 91 d0 1f 5d 64 8a 03 90 d2 71 ca 7e 29 a8 4c ec 94 6a 36 a8 0c 29 43 ad 6d d9 59 5e 3b 02 2b 70 14 03 97 0c de ce f2 7c 95 f5 ef dd bb 8c 53 7a 32 0b 8a 0f 49 e0 f7 b8 c9 bd 08 72 c8 98 de af db 92 a8 17 fd c0 cf 30 0f ba b0 aa e3 b5 ef 01 a9 5c e0 6f 71 f6 08 91 86 fc 14 22 b4 2d bc b3 fa 0e 0a 17 cc 8e 48 7b da be 3d 9d 04 4f 7f 0c f0 86 fa 52 bf c1 15 4f e8 45 43 08 88 e3 70 0e 6a 15 Data Ascii: 00000001000017f1(heu4?ZR+uk`^'a)N%>BLZkAH' GcB`aTRr<W]dq~)Lj6)CmY^;+p\|Sz2Ir0\oq"-H{=OROECpj
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 4e 2d 1d 6c 88 b8 34 f6 b4 48 20 dd 6a cf aa 1e 4b 09 36 dc 5d 10 d1 55 b3 88 c8 60 55 10 87 f5 3c 46 06 18 e0 74 d9 f7 f8 bd 11 69 ce c2 06 37 56 6c 4c 90 6c 28 d0 e1 d6 07 b2 a1 b4 16 ba 00 35 9d ec 18 43 ef 93 33 84 a2 89 f2 10 16 de 6d 40 09 18 81 53 84 8a ca ce 74 7b 75 5b 63 ed a7 7e dd 4d 7a 96 f7 29 5b cb a7 5b d4 1c c8 67 90 67 d2 ea 5b 8f e9 73 28 7a 37 63 7c 90 40 de 97 b3 b1 c7 98 e5 fb 48 86 94 dd b6 37 4b ef b5 3a 29 73 5c 20 ea 10 ca 6d 6e 50 1c d6 03 c1 5f ab 31 64 a5 f6 55 7d 2f 0e 96 c3 3e 24 62 be a5 eb 2e 4c 60 3d c4 15 8f b3 52 3f b6 7a 4c 59 58 07 ef 43 cd c0 18 c4 bd 0f f8 7b 7b ff a6 fb c0 88 03 86 01 d2 0f 6d 31 69 f1 72 81 0a b0 78 c1 36 e4 61 2d bb c8 02 4d 77 42 8a 77 27 46 58 5d 9a 87 4b 45 53 5f 91 00 83 8f b5 49 5b 0a 3e a5 Data Ascii: N-l4H jK6]U`U<Fti7VlLl(5C3m@St{u[c~Mz)[[gg[s(z7c\|@H7K:)s\ mnP_1dU}/>$b.L`=R?zLYXC{{m1irx6a-MwBw'FX]KES_I[>
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 5e af 09 7d ef 61 1a 87 73 df c3 67 1b d4 28 32 25 0f bd 48 96 89 92 79 f4 c8 fc fd 5e 19 d9 d4 4a 0f 44 0f 8c 63 04 e8 f5 d9 94 1e a6 f4 2a 03 17 34 bb c7 d8 94 a9 ef 81 33 85 4d bd 32 b5 c6 4e d0 3d 68 ed a8 82 ef 41 6e 49 fa 12 2e 03 34 09 17 78 fc d2 52 84 4b 18 a8 74 60 e1 af 8b c8 98 f2 48 da 5c 86 a3 6f 55 39 52 7e 37 d0 f7 1b cd af 6c 34 b8 0b 71 b9 2a 5a 2f 94 1d d9 9c 3d b0 54 62 80 fb fb d6 98 43 d8 72 8b 9b 90 bb e0 78 30 97 76 70 21 5d 34 73 33 f3 19 d6 e4 d6 d4 50 43 c1 35 34 ac 78 98 72 b4 af 59 a8 39 56 5c 2b fd 0f f6 7d ef 10 f4 74 a4 6e c2 62 08 81 fa 64 12 4e 86 02 98 5d a5 a0 df c7 65 d0 3b 40 f7 de 81 12 49 e0 00 c9 63 3c e1 67 a0 3f ec 1d 8e 8e 15 36 dc 4a 19 e3 e4 18 f7 49 87 fe a7 2f 0d d3 8a 21 88 46 51 34 29 f7 37 e8 23 5c f7 f6 Data Ascii: ^}asg(2%Hy^JDc43M2N=hAnI.4xRKt`H\oU9R~7l4qZ/=TbCrx0vp!]4s3PC54xrY9V\+}tnbdN]e;@Ic<g?6JI/!FQ4)7#\

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
130	192.168.2.16	49895	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	676	OUT	GET /gui/51452.bfed120085deab858144.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:04 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 4056fdd31dca38231ff99256b2a62956 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:52:48 GMT Expires: Sat, 18 Oct 2025 08:52:48 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521476 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:04 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 69 0d 0a 30 30 30 30 30 30 30 31 0d 0a 63 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 30 30 31 0d 0a c7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 91 0d 0a 30 30 30 30 30 30 30 31 0d 0a f6 0d 0a 30 30 30 30 30 30 30 31 0d 0a f7 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001i00000001c000000010000000100000001000000010000000100000001
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 93 97 cc a2 74 d0 e0 66 16 69 03 a9 e3 f0 1c bf 65 38 6e 3b ed 78 85 ed 6f 27 a3 60 32 89 66 63 2f 07 5f 7a 94 9d dc 16 98 b1 ff 51 56 ba 3d 9a 06 8b 53 35 d6 c9 1b 06 40 d3 7d f8 80 86 86 02 0f 6e 1d 06 15 92 11 17 ea 64 2b f9 c8 fb 5b cb 6f 3c 75 97 44 af 5a a3 74 50 24 21 37 0b 40 2c e1 4e 3a 51 b9 74 a0 86 b1 4a 83 70 d6 39 0f 66 2b b5 6e f9 1a 93 a1 7c 35 b4 00 c8 05 7c 01 64 ea b1 7c ec ab ce 3c 58 32 10 3a 60 31 04 58 0c 1d b0 a8 d8 07 4c c7 cb a0 d6 ac ff 34 1c ab 27 8c 81 93 ca 65 66 98 d2 bb ec 31 8a 19 34 26 17 ed 21 36 94 52 79 d9 73 3b c0 30 a2 0b 12 a0 a1 e8 f8 aa 8d 23 9b 86 41 7c 85 3a 6d 2f 18 01 ad 8e c3 c5 a9 97 46 9e 00 9d 47 6d 20 4b 83 51 1a ce 55 3b 38 8d bc d5 22 bc a4 2f 66 6c 66 83 4d 01 da 4d b3 f5 b9 5d e5 f6 4c e9 ea d5 e0 6d Data Ascii: tfie8n;xo'`2fc/_zQV=S5@}nd+[o<uDZtP$!7@,N:QtJp9f+n\|5\|d\|<X2:`1XL4'ef14&!6Rys;0#A\|:m/FGm KQU;8"/flfMM]Lm
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 7a 17 d3 70 34 a5 22 1b 9b d3 53 c5 fa af f0 12 8e 57 0b 3c b2 3d 3c b7 bd e5 2c 48 71 be e6 9d 9b 8e 89 79 e1 b8 70 e9 2c 13 3f b3 64 ad dc 75 31 6f 15 8d df 18 f4 80 63 57 b3 54 c0 b0 80 7d 1e 86 66 a5 75 06 f8 63 97 58 32 d0 ba 67 6d 42 63 1a 76 43 fb c9 0c 8b a1 19 4f 91 b8 0c 64 aa 23 33 47 1e a0 25 ec 84 93 67 cc c5 1a b7 c0 d6 01 7c 80 94 a6 17 d3 08 87 f0 34 8a af 04 e6 98 9c 66 f0 c7 1b 8b ee c8 6f c1 a2 78 aa 8b a0 9e 29 4d 35 81 07 c6 60 84 1e ab 20 1e 4d 1f 17 be 03 69 58 c6 17 38 40 c2 47 d3 7c 1e ec de 4c fd 10 9e 47 29 78 4f c2 ad a1 3d 8f 12 35 b6 a9 0e 80 af 00 e0 2b 06 70 c6 0a 7a 4d 81 4b c3 f3 70 bc 0a 66 6d 0b ec e6 31 28 ab 63 5e 68 98 28 71 ac 64 fd f9 28 d1 5b 0d 8f b5 dc 38 5c 4e 99 f0 7b a6 e8 77 7a c7 7e e9 96 70 1f a9 ce c6 67 Data Ascii: zp4"SW<=<,Hqyp,?du1ocWT}fucX2gmBcvCOd#3G%g\|4fox)M5` MiX8@G\|LG)xO=5+pzMKpfm1(c^h(qd([8\N{wz~pg
2024-10-24 09:44:04 UTC	480	IN	Data Raw: a2 f5 04 c6 e0 ee ba 9a 2d ea fe 7d d5 71 1a 90 9b fb b1 bd 99 0c c7 50 2b c6 70 75 47 b3 20 36 58 25 2e 37 d2 82 4a 4f 9e b5 4e ba 61 7e e4 27 7e a8 47 e7 5c a5 6f 80 81 de 0c 7e 01 06 72 b8 80 e7 58 0d 70 93 89 c9 bd 4d a8 da e5 9f 14 b9 e0 54 40 08 25 79 f0 ff 08 ae 1b f1 58 f0 76 c6 3b 98 84 3e 60 bd 8d e2 15 78 6f 57 1e b4 82 bc a1 52 d0 48 a1 5f e0 a7 3d 1c a2 f9 c0 5c 4f b7 90 1a 45 be f1 2d a4 87 26 df c0 2e 40 47 60 e9 c6 a4 48 b3 60 09 94 f7 74 1a 43 1e 04 89 17 f2 30 59 ec 21 28 15 1a 8b 56 4d d0 75 65 4a 39 75 99 8c e5 db 06 3e 00 4f 5e df 6b f3 21 38 6e 37 29 f4 bc 80 9c 0c fc 77 3c f6 a1 44 a4 75 78 dc 61 80 9d 06 c5 35 08 ae 50 e8 34 10 65 0b 1a 86 dd 00 51 2a e0 4e 71 bb e5 98 db ee dd da 06 c3 6a 09 26 1a 09 a6 b2 1b 73 33 06 83 9c 84 5e Data Ascii: -}qP+puG 6X%.7JONa~'~G\o~rXpMT@%yXv;>`xoWRH_=\OE-&.@G`H`tC0Y!(VMueJ9u>O^k!8n7)w<Duxa5P4eQ*Nqj&s3^
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 17 0d 0a 30 30 30 30 30 30 30 31 0d 0a ad 0d 0a 30 30 30 30 30 30 30 31 0d 0a ca 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a dd 0d 0a 30 30 30 30 30 30 30 31 0d 0a e4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 10 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 06 0d 0a 30 30 30 30 30 30 31 0d 0a 9d 0d 0a 30 66 66 32 0d 0a 34 e8 8f 26 78 0f a4 9e c5 b4 24 c1 81 46 24 f8 fb b8 87 e3 c4 bb 52 cc d3 47 31 19 29 3e 44 8b 19 a4 69 f2 22 64 56 1a 8e e7 64 e2 dd f7 c6 d1 e9 24 8a 08 9d 70 dd 6a ee fb f7 b9 de 34 04 62 43 87 05 51 Data Ascii: 000000010000000100000001000000019000000010000000100000001000000010000000100000001!00000001C000000010000000100000010ff24&x$F$RG1)>Di"dVd$pj4bCQ
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 98 46 ce 3e 4f f6 87 92 f4 8e 68 a2 55 38 d9 18 0f 69 0e 64 12 63 33 2b 2d ca 36 80 ab 1f 34 6f 77 4e 0c a3 12 4a 04 fc c6 81 f0 1b 74 ba 7d 6c 9a d4 9e 2e 48 ba 49 26 6d d7 54 0e 6d d2 96 49 22 33 6b 69 6f 5b 27 95 81 f4 3f b0 08 ff 21 8b 50 26 d2 99 24 17 05 7d a8 23 24 69 fb 14 7c cd 25 0b 75 bd e5 25 ab bb ba 8f 39 7e d0 c0 82 7a 41 aa a7 46 8a 2e 6f 39 a7 6d 07 d0 77 b2 85 74 6d 1f 73 54 2c 68 20 d6 28 7f 4e 7f f1 88 cc 49 2e da 55 fa 11 d6 cc d0 90 7e f9 fd 05 c6 22 2e fd 33 fc e9 e7 f6 4d 8a 3d f2 5e c7 a7 c1 22 fc 85 05 03 c5 12 c2 66 d7 07 90 a6 86 cd 0e fd d4 6c a0 ab 03 02 35 5f 68 43 f0 26 52 5f c7 53 e0 41 ad 0d 11 61 07 c1 1f 35 d4 5a 4e 3b e4 3f b1 21 ff c9 58 c3 59 b3 8d 2b 9b 87 7d 3e 36 43 52 ca 2c 03 9f 79 45 96 41 e0 bf d0 e3 7f 15 7b Data Ascii: F>OhU8idc3+-64owNJt}l.HI&mTmI"3kio['?!P&$}#$i\|%u%9~zAF.o9mwtmsT,h (NI.U~".3M=^"fl5_hC&R_SAa5ZN;?!XY+}>6CR,yEA{
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 6d 69 e1 dc ed be 54 33 75 51 b0 c8 03 d8 d0 7e 80 51 c8 8f e6 25 19 26 cf 8c 9e 72 86 12 66 e4 f5 25 24 37 ad 13 98 2e f2 37 08 bc fe 04 db 11 f2 a3 1a 75 9e bf 6d 10 65 48 5a fd 64 9f 00 fd a6 b6 d5 76 6e 9c 18 89 cd 73 ab ce fa 0d a4 65 a3 1f e0 e2 2e 27 97 f2 ba b0 ed 34 98 c7 5a 9c ba 76 93 23 22 0b 47 6a f0 84 1e 6d 1b 9e 25 37 b8 24 e5 6e c9 17 0b f9 ec 85 fa 56 d1 9a 81 39 e7 e4 89 54 1b 32 58 56 fd 06 cb 05 19 01 fc 42 b4 81 d2 c4 9c ca 7b 8c 35 80 4b 27 b8 f4 30 ca fa 8f e1 e5 69 16 0c e1 b3 d7 a4 10 5b 4b 0f c1 26 65 66 19 45 ad fe 5c fb 64 73 20 ea 58 46 e9 3f ab 28 ef 32 12 a2 34 8a 33 25 5d 52 71 09 c9 bc c9 77 09 34 d9 66 42 a5 eb cf 31 e9 97 ac 45 71 24 db a8 97 90 53 e5 f6 c8 91 f8 2d 69 33 60 2b 8c cd d0 82 c3 d8 7a c3 60 cb de 14 bb 49 Data Ascii: miT3uQ~Q%&rf%$7.7umeHZdvnse.'4Zv#"Gjm%7$nV9T2XVB{5K'0i[K&efE\ds XF?(243%]Rqw4fB1Eq$S-i3`+z`I
2024-10-24 09:44:04 UTC	47	IN	Data Raw: 5c 23 a0 ae 73 25 8c 28 a7 69 ad 91 ed e1 75 6c 51 6c 26 14 e4 1f bb 5f fa 14 a6 cd 50 35 ec e8 87 89 15 61 40 0f 06 22 4f 7b 7c 4d 6a 0d 0a Data Ascii: \#s%(iulQl&_P5a@"O{\|Mj
2024-10-24 09:44:04 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a d4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 24 0d 0a 30 30 30 30 30 30 30 31 0d 0a b5 0d 0a 30 30 30 30 30 30 30 31 0d 0a ce 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0d 0d 0a 30 30 30 30 30 30 30 31 0d 0a a7 0d 0a 30 30 30 30 30 30 30 31 0d 0a e8 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a 31 0d 0a 30 30 30 30 30 30 30 31 0d 0a 97 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 31 0d 0a ef 0d 0a 32 30 64 33 0d 0a 3b fb 40 4c 5c 1f 88 33 62 51 cb 13 c9 22 2a ec 7e a2 9d 18 8e 81 b9 c7 83 39 18 c3 ab 99 Data Ascii: 0000000100000001}000000010000000100000001C00000001$0000000100000001000000010000000100000001000000010000000110000000100000001I0000000100000120d3;@L\3bQ"*~9
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 17 c7 6b 4b ff 92 c9 32 82 b5 e7 13 47 54 2f d5 04 d4 4d 1b 44 2c c2 de 42 42 3a e9 7b 8d 63 0e aa eb 1d 23 cd 83 34 a8 e1 7b 6f a2 21 62 46 9a bf cf e2 60 92 fa de 9f d5 ec 5c 51 c0 65 df 7b 12 c3 e5 b4 ef 65 ad 48 97 dc 34 c2 6b 44 4c 27 66 2d 3f 85 1b 43 dd b2 cd 95 1a d0 9c 19 87 6c 5b 0c b2 13 de 65 61 e4 2c 09 cd de 01 36 e5 d4 f7 30 bd a0 69 66 a6 e7 d8 ed f4 10 d8 bb 3a 0b d7 bd dc 92 14 d3 95 07 c4 de 97 70 93 40 48 d4 e4 ac c2 0a 94 2a 24 e1 2f aa df 8b d5 bc d8 d2 85 a2 63 dc f7 70 f4 9d 2c 1a 39 e2 6d 48 56 af 63 ee 37 ea 1f 22 91 28 66 94 83 cb 55 c3 3a 1b b3 73 86 6c ce 36 50 2a 21 c0 9d 1d a7 cd e1 29 6a d9 9b 90 ab e0 78 6c da 6a 83 dc 6c 7f 16 35 e5 73 2a a0 21 c3 1a 66 ac db 7b db a3 1d 83 42 ed b1 72 06 bc bb e3 7b 7b 80 a7 7d 7d 13 66 Data Ascii: kK2GT/MD,BB:{c#4{o!bF`\Qe{eH4kDL'f-?Cl[ea,60if:p@H$/cp,9mHVc7"(fU:sl6P!)jxljl5s*!f{Br{{}}f

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
131	192.168.2.16	49896	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:04 UTC	522	OUT	GET /gui/16339.0119306c79f13a4051bd.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 351c587f6dae92556b98f6ea29466df3 Content-Encoding: gzip Server: Google Frontend Date: Tue, 22 Oct 2024 15:40:29 GMT Expires: Wed, 22 Oct 2025 15:40:29 GMT Cache-Control: public, max-age=31536000 ETag: "qDDOOg" Content-Type: text/javascript Age: 151415 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 31 0d 0a 8b 0d 0a 30 66 66 65 0d 0a 08 00 00 00 00 00 02 ff ec 7d fb 7a db c6 b5 ef ff e7 29 60 d6 db 25 5b 10 e6 fd 26 d3 8e 22 db 8d 1a db 71 65 3b d9 ad b7 8f 0c 92 20 89 88 04 58 00 d4 25 b2 be ef bc c6 79 bd f3 24 e7 b7 d6 9a 01 06 20 29 c9 8e 9a 74 ef cf 49 1b 11 c0 5c d7 cc ac fb 5a 53 8e bd c5 d4 39 f3 46 2b 77 7c 72 30 5f 07 27 a7 c9 f1 da 3f 5e ba 7e 30 bc e6 db a7 4f ef 3f 54 9c d5 3a 9e 97 df bf af 77 9a cd be 5d ef 34 3a 2d bb d9 6d 34 ea 76 b3 53 ab f5 ec 46 ad d9 6e d9 8d 7e a3 66 b7 5a 9d 56 d3 ee 74 eb dd e6 07 fb b2 d5 ad b7 9a 83 72 62 7b b6 5f 19 3e be 2c ad 63 cf 8a 93 c8 1f 27 a5 3d df 99 94 3d fb 72 7f 50 c6 a7 f8 aa b2 77 ea 46 56 38 f4 cb f5 76 b3 d1 ac ec 8d c3 20 4e ac 78 78 59 Data Ascii: 00000001000010ffe}z)`%[&"qe; X%y$ )tI\ZS9F+w\|r0_'?^~0O?T:w]4:-m4vSFn~fZVtrb{_>,c'==rPwFV8v NxxY
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: f2 0d e3 49 9e 24 83 52 e9 8a 66 e2 c7 2f dc 38 d9 c7 5c 4e fd e4 62 3f 79 1b ae 8e fc d9 3c f9 d1 8f fd d1 c2 cb a6 64 fb 6a 52 f7 ca 7a 1c d8 80 bb c7 9b 64 e3 45 b9 1d e3 45 a1 7b 58 67 8c e0 38 f6 bc 00 4f ef 4b c9 3c f2 dc a4 ea 8e b1 ef 4a 76 69 e9 2e ce dc c8 ab 4e dd a5 bf b8 c0 8b 38 9c 26 fc 26 09 c3 c5 89 9f 94 3e 38 7e 30 5e ac 81 ce 79 64 04 6f 6f a8 c7 e8 5f 37 46 3f 1b a3 0f a4 b2 1d a6 be 86 a9 bf 01 53 03 a4 1e ce 53 a9 54 a9 6c 01 ea 2b 6c a3 b7 e1 fe c2 77 e3 df 0f aa 63 77 b9 72 fd 59 f0 6f 09 ad a3 70 e1 6d 80 46 6f 37 6c 89 2f da 03 49 ba 07 fe a5 e7 ca d8 03 72 ac f4 16 78 bd 1e 2d fc 31 53 e3 a7 38 ec d7 cd 2f f2 56 61 b4 75 23 ff de 93 78 0b e2 e1 01 53 1d 06 93 35 98 27 df db dc c2 c6 3a 7d f6 d1 b5 4b e9 be c4 cf 14 a9 e2 94 ff Data Ascii: I$Rf/8\Nb?y<djRzdEE{Xg8OK<Jvi.N8&&>8~0^ydoo_7F?SSTl+lwcwrYopmFo7l/Irx-1S8/Vau#xS5':}K
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: f8 07 7e ed fc 25 0c 67 0b 4f 40 72 08 7c b5 78 b2 76 26 e1 f8 27 70 6b 40 62 34 e4 c1 5a 2c 4d 2f 80 56 e9 f9 8a a0 71 ba 5e e0 e0 2a 06 ac a4 40 31 66 63 d0 0b 65 ca f9 f0 c1 2e cb f4 b3 05 a2 fa b0 a4 dc 7a e3 5e af 19 d5 73 24 f2 b5 73 e3 6a 98 42 2b bf 5b 11 1c 67 30 8d 87 f1 0e 25 6b ac fb 8b 1d c2 bf b6 6e 39 ba ae e5 28 6b 39 1a 46 3b 5a 8e 74 cb 29 5b 00 84 23 9b 59 77 e2 5e d7 89 9b 75 e2 0e dd 1d 9d b8 ba 13 37 45 ee c7 84 29 d3 79 8c af eb 62 9c 75 31 1e 8e 77 74 31 d6 5d 8c c1 fe 30 79 48 1b 9f 5c d7 f8 24 6b 7c 32 9c 00 ad 60 23 9e 27 c7 db 4f fe 44 77 32 71 62 a6 33 c7 67 20 34 c7 58 90 4c eb bf ba ae b7 55 d6 db 6a b8 ca 8b e7 a6 a1 a2 50 2e 16 ea b5 22 62 70 0c ee 6e ea d1 99 cf db 36 50 e5 de 8a 77 a3 5e b7 d3 eb 46 72 9a 8d e4 74 78 9a Data Ascii: ~%gO@r\|xv&'pk@b4Z,M/Vq^*@1fce.z^s$sjB+[g0%kn9(k9F;Zt)[#Yw^u7E)ybu1wt1]0yH\$k\|2`#'ODw2qb3g 4XLUjP."bpn6Pw^Frtx
2024-10-24 09:44:05 UTC	251	IN	Data Raw: 74 9b a7 e2 29 00 f0 54 01 00 88 7b a1 39 b1 cc b0 90 da 8e f2 26 96 92 66 82 a8 d6 63 da f7 05 8c 6e e0 6d 66 18 78 8e 98 aa 32 9f b1 f8 a5 a6 fa 85 4e 2d d7 70 3f cb 53 ef 18 6a d0 0d 3a fd 33 a6 fb f3 ae e9 a6 d6 a3 2d 93 37 76 35 4f f8 fa f9 aa ee d5 54 53 89 32 63 fc ee 9c e1 d3 88 91 95 e0 8b e4 98 74 b2 9b 2e 29 82 15 3f 7d e2 a5 ca ab 8a 36 7d 5e 37 a1 f7 1c d0 7b 4e d0 33 85 06 13 83 6a 28 6d e7 72 ee 9c 02 b8 db 26 ba 03 fd bf c4 d8 5f de d1 ca 6b 24 76 07 18 5e 63 27 f8 32 eb c9 38 3f 87 7e 50 2e d9 16 dc 1d 0c 25 d8 ad d6 cc 3c da df 62 c6 df ee 9a 31 a3 f5 c2 d1 4e 8d 86 3b 34 7b 7a e3 df 9d 66 4f 23 83 ed c2 7a 76 5c 58 4e 5a 90 85 5d 1b 87 32 5b fa 2b 4c f3 95 4c 73 3b 5d 6f 19 74 3d 82 d4 4a f6 f5 3a 76 aa b9 89 73 a6 6b 0d 0a Data Ascii: t)T{9&fcnmfx2N-p?Sj:3-7v5OTS2ct.)?}6}^7{N3j(mr&_k$v^c'28?~P.%<b1N;4{zfO#zv\XNZ]2[+LLs;]ot=J:vsk
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 66 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 30 33 63 39 65 0d 0a 66 54 b4 56 28 c6 88 41 c0 24 d8 b0 00 46 65 76 ce 71 c5 68 e2 08 ae 54 96 78 70 59 8f 7c 8d 62 d5 c1 99 c6 d5 f6 56 eb bb 18 a3 2c 51 47 58 6c 8e 02 7b 4e 5a 76 0b be 71 60 d4 63 cb b5 c8 05 ca 12 2f 2d 2b 09 2d cf 1d cf ad 9c f6 c5 b6 3c 18 04 20 d5 2f dd 60 0d 54 7d 61 8d e0 76 13 58 fb 81 bb b8 80 ba 30 8c ac 75 0c 25 ab b5 bb bb ff f7 7f fe 6f 6c bd d6 5e 5a b9 d9 94 5f 1f 1d 55 1c 8c d1 b3 f0 cb 82 b2 dc 5b 58 e0 91 d9 8f 1a 06 75 f4 ac 3a b6 56 51 08 fb 40 8c de 60 8e e6 31 f0 00 50 26 44 74 46 10 c3 1f 06 41 24 88 7b 81 a2 01 2f bd f1 3c 20 0f 29 68 96 58 10 b4 31 e8 09 b5 07 db 77 08 cf f8 48 b5 8e bf f0 28 e1 56 a8 33 57 4d 4b 40 12 53 74 8a 15 Data Ascii: 00000001f00000001003c9efTV(A$FevqhTxpY\|bV,QGXl{NZvq`c/-+-< /`T}avX0u%ol^Z_U[Xu:VQ@`1P&DtFA${/< )hX1wH(V3WMK@St
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 57 73 c2 57 f6 7d 04 2c 22 24 2e 1e b2 cd 7c 1d c4 ee d4 3b 78 83 f0 9c 13 67 bf 62 df af ec 79 49 f9 3d be 4d 9d bf 55 c8 af d4 a7 68 46 e4 ff a2 1c 3d f9 58 43 c9 d6 83 e4 51 c9 50 d5 41 6a 20 d0 c5 70 a9 32 11 55 ca a5 c0 3b 33 f8 d9 2a 19 19 14 7b 56 e2 b6 29 21 57 a3 d3 6f 70 56 aa 66 a3 d3 6d a9 d4 5c 09 25 b3 ea b5 ba 0d c9 44 15 27 76 94 d8 8b c4 0e 12 db 4d ec 71 62 4f 12 7b 9d d8 a3 c4 9e 27 f6 2a b1 4f 13 7b 96 d8 4b f0 6c 3a e5 d4 c5 d7 94 53 77 95 72 6a 8a 94 53 71 72 5d ce 29 b2 68 70 ea 3a 8e 5a 8f d7 48 cf 55 76 1c 07 54 56 32 7b 29 73 39 9c ab dd e1 fb 0f 82 40 e1 77 25 29 aa 68 2b ae 9c 17 08 14 25 4e 4e 15 95 af 24 1b 0d ef d5 a5 c2 dc 73 27 d8 b9 71 fa 62 11 ba a4 b6 c0 f3 55 ec 25 6f b8 3d a4 d0 58 2c ca 49 e5 92 b9 c2 b4 0f 67 a3 c0 Data Ascii: WsW},"$.\|;xgbyI=MUhF=XCQPAj p2U;3{V)!WopVfm\%D'vMqbO{'O{Kl:SwrjSqr])hp:ZHUvTV2{)s9@w%)h+%NN$s'qbU%o=X,Ig
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 3f f0 99 ec 7c 3a a1 19 2d 16 15 c9 f7 27 51 ef f2 c1 9f ec 05 a2 a2 10 26 64 4e a7 6d ae 4e 9b ab 89 02 f1 bb 3a 70 4f b8 28 ed d4 5c 42 a4 0f 25 fe d1 8c b2 91 3f 48 79 72 bb a4 55 dd 6a ce 84 cb 1e 12 fb 7a 15 fc ef 0a 52 a2 64 68 36 b1 e3 8a 06 b3 52 83 d9 ee 85 b9 99 11 08 59 94 0a 8c 9e d0 5e 93 45 62 7b 54 de 4c 53 7a fc ed 85 66 93 6e 55 41 27 03 4a 3d d6 39 1d 4d 1a 37 18 9b 13 39 a5 89 9c f2 44 36 7c b1 36 83 a3 20 58 b4 52 8e e4 a1 4f f0 cb eb 1b cd a6 67 d4 f4 4c 9a 36 a7 28 e2 48 61 b1 b4 73 3d 0d 95 b0 a2 89 d3 a2 ca 40 34 4d 57 db 39 ef ca a5 72 7b 4f 95 0d 2a 1a e6 71 cd d8 9f e9 c7 f7 b5 0f 4f cc 87 01 5d 00 10 87 08 2c 25 db b3 42 30 6a d1 35 c2 a4 ed 7a 3d 76 36 e8 70 1e 3b 03 8b 21 49 7d 4c 69 c2 b6 6a dd c2 84 d4 6e 71 52 d9 bb 10 bd Data Ascii: ?\|:-'Q&dNmN:pO(\B%?HyrUjzRdh6RY^Eb{TLSzfnUA'J=9M79D6\|6 XROgL6(Has=@4MW9r{O*qO],%B0j5z=v6p;!I}LijnqR
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 7b ec 2d 7d 4a 89 9e f1 0b 6a 02 4c 57 0a b1 23 32 16 d3 20 a4 79 15 9d f5 5e 9b 1c 0c 13 bb a0 33 53 47 6e a8 da 41 9b 14 a0 72 31 64 86 19 7e 93 d5 38 c7 fc cf 69 fe b7 e1 34 0c 63 6b 9a 6c 2b 5d a4 22 4d 5e 7e 09 4d 96 75 ce d2 c8 30 11 db 3c 74 26 6d 23 32 4e 46 76 10 a3 fb 37 12 a3 83 eb 88 d1 ae ea 06 31 ca d5 d7 1b 2e 23 46 07 43 dd 46 91 18 f1 b1 31 a8 d1 81 10 a1 7d 12 6d 6a 8d 5e 4d 88 d0 96 5b 2f 85 1c e9 4b 24 ad 9f 8d 9b 21 86 25 ca 16 c8 e9 d1 4b f7 f4 c5 93 6f 2e 96 d8 82 48 0e f5 5e 7e 51 f4 09 42 f1 c3 e8 03 52 92 bc 2f 7d f3 8d 7e 2e 7d a0 fd 75 cf af 5c e2 0f ab 7b c9 a7 86 9d 32 12 f0 03 30 42 e9 4e a5 4b 62 5a b9 6c 89 ae 3c c3 25 aa d9 b1 52 db ca 7a ce 25 99 ba fa c3 cb 2b 5c 4d 22 77 39 3a c8 31 40 cc b7 13 23 72 d0 2b f7 ec 2a 2e Data Ascii: {-}JjLW#2 y^3SGnAr1d~8i4ckl+]"M^~Mu0<t&m#2NFv71.#FCF1}mj^M[/K$!%Ko.H^~QBR/}~.}u\{20BNKbZl<%Rz%+\M"w9:1@#r+*.
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: c4 02 b9 65 08 a7 f0 fb cc ab a8 ad 6f 64 8b e9 63 9b 53 cc 28 4d 4c d1 c9 57 3b 0f 17 34 19 39 bd 4d aa 23 48 2f 92 d4 da 17 0c 5c 1d 60 a8 31 c4 fe 2d 14 4e 74 d8 fc 5b bd a0 f9 69 65 07 b9 67 b2 c9 63 03 7a 92 a6 62 bb 12 19 42 6d fe ea 3f ad 41 36 b9 02 c3 05 df 80 bc 64 ae 05 da 43 a6 95 9c ef 9a a6 bb 72 c9 9b 76 3d 36 dd 65 1f 33 c7 61 e1 fc d0 2d 75 a2 95 c7 75 42 e4 39 0d 01 2d bd c9 61 89 e4 f2 93 d2 40 42 30 f4 11 50 e9 31 35 75 b3 4b f0 fe 86 08 e2 15 cb 61 22 19 38 d4 7e d6 7b 4b 71 37 c6 bc 18 68 20 88 2e 1f 53 7e 92 3d 27 4b e1 8c 10 61 23 e1 5e 6a 7b ea 26 0c 80 48 b6 da c2 56 34 b8 80 34 ec c0 50 18 19 9f 91 cd 66 51 ed 50 90 01 a9 7e 72 fb ac 58 aa ce b1 08 37 16 83 f7 9b 6e 4c db 3f 0c 72 48 8e 5e 6f 76 f9 79 ed 93 0a e6 4d 65 ef db 1d Data Ascii: eodcS(MLW;49M#H/\`1-Nt[iegczbBm?A6dCrv=6e3a-uuB9-a@B0P15uKa"8~{Kq7h .S~='Ka#^j{&HV44PfQP~rX7nL?rH^ovyMe
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 19 ac 0a 54 d2 d0 95 0a 19 26 3f 75 03 b5 fe 36 a4 2b 2f 3a 6b 91 e2 d6 80 33 6f b1 35 17 83 a1 28 12 ae f1 3a 97 d1 d9 78 bf 4b 48 2b 8a d9 86 f0 25 1e 50 35 1b fa 2c 77 a8 87 0d 61 0e 11 c2 c6 0a 98 22 11 5b 60 b3 85 95 9b 27 95 5a 6e f0 b1 f0 61 70 1f ee 0d b9 a6 e0 51 a5 03 51 b9 ea d5 c7 2b e5 d2 94 c9 7c 61 4e 17 82 38 08 63 39 7f 0d a5 cc cc 65 22 cb 6e f6 a8 23 2f 2c d8 1f 94 c5 c1 e8 50 e9 5e 54 92 22 cb 08 a7 df 48 5f 55 bc d4 83 83 f4 7d 78 93 1d 1f a7 aa 05 4a 0a 18 22 7b 98 0a a1 80 a8 ba c5 49 75 bb 63 2a 59 38 c8 36 b3 70 fe d1 23 a3 e1 91 27 79 f1 df 45 c8 26 91 41 18 8e 20 94 70 c0 26 f9 f7 d2 03 7d 0b 57 c4 d8 bb 33 e6 70 cb a4 c1 28 9a 6a c0 51 7f ff 3d 8b b3 87 c1 d3 c8 3d 43 0e 3b da 84 f9 ac 87 dc 2a d9 42 38 79 4b ba a0 e4 da 45 32 Data Ascii: T&?u6+/:k3o5(:xKH+%P5,wa"[`'ZnapQQ+\|aN8c9e"n#/,P^T"H_U}xJ"{IucY86p#'yE&A p&}W3p(jQ==C;B8yKE2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
132	192.168.2.16	49897	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	676	OUT	GET /gui/67916.54c2c0cc036592986ddb.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: d08444bd9b29876e10bc607e2f8ecea4 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:22:23 GMT Expires: Sat, 18 Oct 2025 09:22:23 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519702 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 31 0d 0a 00 0d 0a 30 66 66 63 0d 0a 00 00 00 00 02 ff ec 7d fb 73 db 46 b6 e6 ef fb 57 20 98 ac 8b cc 05 61 bd 2d 51 a6 35 8a ec dc 68 fd 48 ca b2 93 9a ab d1 95 41 b2 25 22 26 01 2e 00 4a e6 48 fc df ef 77 ce e9 06 1a 0f 8a 92 e2 4c cd ec a6 a6 26 a6 80 7e f7 79 9f af 1b ee 2c 55 4e 9a 25 e1 20 73 f7 5b a9 1a 5f f8 d7 aa 3f 0d 06 9f 8f 46 b3 e8 f3 55 76 3e 0b cf 27 41 18 f5 ee 78 77 7b 7b 7a d6 f6 a7 b3 74 d4 3a 3d dd 79 b6 b7 be e3 6d ad ef ad 6f 7a 7b 1b db bb bb 67 de 0d ff d5 6d 29 2f f3 92 76 ef c5 4d e2 27 ad ac ed 25 fe b0 95 79 37 1f 53 95 bc 8a b2 30 9b 77 5b 78 3b f5 8a 07 6f c2 34 e3 87 57 8b f6 fe 55 90 38 51 2f 69 6d Data Ascii: 00000001000000010000000100010ffc}sFW a-Q5hHA%"&.JHwL&~y,UN% s[_?FUv>'Axw{{zt:=ymoz{gm)/vM'%y7S0w[x;o4WU8Q/im
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 6a a1 05 7a b6 80 48 6d b5 99 ef de c6 89 3a 69 20 d5 34 e7 3d 62 f6 25 fc 46 32 8c 04 12 74 41 c1 3c bd 56 06 06 2b 46 db 48 38 16 67 32 b3 8d 82 94 46 f2 e4 89 30 60 af 45 6c 7c ff 36 12 bb 62 e2 4f 54 16 40 7c e6 cc 8f d7 89 3f 98 25 69 9c b4 f5 1a 08 75 40 54 2c 95 3d 10 60 37 17 e1 38 53 09 eb 10 c8 90 16 49 8e bb 07 e5 4b 0d bb 73 a2 78 d7 f5 e2 64 68 b5 04 11 bf aa 25 ae 60 37 94 1e a4 d4 90 cc a3 bb b2 3e 2d 82 9e 34 f8 4d 15 5b 5e 6c b7 2d 88 f3 fd ce e5 fc bf 94 ac b5 87 da fb 66 b9 b0 b5 ca 59 72 ea 6b 49 5b ab f5 aa b8 1d 57 c5 ad 55 b6 18 49 45 de 36 96 61 81 3b f0 1b df 95 65 4a 63 91 47 8a dc c6 b6 6c 35 f5 70 99 3b 2e c9 dc 95 1d 8c 8d d0 1d 7f 35 a1 6b f5 d9 2c 75 33 36 45 9c 80 6d 91 df 29 77 ed ce d8 fc 79 80 e0 b5 eb e6 9c f8 7b 25 af Data Ascii: jzHm:i 4=b%F2tA<V+FH8g2F0`El\|6bOT@\|?%iu@T,=`78SIKsxdh%`7>-4M[^l-fYrkI[WUIE6a;eJcGl5p;.5k,u36Em)wy{%
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 8d 56 d3 59 3a ad 37 4b 91 9c 86 66 53 43 a6 29 93 69 ad d9 74 36 80 d0 4f d1 6c 5f 45 e1 65 64 8f 74 dc dc a4 e5 1f 97 47 4a e1 9d 7c 0c dd 5c 3d c8 8e 89 22 3a d4 32 0e dc 60 c4 1d ac 30 ff dd 47 8e 6b 5f 5e aa e1 71 f4 e4 c9 37 bc c7 61 5a 57 ca f6 5e f6 b1 97 7d 22 9f 06 b9 1c 84 9d 2b d2 e8 8e 6f cb ad e3 a1 61 21 0e 5f e7 7f be 68 94 ed a6 8d 17 d8 68 c5 21 6d 49 e1 b4 06 c8 89 61 c4 08 80 61 52 19 25 ed 6c c1 60 c5 6c 11 ba 2f 96 81 f2 47 ed 45 55 ca 20 37 05 69 96 66 4e d6 bb c9 c9 a5 3b f0 3f fa 3f 1e ff e7 8f 5e b1 d7 fc ec cd 4f bf 7a b2 4f fc e7 c9 c7 a3 a3 57 27 27 de 28 48 26 d0 67 69 e9 61 18 5d c4 fc e0 f8 dd 0f 3f 2d 8c 06 47 9a ee 54 9d 15 cf f5 78 44 42 e5 b9 3d 8b c7 b4 75 82 4a c6 1d d3 36 45 b1 95 a6 9a 25 d7 2e b1 37 97 b4 37 14 4e Data Ascii: VY:7KfSC)it6Ol_EedtGJ\|\=":2`0Gk_^q7aZW^}"+oa!_hh!mIaaR%l`l/GEU 7ifN;??^OzOW''(H&gia]?-GTxDB=uJ6E%.77N
2024-10-24 09:44:05 UTC	274	IN	Data Raw: e1 35 d7 7b 5b 99 9d 70 80 e7 62 ed dc 76 57 96 1a 56 c0 87 18 99 2b 59 1f f7 24 46 66 8d c2 9f ce 35 f6 c5 b9 4e e2 e8 d2 77 8e 82 08 51 51 c7 0c 80 27 9b 2f f7 82 34 b4 a8 7b 52 43 f5 4d dd c7 24 d9 17 54 c6 bb fc c0 b1 1e 9f 1c 08 10 84 61 cc e3 21 00 92 77 95 21 41 b7 0f e5 83 a4 28 93 f5 55 a8 ae 69 7d bf 9f d3 1b 32 cb da 8b ca 33 80 54 db 37 8f 23 2a 9a 96 23 56 0a 68 8a 3b d4 ce b1 de 53 78 da 68 9e 14 5c 45 66 f6 32 79 2c 95 8d 40 90 bf 7c b1 67 60 6c c1 6f 50 ff 77 a6 d2 ec 30 0a d1 00 fc a0 1f 00 e5 52 ad 16 db 4c dc ee 65 fc 21 7e 5b 08 7a a6 5e 96 05 d5 17 46 fd ef 83 66 20 e9 be 12 5b 5d 82 ac 63 84 62 59 d3 30 cd 43 12 7b c6 8e cb 59 68 a8 5e b1 6e 29 31 cf ed 2d f6 15 cc 1d 8c 73 95 03 33 85 43 05 3f 87 88 62 90 c5 09 f6 8c 13 00 8d 09 c0 Data Ascii: 5{[pbvWV+Y$Ff5NwQQ'/4{RCM$Ta!w!A(Ui}23T7#*#Vh;Sxh\Ef2y,@\|g`loPw0RLe!~[z^Ff []cbY0C{Yh^n)1-s3C?b
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ed 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8c 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 98 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 31 0d 0a ee 0d 0a 31 64 63 37 0d 0a 05 f0 8d b3 04 79 0b 1a 17 f2 7c bc 54 82 29 05 09 dd e8 d7 e7 ec b9 96 8c 9e 73 12 1a e7 00 03 42 d6 a0 9e 29 18 0e bb 99 07 6a 47 bc 57 57 a2 a8 99 eb a5 6c 07 9f 8b cb cd 9d c8 13 b6 8c 3d 6e be fa 74 d1 ee 9a 21 9f 70 6d 1a f0 8d 6d 50 e9 31 80 6a bb d9 42 44 4a b2 10 65 09 cc 26 88 a0 99 87 64 92 52 0e b4 83 68 05 93 ce 07 38 d7 59 38 a5 3a c0 51 4a 84 29 93 67 06 8b c5 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001[11dc7y\|T)sB)jGWWl=nt!pmmP1jBDJe&dRh8Y8:QJ)g
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 48 01 af 95 90 cd 38 da 78 a1 6b 75 59 8c 3c 7f 8a 27 0e a6 5f 81 f2 38 89 42 4b 51 cc 91 8f a4 84 fa c9 6d 44 a0 7c 8c 69 4d 46 aa 74 45 49 71 ea c8 32 5b 07 80 81 75 64 08 0e 19 7b cb 5f 9f 9f 6b 1b d1 b1 10 5a 9b ce 74 0e 98 56 cd 4b 10 22 09 9c 04 b9 ea 9e 2b 7a b8 6a 5b 0a c2 cb 29 99 90 18 9c cd e9 c6 0a 4d 3b db a5 c4 bc 73 64 05 28 31 51 9a ed 1f d7 19 69 43 0a 3d 4a 47 9a fe c5 6d b1 56 52 1f 8d eb 28 3a 4f 57 5f 91 c2 f7 40 ba 6d 20 f1 bf 3e f0 78 68 57 0d fd 7c b3 b4 3b a4 ed 57 de 1c 93 61 a0 83 75 20 2e de 31 49 3e 00 1f 39 ca df 0e bf 9f 4b 0e c2 40 27 a9 60 6e 1f 12 dc cf 50 9f b1 0d 65 ef f3 06 92 82 64 34 18 ae 44 d9 6c 41 da 46 72 1e b8 32 36 47 25 3a ba c4 dc 60 19 0c 81 53 c2 8c d5 62 60 e5 58 bf dd 94 15 46 16 35 5c 44 d0 f4 e1 00 ed Data Ascii: H8xkuY<'_8BKQmD\|iMFtEIq2[ud{_kZtVK"+zj[)M;sd(1QiC=JGmVR(:OW_@m >xhW\|;Wau .1I>9K@'`nPed4DlAFr26G%:`Sb`XF5\D
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 77 44 a2 f4 88 1c f6 2f 92 2f b5 d0 6b bd 6c 3f bd 0e 91 3c 61 11 07 6c a3 9b 26 83 f3 70 ea 76 07 f4 07 72 ef 40 1f e3 af 04 b8 e2 06 60 5b 38 ed 00 f6 0c 7c 1a 81 da da fb 7d 5c e4 f7 79 9f 6b 8e 10 50 a2 50 d1 d2 aa c3 98 ae f5 ac 56 03 75 2f ad 21 2a 1e 96 2f 8d 04 05 5f c6 33 28 b0 57 11 99 d4 90 e1 a5 ee 7f 0b 36 f5 14 f0 0b c7 2a 8b f1 5b 28 b7 be 1a 05 57 38 17 9a 9c 47 2a bb 8e 93 cf 04 70 d3 93 c0 bd 01 04 f0 a5 8a 74 c1 26 e1 d7 f8 ba cd 44 a7 37 8e 87 29 ab 4e bd ae c2 4e 38 a9 c1 80 28 4e 71 98 5b d2 10 89 05 c6 9b 4f e5 5f 20 18 77 d1 7b 9d c3 a2 4a e1 5f 8e 3d 43 f0 d7 9b cd e3 fa 43 3e 81 72 ef 5c 07 05 d2 75 8a c3 0a a3 13 f3 94 80 2c 79 4a 23 8f b8 23 44 b6 22 27 e2 44 c0 23 41 68 25 48 ac d8 c9 a3 bc 2d 2b 3d a2 23 ee 34 84 72 96 44 62 Data Ascii: wD//kl?<al&pvr@`[8\|}\ykPPVu/!/_3(W6[(W8G*pt&D7)NN8(Nq[O_ w{J_=CC>r\u,yJ##D"'D#Ah%H-+=#4rDb
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 08 70 ca 58 7d 51 03 dc 44 3c 04 d6 ca 19 ce 11 e8 43 6d 73 93 98 93 e2 e0 5d 3f fe a2 52 f8 fe 2e e8 3e 4f 65 b0 90 92 08 03 d3 90 46 c7 89 24 96 64 12 f2 5d e6 8a 83 32 61 d1 41 20 ba 7c 52 7f 06 a7 10 ca 3a aa 50 ca 3e d9 62 d9 52 2a ec 62 71 f4 53 df f1 92 d4 f9 4e e0 d9 c4 77 a4 b4 35 8e ad 6c 69 2f 3f 28 08 ff a5 e1 ec 99 b9 48 0a 5b 64 f8 e3 f1 e7 d1 84 77 cc a9 b3 d2 00 9b a3 7a da 05 60 97 54 2a df e7 28 9a 90 21 7b aa da 5d 2d bb 12 b6 6c d3 d7 78 62 f2 b9 e1 43 66 77 25 77 88 07 39 61 94 8e 58 f0 59 30 56 7c 79 e2 84 09 45 64 24 e9 32 eb 34 58 43 b9 10 8a f2 7b 3e 2d d9 72 7f a1 73 6c 54 06 d1 9b fc 08 14 b7 66 32 70 b8 5a 83 12 8a 08 57 0b f5 19 3c 87 75 8f 2a 97 af b5 aa 69 c0 cd 0f 0b bd 95 1c 59 a1 9b ad c4 19 35 5f 38 aa f3 3b 0e 5b b1 eb Data Ascii: pX}QD<Cms]?R.>OeF$d]2aA \|R:P>bRbqSNw5li/?(H[dwz`T(!{]-lxbCfw%w9aXY0V\|yEd$24XC{>-rslTf2pZW<u*iY5_8;[
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 40 2b 3e e1 02 27 d2 73 80 8f 6f f3 85 09 d5 76 0e 5c 19 2a 4a f1 8f 90 6e 4b 28 be 16 80 3b e8 03 04 d3 71 4d 7e fd 0e fa 98 ee a0 0f f0 b5 ab 55 66 f8 dc 36 c3 69 6b 0a ab 64 de 33 b5 9b 8d 0a a3 0a 84 e8 b5 46 20 73 65 0e fb 82 3f 6f 6e db 17 a5 cf 9a ff 92 7d 0c 4f 24 12 0b 9f 8c 3f 6e c3 9f 32 bf b6 3f 65 de f8 81 2e 7d 61 7c d9 ec d8 c5 c5 f1 7b 58 44 fa ac b9 be d8 bd f4 ad 2e 9c f5 d9 da dc 14 b3 44 1b 24 c5 97 b7 0a d3 e4 e2 4f d3 e4 2b 9d 9d b9 ae d8 25 f4 d1 2d f2 0f 96 5e 38 1e d9 c7 58 06 20 5e 1d ba a2 43 f5 2c 26 ea 71 2b 51 8b 97 0c 40 d2 a1 70 7c d3 1c d7 89 97 41 9f e2 e2 0a da 02 92 26 b4 3f 56 13 68 dc 70 91 17 23 f5 8d 23 11 c2 fa d0 a7 b5 68 99 68 47 ea 55 5c f7 42 0c ff 51 a9 af 86 50 7f f9 fe 3e 93 ce bf 5b 3f bc d4 99 10 f3 4d 0e Data Ascii: @+>'sov\*JnK(;qM~Uf6ikd3F se?on}O$?n2?e.}a\|{XD.D$O+%-^8X ^C,&q+Q@p\|A&?Vhp##hhGU\BQP>[?M
2024-10-24 09:44:05 UTC	714	IN	Data Raw: c4 18 65 da b4 d2 34 32 56 17 20 11 b2 3f 97 0c 25 df 10 33 87 25 da cd 41 fc 99 8c d9 8e a6 3a d9 31 1a 52 45 19 df d0 0a fc ff a9 fd f1 f1 bc 44 6b f3 92 7f d6 c7 b7 cc 99 30 ca 4b b8 51 ec 8a d4 14 df 4e 64 44 73 03 75 b7 0c 6b 6d d9 f3 b9 ff 66 2c b8 fc 81 36 43 c2 08 97 a9 87 99 26 06 bb db d3 94 3f f5 a1 86 da 2e d5 5b 68 cc fa dc 87 34 6a b8 30 0e 79 6a c0 f7 76 d2 90 d2 16 f0 71 39 69 04 6f d3 10 1d 99 0f 0d 56 4e 61 55 18 81 c1 05 73 92 b4 05 56 bd 2c 19 1b 0d 8d 16 36 88 69 94 0b 36 36 5a 2f 2b e6 49 43 b3 b6 dd 62 1a d6 85 1b 9b 6e 2a 0f ab a6 a1 e5 dc d6 31 cd 52 b1 c6 36 6b 25 87 7c fe 5f da d4 fc fb ac 70 4c 7d fd 7a 89 37 ba ad 0d 6a c7 59 e2 8f e6 f5 37 3d b0 b9 6e 6c 36 96 ee 84 94 bb 8e 69 85 24 81 14 b9 8f d3 0a 35 c1 d7 4f a4 76 63 da Data Ascii: e42V ?%3%A:1REDk0KQNdDsukmf,6C&?.[h4j0yjvq9ioVNaUsV,6i66Z/+ICbn*1R6k%\|_pL}z7jY7=nl6i$5Ovc

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
133	192.168.2.16	49898	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	521	OUT	GET /gui/5796.a9e8212a1628cbdb8bce.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 09fb1e0f0ef585848b86358e59c6703f Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:46:34 GMT Expires: Sat, 18 Oct 2025 09:46:34 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518251 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 31 0d 0a ec 0d 0a 30 66 66 35 0d 0a 7d 5b 77 db 46 b2 ee fb fe 15 30 93 f1 90 d9 00 4c 52 a2 44 52 a6 1d 47 b6 33 5e 63 27 b3 7c 99 7d d6 f6 78 39 20 d9 14 11 93 00 0f 00 ea 32 34 ff fb f9 aa aa 1b 68 80 a0 a4 44 9e 97 b3 14 c5 36 d5 97 ea ee ea ea ba 77 b3 b1 4e 95 93 66 49 38 c9 1a 27 cd 54 2d 66 fe 85 1a af 82 c9 97 d3 f9 3a fa 72 9e 7d 5e 87 9f 97 41 18 8d ae a9 fb fa Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000110ff5}[wF0LRDRG3^c'\|}x9 24hD6wNfI8'T-f:r}^A
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: c3 9b af 5f 65 b9 66 e0 32 88 fa 9e af 7f fd 1f dd 8c ce 4a 7d 9b 57 bf bc fc 55 37 d2 27 a8 be dd bb 0f a7 a7 2f de bd 03 86 4a eb d7 5c e1 63 a9 f0 eb d7 06 0f f8 49 da da 3b f4 a0 5d e1 33 4f 63 3f 8a d1 3b 3a 1b f2 61 94 83 36 c6 41 1b 57 0f 9a 75 62 98 a4 2c 62 db 77 02 70 3c 8e 40 7d 16 3d 95 28 71 2a bc ae a0 45 a1 63 d0 5c 00 6e 09 da 7d 0f be fc 3c be 88 de 82 a1 65 b4 d6 5d d6 59 bf 80 29 16 30 ad 2e c0 30 83 40 98 6e c1 2e 82 71 1a 2f 70 d2 9c f1 99 37 8e a7 57 e6 44 83 a7 78 6d 67 1c 67 59 bc c4 07 f0 25 af 5d 39 4c 1a d6 ee 12 5a ad ed f6 04 4a 00 b0 9a fa 2b 2d 2b 71 7a 48 1e 0e df e1 68 47 67 db d6 27 77 4d 75 59 4c a5 6e c3 10 57 c3 3d 8f c3 a9 d3 6e b9 fb 00 3c 4b 92 e0 6a a7 bf b5 d3 37 83 f8 29 8e 17 2a 88 76 80 58 62 e9 cf 03 c9 e5 58 Data Ascii: _ef2J}WU7'/J\cI;]3Oc?;:a6AWub,bwp<@}=(qEc\n}<e]Y)0.0@n.q/p7WDxmggY%]9LZJ+-+qzHhGg'wMuYLnW=n<Kj7)vXbX
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: c6 4f 00 04 0e f8 43 78 eb c7 f8 d8 ed 1d c2 47 ef 4e 09 f4 61 a7 07 bf fd 8a 3e f6 07 03 40 9e e3 e3 61 bb d3 87 a0 58 e3 63 a7 77 78 d0 69 c1 b8 04 84 a3 01 95 9e 51 83 5e f7 10 a5 4b 2a 65 db d4 9d 51 e9 61 bb 87 21 ae f0 f1 b8 d3 ee e0 e3 05 95 0e 7a 6d c0 bd c4 c7 4e ef 18 0b 61 33 f6 8b fb bd fb d6 7d e6 3e 77 df bb af dc 53 f7 9d fb c6 fd c9 fd ec be 70 7f 76 7f 75 3f 14 d2 e8 f7 7b 69 f4 8d a4 d1 cb 8a 34 ba f2 9f df 36 12 90 aa 20 99 cc df 21 d4 04 8b 60 12 2f e8 ac c3 9f aa 39 19 fb 42 4e 03 f8 b1 61 c6 0a 73 4b 95 7a 86 a8 8c 89 1a 68 c7 d6 fb f8 39 14 c7 05 84 98 69 37 4d 82 0b 95 bc 89 a7 80 4b 60 1a d7 cb b6 d4 f6 c5 7f bc 80 6c bb 64 d9 b6 5e c1 6c 51 53 b2 d9 e9 a8 51 08 25 76 53 c4 c8 28 b4 e1 17 b5 ee 03 e5 c3 93 da 6c 04 fa 84 36 10 60 Data Ascii: OCxGNa>@aXcwxiQ^K*eQa!zmNa3}>wSpvu?{i46 !`/9BNasKzh9i7MK`ld^lQSQ%vS(l6`
2024-10-24 09:44:05 UTC	355	IN	Data Raw: 54 e7 8d 41 a2 8e 1a a4 e3 39 48 13 23 79 e9 08 23 c7 79 5c 2e d7 11 96 eb 14 e7 3c 05 d1 06 99 a4 f5 30 fd a6 57 e9 12 5e 2b 76 c6 a7 0e b0 4f d9 40 53 e7 3c 0c 90 9b a5 26 6b 12 d8 04 98 b8 02 e1 cb 81 a8 85 f3 06 29 6b a8 8a ae 48 11 0b 1c 9d 7c d3 40 1a 0e f9 9c 41 fb 66 92 64 8c 05 2b 0e de 50 12 0d 11 28 f9 d0 c8 4a d3 51 3a 93 d2 63 6f a1 0e 5f 1b 0f 33 72 79 8a 00 9c 81 6c 94 20 f0 04 a8 69 a6 f4 47 cc 11 bf 1a df be 2e de 3b b4 e5 e9 d3 42 82 02 77 94 dd a3 fd 72 56 03 ad 3c 7b 92 b1 d0 70 9e 22 d0 3f 55 c0 3d c7 80 30 84 84 e1 b5 1b 90 32 93 1c 7f ac 70 ae 15 b1 2e 72 9e e5 93 64 ef 96 e9 f8 4e 29 07 4a b9 49 4e aa 3a 02 8d 6f 8f 4f 2e f2 8c f6 06 fb 0d b6 c8 87 58 6e 5c 90 10 ea 68 45 d5 a9 73 d0 c9 ce 81 ba ae 01 fc 85 8d 53 eb bc 69 ea 62 76 Data Ascii: TA9H#y#y\.<0W^+vO@S<&k)kH\|@Afd+P(JQ:co_3ryl iG.;BwrV<{p"?U=02p.rdN)JIN:oO.Xn\hEsSibv
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 41 0d 0a 30 30 30 30 30 30 30 31 0d 0a fc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 88 0d 0a 30 30 30 30 30 30 30 31 0d 0a 86 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a cc 0d 0a 30 30 30 30 30 30 30 31 0d 0a 06 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a ae 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 71 0d 0a 30 30 30 30 30 30 30 31 0d 0a 30 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 83 0d 0a 30 30 30 30 30 30 30 31 0d 0a b7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 98 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 0000000100000001A00000001000000010000000100000001000000010000000100000001Z0000000100000001L000000010000000100000001q0000000100000000100000001000000010000000100000001
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: b1 24 b4 ca 52 4e b8 6e e1 56 ba ce 33 59 70 f3 54 bb 1d 0b bf a2 78 1d 5d f2 20 82 f9 c2 b9 48 1c c5 99 c0 49 c8 9a 89 b3 84 07 37 5c a1 08 ce 8f 38 e2 e0 a1 a3 45 a5 ef bc 47 68 c3 49 25 d3 c3 a1 ac 32 f2 6d a2 37 1d fc 4b 8a f0 24 e4 56 e3 32 86 06 af a6 8c e7 37 e0 da 24 a7 2a e5 8a e7 db c3 6d 3c dd 3b 25 61 6d 39 5f 34 37 31 8a a4 31 2c 8c 54 2d 30 71 47 61 20 13 4d 6b 59 e3 4d f2 e0 ba be b7 14 09 d7 81 b8 b5 54 b8 0e c8 8d 82 e1 ba ce bb b2 a1 71 6a 6d 36 6d 3e 77 a7 b0 8d ec 74 83 e5 8e 25 3b 76 c0 5b 91 34 88 0f c3 ef 83 11 ec 39 01 9d da 4e 0a 96 30 72 bd db 56 f7 5f 80 2d bc 60 b6 60 e9 77 7a a8 8a 3f 99 8f 14 b4 79 c3 65 23 e1 6c 3b f3 b2 18 2d ee c2 14 ad a3 62 5e 76 13 c3 ff a2 3c ca 64 d9 45 3f 63 7a 3f ef 9b 9e f8 37 6d 4d cd d8 c0 b5 f1 Data Ascii: $RNnV3YpTx] HI7\8EGhI%2m7K$V27$*m<;%am9_4711,T-0qGa MkYMTqjm6m>wt%;v[49N0rV_-``wz?ye#l;-b^v<dE?cz?7mM
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: a9 87 87 1c 0d 9e 36 a9 0d 1a 4f 07 ac ad 54 f4 c7 7c ce 78 fd c4 4c 40 f3 c1 7c d3 c2 88 0f d9 0d 33 a9 85 34 44 fe 67 73 38 0b 93 14 77 1a 89 6c 35 c1 ea 0d 25 7d 52 74 07 4c b6 0e 40 4e 01 66 af a1 fb f1 ba 8c c8 ef 9a 82 32 89 40 2b d4 10 25 fa c0 77 4f 05 b3 ba 21 eb a3 a4 b5 ec b6 cb c3 4b f5 5b 41 f3 b4 a0 16 ad bf e9 64 0b b0 4f a0 d8 9d 0b 22 11 32 af c5 a3 d6 a2 6e 5a 4e 75 63 6f de d1 ef 2c 73 49 b0 51 28 fa e6 cd 33 de 0f bd 3f 9a 89 15 67 b1 df cb 35 78 32 2c 6e cb 57 4b e3 6a 6e 24 8f f4 78 7c 34 65 2e 85 a5 b3 a3 06 54 ce 7a 1d e3 2a de 71 bb d5 ac a0 ee 91 e0 d7 96 50 9d a6 0c e1 93 ab bf 95 01 f7 62 7e e7 f4 5a 80 f7 f3 c8 0a f4 db 12 1e 51 6e 29 96 28 68 ac 2a 3c a2 bb 91 06 c5 1d e0 1a d4 02 8d 11 c0 66 92 28 bd 6b 7a 0a 64 82 bb 34 ba Data Ascii: 6OT\|xL@\|34Dgs8wl5%}RtL@Nf2@+%wO!K[AdO"2nZNuco,sIQ(3?g5x2,nWKjn$x\|4e.TzqPb~ZQn)(h<f(kzd4
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: ab 10 4a 2c 22 80 3c a1 59 b0 0c 17 90 24 b9 8e 58 c1 c0 4e 07 f6 94 76 12 b5 ac 42 32 1a 33 8e be 55 55 72 c9 76 7c 23 df 28 02 a9 d5 5a c8 42 08 57 4d eb 85 41 24 9b 73 00 96 4a 0c f0 f0 d0 82 39 46 24 aa 90 84 dc 05 c7 63 df 56 1b 06 98 8f 97 b3 a6 72 4d 0d 35 14 5c c3 cc f5 e0 e8 60 72 68 58 68 7e ac b8 56 fa f7 0e 5d 84 9b 20 07 b4 24 2c 40 c8 ac 07 b3 60 36 96 b5 d8 55 7a f6 87 10 06 30 65 e8 2f ad 92 94 6d 2a ac fb a8 7b 34 e9 6b 6c 94 2b 05 c6 a0 0f 79 d2 a6 bf 8c d0 c8 5b f1 0c d4 44 a9 59 b5 7f 8e 3e c2 75 f7 00 bd bb 06 e3 14 54 44 64 cc 60 cf 18 21 4c 46 d8 dc 2f a6 a2 b4 8d 45 85 4c aa ba 8d 5c bf 13 d7 28 60 72 7c 24 87 6c cb 79 ee 69 55 0b fc 1d e1 cc ae 2a b3 69 b6 3e a7 13 73 20 6f 4c ad 4d 7e 45 ad ec 96 9a 8d 95 de 08 cd 6b 8c 6f 0b 0e Data Ascii: J,"<Y$XNvB23UUrv\|#(ZBWMA$sJ9F$cVrM5\`rhXh~V] $,@`6Uz0e/m{4kl+y[DY>uTDd`!LF/EL\(`r\|$lyiUi>s oLM~Eko
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 29 0f 3b dc c7 5d ee e3 2e c6 3b 76 c2 0a 6d 25 ea 70 1f 77 c9 fd a5 08 94 14 b6 84 ed 99 35 15 f7 71 17 0a cf df c7 5d e8 66 df 7d dc a5 64 41 40 f6 de c7 5d c4 a9 28 1e 1d 1d 8f b9 8f bb 98 e0 90 91 3e 79 58 26 b7 bd ef e3 2e 7f 32 ee b2 5e 18 a7 9a c7 57 3a 28 60 b8 45 a1 95 d0 dd 86 0f 96 ae 43 e1 b0 f2 05 2b f6 43 e3 a6 54 d1 ca f8 2e b7 81 76 33 94 7d 5b 65 3e 67 bb 3e b8 46 6f 22 62 e0 48 78 10 b7 45 1e 91 90 f0 43 20 96 bf b8 5c ca d0 ac 28 26 57 54 82 cd ad 6d c0 f7 2f 3e d2 1b 44 9f 5a f2 99 df e6 c2 45 cd fd 55 7a 3c 71 7a 98 88 45 ed d4 ee e3 56 3a be 76 1f b7 fa ff 3c 6e e5 e3 bb 7e e5 04 d2 97 fe f2 61 33 57 c1 e9 35 01 f0 0d 61 cf 3b b5 c8 57 b2 33 18 f2 7a 56 94 8d 3e 8c f4 d3 4a 77 39 7c 85 2b bc 48 c0 e1 1a ad 72 e7 d0 ac 83 6f f1 04 9d Data Ascii: );].;vm%pw5q]f}dA@](>yX&.2^W:(`EC+CT.v3}[e>g>Fo"bHxEC \(&WTm/>DZEUz<qzEV:v<n~a3W5a;W3zV>Jw9\|+Hro
2024-10-24 09:44:05 UTC	43	IN	Data Raw: 8e fc 60 a0 fa dd 4e 37 e8 1c 75 fb 93 31 5e 61 18 4f 94 ff 7b 8a 14 f3 d5 ff 03 00 00 ff ff 03 00 54 8e 8e ef e4 9f 00 00 0d 0a Data Ascii: `N7u1^aO{T

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
134	192.168.2.16	49899	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	676	OUT	GET /gui/88292.a814e2f9bbd53eb184a3.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:05 UTC	354	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e5910553b90e17b5d57fcb21a2c1ba47;o=1 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:01:45 GMT Expires: Sat, 18 Oct 2025 10:01:45 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517340 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1054	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 31 0d 0a 00 0d 0a 30 66 66 39 0d 0a 00 02 ff ec 7d 6b 7f db 36 b3 e7 fb fd 14 8c 36 27 47 da 42 8a 2f 71 e2 c8 51 5c c7 76 1a 37 be 35 72 92 b6 d9 ac 4b 49 b0 c5 46 12 55 92 f2 a5 8e be d2 be dd f7 e7 93 ed 7f 06 17 82 14 65 cb b2 fb ec d3 6e 9e df 39 8d 45 82 c0 00 18 cc 7d 06 a5 51 2c bd 38 89 82 76 52 5a 2b c7 b2 77 52 3b 97 ad a1 df fe b2 d9 1d 0d be 9c 25 c7 a3 e0 b8 ef 07 83 c6 35 ef be 7e fd f4 b9 52 1b 8e e2 6e f9 d3 a7 d5 d5 a5 e7 4b 62 79 71 e1 e9 82 78 f2 ec e9 e2 ca 67 71 f5 6c 71 65 71 a5 5e 96 22 11 Data Ascii: 000000010000000100000001000000010000000100000001000010ff9}k66'GB/qQ\v75rKIFUen9E}Q,8vRZ+wR;%5~RnKbyqxgqlqeq^"
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 5f f5 47 49 48 27 dc 3d ef fa b8 57 99 9e 98 f3 52 53 14 82 e6 65 1f e1 ef 24 c2 76 b8 0f af a7 0b c5 64 01 e8 1b 94 f3 73 c5 ec 85 14 71 ad 2f a2 da 4f a2 1c 81 3e e4 9b 34 a2 0c ad 50 cb 15 cb e4 03 51 0e d5 e1 c4 6a 55 40 51 f4 1a 66 d7 cf e3 de 27 da 8f c7 98 25 48 f3 97 86 6e de 78 89 95 1e d4 46 0f 2b e5 73 9c 23 e6 3d 63 b1 b2 f8 74 61 d5 61 45 86 ad 68 06 42 6c 65 f1 e9 d3 27 2b 8a ad 3c 5d 5a 5d 5e 52 6c 45 73 0d 62 2b cf 9f 3d 7d a2 98 46 4f 74 c0 47 98 59 50 47 ed 86 a1 75 6a 3c 62 18 f4 3c 06 8f b2 d8 a2 69 3d 78 55 f8 62 79 3d a9 6b 74 8f d6 a3 c6 41 eb 77 50 01 a2 0e 07 e7 83 c3 28 04 a2 25 97 5b 32 6e 47 c1 90 90 8f d8 67 3d 5a 0b 4e ca a5 90 9b e2 bc 10 4d 08 4f bc 77 12 14 a9 9d 3c 7a 54 32 20 4c bc c3 1e b4 c3 c8 4f 64 65 d0 d0 cd ed 23 Data Ascii: _GIH'=WRSe$vdsq/O>4PQjU@Qf'%HnxF+s#=ctaaEhBle'+<]Z]^RlEsb+=}FOtGYPGuj<b<i=xUby=ktAwP(%[2nGg=ZNMOw<zT2 LOde#
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 34 60 78 ec 20 a8 95 0c ca 95 4b e4 70 82 49 81 ad b9 4a 05 af ef 8f fa 2d 19 c1 4e 57 19 03 32 d3 c2 d8 8e 4a 31 1f a2 d4 a4 95 c0 70 96 7c 57 2a 8d 71 2c 2a c1 c0 93 85 18 a1 36 0c 0b 0b 33 63 3d 10 e9 91 a8 3f 58 10 d0 b4 4e 82 d3 11 1f 11 fa 7d 0e 4b 31 1d 17 fc 3d ae d4 95 8b 43 c8 31 ed 4a df d9 27 b2 23 7e b3 eb cd 63 d7 53 26 b8 53 6b 5b 9f c7 08 e7 0f fc de e5 9f 40 9e c6 83 45 65 ee 91 03 da b4 0f 49 60 9f 04 71 73 d4 22 9b 69 2b db 0e 8e 04 19 6f c9 44 39 5a e2 c6 82 ea 60 38 6a f5 82 b8 2b 3b 3b 83 bd 10 0e b4 30 b2 3d c1 1e e4 f7 b6 07 fc a1 69 ce cf de c9 1e ec a8 1d d5 19 bc 69 ba ab 40 77 8f 27 06 bc 24 c2 a1 70 7e 77 83 8e c4 67 0a eb 0f 7b 7e 5b 76 c3 1e 34 7d fb 41 10 ef c0 4e 46 67 cc 79 b4 d9 93 fe 40 3f bb 85 e1 b1 45 26 89 d1 b0 43 Data Ascii: 4`x KpIJ-NW2J1p\|Wq,63c=?XN}K1=C1J'#~cS&Sk[@EeI`qs"i+oD9Z`8j+;;0=ii@w'$p~wg{~[v4}ANFgy@?E&C
2024-10-24 09:44:05 UTC	315	IN	Data Raw: e5 27 58 b1 cc ef 12 9b cc 94 61 d3 d8 cb 10 f4 1a 8a 01 e2 89 3f 7d 86 d9 98 b4 06 28 e6 6b 49 74 49 9c 32 6c 20 20 d6 18 d4 2a 15 88 ba 17 89 58 20 c3 16 33 52 b5 f7 30 39 22 26 38 d0 33 59 43 27 8b 63 1b 66 b5 f6 00 a1 3f b0 f8 22 42 87 ac 72 b0 4e 22 6c 71 20 49 99 f4 55 4c 75 a4 22 6c 61 bf d6 b1 58 e8 2c c1 3a 03 96 ca da b8 4d 8a 0f 49 f0 00 0b 21 2e 0d 98 1b 95 42 75 a5 41 7c d0 43 d4 15 9b 6a 83 9a 5a 72 74 8d ad d3 3f ca 15 6d 32 45 08 17 3a 46 30 a4 6a 64 bb c1 2c 3b 15 65 fd 8b 49 62 60 a3 a6 3f 26 33 5d 32 b1 21 68 ac 85 92 d8 d8 f8 12 e8 4e 08 50 33 c2 89 77 ca 1f 6a b3 e5 d5 18 06 4b 75 ea b5 55 b2 52 8b 7b a4 16 ad 8a 2a a2 be d5 70 25 b5 8e 24 bb 04 d8 45 84 c4 42 a4 54 01 99 98 0b 8c 9f ee 13 15 c9 29 4a 88 75 e2 0f 60 e4 6c ca 84 ff 5c Data Ascii: 'Xa?}(kItI2l X 3R09"&83YC'cf?"BrN"lq IULu"laX,:MI!.BuA\|CjZrt?m2E:F0jd,;eIb`?&3]2!hNP3wjKuUR{p%$EBT)Ju`l\
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 31 0d 0a 7d 0d 0a 31 66 66 65 0d 0a 62 51 48 b1 2a b0 9b ee 0c 60 93 44 ac 38 88 80 ec 0f 13 2f 09 bd 0e 3a a4 29 8d 10 1e 32 80 2f 9c 51 12 22 82 17 60 ae 3e b4 b4 da ff 84 c6 e5 71 58 08 b5 6f e1 0d 61 31 9a 08 fe c0 27 d6 e5 85 1c 17 18 2b 5b 6c d7 3f 93 9e ef 19 d3 b0 c1 f2 cf e5 8a d7 97 49 37 ec 90 51 b6 ec 84 44 ab d9 5c e9 10 5c d8 87 93 97 26 00 90 ed 22 36 1c b0 b2 66 fc 04 01 8c 5f 51 43 9d 56 60 65 f0 22 59 0b e0 23 88 3e 05 9f 61 94 0e 3e 1b d1 3e 62 4b ea c9 37 4b ea 3d 44 33 29 4b ea 65 26 72 91 cd 08 38 7e 2c bb b7 24 24 39 0a db db 54 d1 82 4a 55 83 ae e5 1f 85 86 b0 8a 07 89 a1 48 7c 9e 40 48 97 fe 47 79 79 a9 9a 90 ef 49 36 83 3f e5 7f 50 dc 0e f5 69 0c 14 b2 91 d4 a8 97 5a 0c 0b 2b 1f 70 9c 01 Data Ascii: 0000000101}1ffebQH*`D8/:)2/Q"`>qXoa1'+[l?I7QD\\&"6f_QCV`e"Y#>a>>bK7K=D3)Ke&r8~,$$9TJUH\|@HGyyI6?PiZ+p
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 5f db 0e 0a e7 8e 1e 94 1b 76 3c e4 d9 c3 93 df ab 9e 87 51 0f bf 5a 31 1c f7 ec c7 8e 6b 16 2c f2 8a 37 51 36 01 b3 49 73 8b cd 5b 84 50 18 8f f8 6d f4 aa 36 e9 55 70 fe 29 c7 37 bb 34 89 d1 69 a1 3f 05 13 5e 72 c4 bf 99 bc f2 d4 a7 7e 05 eb 12 f2 d0 8f d5 e4 ea 94 57 3e 86 f2 5b 2a d5 af 69 6b 26 ef 34 47 e8 c8 5e 90 44 70 9c 07 6d b8 a0 89 8b 21 0b 6e 48 99 9b be 76 e8 57 48 df 46 88 46 bf 5c fa 25 1c 79 c8 4d f7 4e 43 8a 12 21 c3 16 82 33 7a b0 4c 91 ac 85 85 a4 34 70 4f ed 38 31 52 98 b7 b0 d5 1c 13 16 21 b0 c2 8b 61 a4 f2 ca dd 24 19 c6 f5 c7 8f 11 c7 88 34 77 35 8f da 69 90 74 47 ad 5a 10 3e ae 08 f4 e6 c3 3e d0 0d a2 8e 37 84 9e 7c e9 f5 31 84 b2 77 f1 96 d3 c8 3c 22 0d 02 33 17 c5 08 21 89 8a 02 42 b6 54 02 22 ec 5e e4 8d 36 13 de 23 33 01 47 90 Data Ascii: _v<QZ1k,7Q6Is[Pm6Up)74i?^r~W>[*ik&4G^Dpm!nHvWHFF\%yMNC!3zL4pO81R!a$4w5itGZ>>7\|1w<"3!BT"^6#3G
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 6f 28 35 85 6e 28 49 d3 a1 c7 97 38 d3 97 38 d3 19 3b bb 29 a5 a5 79 cb b5 c7 dd 10 71 2a 0f a6 48 76 84 10 c0 46 49 d5 4a 2b 19 ca de f2 49 07 8c 40 52 3a b2 53 1d c2 35 67 53 d2 0d 11 c6 f1 87 a4 92 a1 cb 1e 31 3a 4b 9c 95 34 3b 0c 87 64 17 34 a3 65 04 4c 3c 74 1c 50 5a cc 9c 2e 5a 2a 56 e2 03 2c 17 e2 ef b3 a2 8f e6 37 34 3d 63 30 d7 72 61 31 53 1f ea 0a 64 43 7c 70 ed ca d9 a5 49 06 5e 2b 19 54 29 75 4b f1 a2 0f f0 88 90 02 cc d2 11 0b 57 a9 24 a1 f9 7a ba 0a 46 c4 60 e0 c8 c4 eb 92 ec 0b 6c ef 05 91 6c b5 76 9a 4f 71 74 5c 95 0c e9 29 e7 b2 c2 12 28 1b c7 a5 da 72 75 06 4e 10 72 ec 85 a9 51 95 ef 8a d9 26 a5 1a 5a 2e 39 a1 44 6b 56 86 7f 2c 5b 53 a5 c1 ae 14 65 83 1f e0 28 84 be 3b 6c 85 7e 84 5a 85 60 09 68 eb a8 24 e0 80 08 c7 d1 02 d4 66 38 bc 64 Data Ascii: o(5n(I88;)yqHvFIJ+I@R:S5gS1:K4;d4eL<tPZ.ZV,74=c0ra1SdC\|pI^+T)uKW$zF`llvOqt\)(ruNrQ&Z.9DkV,[Se(;l~Z`h$f8d
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: bd 77 d7 d6 1d 28 71 27 e6 f4 94 04 4c 78 93 a5 07 b8 37 9d 13 4e 54 87 72 f4 b5 5d 9d 3f 1f 4f 4c 99 3c f0 14 87 01 5a 52 82 7d 14 62 3a 52 d4 65 c2 c1 ec 6b 24 13 53 7a 10 64 fc 35 5d ef 47 db 13 a4 4e 93 a2 5c a3 c0 95 5a 23 23 b5 46 e4 76 de 30 36 17 14 b7 a5 b2 39 c8 cd 26 23 26 f2 58 1a 72 ad 85 38 88 2f 63 94 92 82 83 7f 60 ea 27 73 06 4e ee 59 65 cc 4b c7 3d c0 80 09 84 4b 18 d7 a8 c4 47 53 23 df b6 2a bf 6c 62 cc 8a 69 e1 77 df 59 f0 d5 6e b2 29 47 61 af ed 60 cd 78 a8 b3 88 8d a5 41 12 84 8c de 1c ed ed 42 ab 66 94 e3 c8 3b 8e 7d c3 81 35 c7 00 a5 2a 54 e7 53 c8 31 62 a9 49 67 2a 86 f0 45 63 11 15 01 74 7d 87 0d 53 c0 92 e9 b9 3d 6d 53 27 5f 43 89 1a 65 5e 32 c1 a8 13 c1 87 a5 4f bc 8a 9f dd f0 3a 2a 0e ec cc c7 44 12 66 a6 04 b9 9c 6a 07 e4 57 Data Ascii: w(q'Lx7NTr]?OL<ZR}b:Rek$Szd5]GN\Z##Fv069&#&Xr8/c`'sNYeK=KGS#lbiwYn)Ga`xABf;}5TS1bIgEct}S=mS'_Ce^2O:DfjW
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 76 40 c7 7d af 2a f0 68 37 84 39 d9 c6 4c c8 67 a8 e8 74 3b 05 2f d3 c3 a2 22 e6 8b 0e 8b 8d 98 0f 40 62 4c c8 c8 ed 02 e4 cd 49 d0 79 18 93 be 6e e3 0f d0 02 5f 21 26 bf 00 06 68 81 0e 75 a0 71 c9 2a e8 1d 39 02 28 e2 6f d9 c3 7e 6a cf 79 15 f9 4d 78 0d 62 03 8c 48 ed d5 a3 1e 0e a9 8d 7c 53 6e 80 94 22 b8 a1 ee b8 8d c9 44 b6 b7 6a 08 69 d7 51 ee 8a f8 39 61 17 10 75 e5 29 84 30 bd 51 ce 9b 3c 5d 72 25 6c 83 64 2a ac 9d 16 bc 17 68 99 14 7f a8 a8 20 13 be 0d 7a 66 22 27 5e 4e dd 4e 52 2c 4c a7 2a 74 1d 98 ab ef 9d d5 eb 85 58 41 8e 17 a4 38 b7 89 44 0d 4d 1c d4 17 14 59 96 8d 85 52 cc 82 47 37 18 a6 05 44 f3 13 29 6d da bb f0 7e 48 62 28 d2 d6 72 de 06 07 ab 91 cc 75 1d 59 87 0d 92 e3 ed 34 cb b0 bc e2 53 ad 46 e5 69 bd 26 6c 7a 54 2a 46 15 6c 85 a9 30 Data Ascii: v@}h79Lgt;/"@bLIyn_!&huq9(o~jyMxbH\|Sn"DjiQ9au)0Q<]r%ldh zf"'^NNR,LtXA8DMYRG7D)m~Hb(ruY4SFi&lzT*Fl0
2024-10-24 09:44:05 UTC	1178	IN	Data Raw: fe 60 2c cb a4 b5 da 81 94 b5 8b be c2 c7 6a ce 94 cd 62 a4 90 5f f1 f9 af f4 39 2f 3a 0f a4 1a 91 f1 43 4b 1c a9 f0 91 39 14 c6 4d 09 59 e3 87 29 b2 86 e5 f1 3f bb a2 46 8e c7 df ee e3 0c 08 29 2f fd b9 61 ba 29 e6 a5 0e e3 54 64 a9 6a f8 e7 cf 8a 7f fe 42 fc 13 9c 12 85 d6 c9 87 22 e1 8e 91 22 90 10 31 52 3e 89 74 3e 63 a9 27 29 fc db e5 87 15 58 d1 06 a6 f6 ae 17 be 5c 46 96 da a3 47 3a 81 4b 5d 3d 40 a5 b1 c8 20 a6 19 ac 18 8c 79 7d 43 79 1d a7 cc 6c 72 9e 1f 65 5e e6 95 c7 c2 23 6b 23 0d ff 3a 56 36 bb d2 fa cb f5 4a ab 84 57 af 2c 65 23 92 7f 0b e6 e7 90 92 84 20 4f 14 e4 ff 72 96 a7 78 46 21 3b d1 b0 80 7e 52 e2 05 6e 66 e2 92 5b da 50 0b 6f 9b e6 a6 36 87 3e d3 70 56 87 c6 ed 18 91 a6 c4 da 77 ab c8 6c 21 e6 12 c1 37 4c c2 a5 fa 01 ad 75 a0 d7 da Data Ascii: `,jb_9/:CK9MY)?F)/a)TdjB""1R>t>c')X\FG:K]=@ y}Cylre^#k#:V6JW,e# OrxF!;~Rnf[Po6>pVwl!7Lu

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
135	192.168.2.16	49900	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/38304.fb4a0d25cd02c2064144.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 950a07a88d86d13754ef9c3ba681ae2b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:55:16 GMT Expires: Sat, 18 Oct 2025 08:55:16 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521329 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 31 0d 0a 02 0d 0a 30 66 66 37 0d 0a ff ec 7d fb 9a db c6 b1 e7 ff fb 14 10 ad c8 a4 03 62 78 bf 8d 28 59 19 29 27 3a 91 2d 1f 8d ec f3 6d 94 d9 31 48 82 43 58 24 c1 10 e0 5c 4c f1 fb f6 59 f6 d1 f6 49 f6 57 55 dd 8d 06 40 ce 8c 15 25 39 df d9 b1 13 0f d1 f7 ae ae ae ae ae 5b 97 e3 60 3e f5 ae 82 d1 ca 1f 7f 3c 99 6d 96 1f 2f 93 f3 4d 78 be f0 c3 e5 f0 96 bc 4f 9f 3e 9c 55 bc d5 26 9e 95 3f 7c 68 f6 9a b5 96 db eb f6 3b b5 33 77 db 6d 36 db ed Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010010ff7}bx(Y)':-m1HCX$\LYIWU@%9[`><m/MxO>U&?\|h;3wm6
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 52 24 a5 23 cc ff 08 13 a3 3f 0c 8d 9f 2b 2e d0 63 ee fd 67 a5 bc 5d f9 93 09 f6 e8 00 63 5f 5d 97 5c 6e 8a 3e f8 4b e6 a5 3f 77 5c 2d f4 18 83 be f3 57 a8 5d e2 e5 95 5d 52 1a 3c ca 6e ba 27 4f f8 bb 80 c0 2a dd de c9 ae 34 a4 f6 d6 9e 96 a4 e9 df d0 94 da e6 79 42 a0 3a ca e2 ba 26 16 86 62 3d 79 22 fd d9 43 d4 69 7b c6 90 9b 37 e0 54 ac 7e 80 84 1e 2c 69 77 9d ae d6 3c 98 26 83 12 76 1e ad 55 12 ad f0 bb 4f bf d1 e5 e6 9b 72 bd ca 00 d7 14 09 69 d2 ab 20 8d 5b af 55 76 3b 77 ec f1 ce 8e 87 4c 21 36 cb d8 9f 06 27 a7 a7 95 f2 c4 7b 51 71 c7 95 e3 59 f9 03 b2 62 0f cd f0 39 8a 65 a6 b3 72 f0 fd 66 31 0a d6 bb ca 99 bb a0 3c 0c 10 a9 6e a9 00 8f 92 7b 19 85 13 a7 56 71 7f 63 4b f6 94 ef 6e e4 0f 51 34 0f fc a5 bb 96 03 7c f0 a8 e6 fa 09 b8 97 d1 26 09 06 Data Ascii: R$#?+.cg]c_]\n>K?w\-W]]R<n'O*4yB:&b=y"Ci{7T~,iw<&vUOri [Uv;wL!6'{QqYb9erf1<n{VqcKnQ4\|&
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: e7 a1 d4 1b a2 f4 20 ac 54 4a 0f 52 6f f4 1b 9d 7a 5f d4 1b 4a e9 41 ea 8d 3e 1a eb 41 84 82 9f 4a ff b1 a2 66 bb 28 8b de d0 40 bf d9 ef e2 f4 b8 40 01 85 ed 33 2a d0 e8 36 68 0c 48 24 8d 0c 8f 80 76 14 fd a8 37 7a b5 3e aa 6c 50 a5 d3 6d d6 91 b8 c0 cf 7a b7 db c6 b6 21 29 01 7a 6a 65 a5 04 2e 84 03 ee 63 f7 d4 7d ef be 70 7f 75 df b9 af dc b7 ee b9 fb d2 fd c5 7d e3 be 96 0d a5 af bd ce 1f 48 81 a1 97 da d1 c9 74 c7 83 b2 e4 05 49 26 71 00 f3 5f a4 55 94 42 22 d8 e1 e3 d3 a7 b4 34 35 41 6a 8f f5 50 94 32 c1 73 fa 3b 28 91 88 99 94 15 93 d2 23 ad 6f 39 bd 59 8c a2 f9 93 27 c1 07 f9 e5 e1 22 04 dd 4a b4 3e fb f4 29 f8 50 fa f6 5b fd 5d 3a 23 7d 0d b5 f3 68 b8 96 e6 23 17 0a 21 d7 07 8d f8 70 06 35 13 6e 89 73 5c 4e 8f 93 f5 0d 8d 96 d6 70 b8 c6 c9 3c 9f Data Ascii: TJRoz_JA>AJf(@@3*6hH$v7z>lPmz!)zje.c}pu}HtI&q_UB"45AjP2s;(#o9Y'"J>)P[]:#}h#!p5ns\Np<
2024-10-24 09:44:05 UTC	333	IN	Data Raw: 84 a5 8d 74 f9 d8 ee a4 e9 b9 ff eb cd 1b 2c 7c 30 31 bb db f4 ae 6c 64 a8 a7 17 16 f1 22 82 08 0a 63 1a 9f f9 f1 cb 30 86 0a 3e 5c 40 5c 0a ee f5 d6 9b 5b e8 59 37 b7 0f 0b ef 85 0b 59 d0 59 85 0d 57 c6 b3 00 a6 64 9a ca a8 71 bc 0b fe b6 09 21 d8 35 d7 3f 87 61 42 66 66 a7 6f b5 0a fc f0 34 4c 09 b9 da e9 4f c2 73 96 85 03 86 a7 20 e8 09 ba 5d 29 33 00 85 3c d9 af 98 6c b9 ca 25 53 0f bc 91 b1 6f a1 f3 d7 d8 0a f1 e8 54 13 f1 f3 b2 35 58 11 cb 89 05 cc 0d 2e a5 37 c3 d7 d9 4b 29 d1 64 4c 0b b4 4b 04 e9 cf 63 c8 df 60 3a a1 25 d0 19 63 99 2b 67 31 82 96 67 02 b9 fc 32 c0 1f 28 65 60 37 76 0d 0d 8c 92 22 a7 66 26 c6 c0 e6 4a db af a8 14 9c 5c a5 67 4f e3 79 94 38 c4 17 0f 4b 20 60 33 a0 39 ae b3 50 a6 50 3a fe 48 3b f2 47 9a de 33 8e 7d 0d 53 e1 6c f5 ac Data Ascii: t,\|01ld"c0>\@\[Y7YYWdq!5?aBffo4LOs ])3<l%SoT5X.7K)dLKc`:%c+g1g2(e`7v"f&J\gOy8K `39PP:H;G3}Sl
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a e1 0d 0a 30 30 30 30 30 30 30 31 0d 0a de 0d 0a 30 30 30 30 33 63 30 37 0d 0a 11 40 10 2c b6 7f 28 13 78 a4 a5 b8 25 9b 8f de eb e4 dc 18 07 c4 99 c2 cf a5 d9 41 e0 91 39 43 e5 39 0b 73 05 6b 44 f3 97 c3 1a 7f 0e 4b 33 e8 f0 f0 df 6a b8 9c 46 0e 6b 8c 68 41 56 5a 95 b4 b8 81 82 c2 d2 d8 60 87 c2 96 08 25 8e 56 cf ec 35 b1 95 85 94 8d 4b 47 b4 bc 78 26 04 8d ce 06 1c 51 d0 a0 44 0b 07 4a 2c a0 e9 bf 45 d1 05 2e 21 71 b4 59 e3 24 05 c6 48 79 e7 3d 8c f3 1c 82 1e 2e 19 31 2e 23 c1 12 67 27 6c ef a0 49 c5 d9 bb b7 b2 03 71 fd 8c 0e 1c d5 e6 8b 9f 5c 10 ee e5 24 f4 97 89 f3 7a 39 06 11 c2 0f 1a c9 12 56 8d 49 e0 2f 5c 27 48 c6 1e 1f ca 57 d4 11 6e 33 63 c0 00 1b 88 ee 2f 3e 2d 82 e3 5f 82 80 d3 2d c8 73 fe 14 5d 05 10 6d bb 20 1f Data Ascii: 000000010000000100003c07@,(x%A9C9skDK3jFkhAVZ`%V5KGx&QDJ,E.!qY$Hy=.1.#g'lIq\$z9VI/\'HWn3c/>-_-s]m
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: c4 c1 9c 2c e4 d9 8f 1c c6 b8 52 ed cb 41 40 36 95 34 1a 4d a7 ae 42 30 bc 57 1e 10 05 c2 43 b2 2b 01 91 3d ce 25 a2 c3 b9 3f 0e 48 7c 08 a3 50 18 bb 8e d9 4f cb 4b c2 04 7a 90 04 92 f2 a5 7f f9 3e 02 25 a1 35 92 96 49 6b 21 8b 7c 0c 5a 06 03 76 48 fb 56 be c8 69 c1 fd 06 30 3f c1 b5 61 99 bc 0c a6 fe 66 9e 94 b5 69 2d 0e 14 c1 8a 63 28 9d 6c 92 42 ca 3c 95 b2 17 c6 eb ca 0e 32 42 48 89 31 8c f8 7d a4 ce 89 47 5a 03 a6 90 46 1d 70 0a 1c 54 d4 cb a3 0d db c2 41 aa 94 b0 f3 45 b0 23 c4 11 0a 6a d7 92 be de c0 4a 1f 03 16 8f 0f fa 10 bb 7c f9 86 24 2c 99 1d 35 b1 a9 0e 11 2c e6 13 95 c6 93 37 a6 e6 19 7f 4c 95 1e df 60 0b 02 75 1e 41 21 69 70 0f 27 27 d4 44 8f 8c 72 53 40 0e 35 e4 93 27 11 4e 08 11 24 31 79 c2 3d 37 18 44 5e 41 08 07 6f 41 f8 7d a5 85 cf 3e Data Ascii: ,RA@64MB0WC+=%?H\|POKz>%5Ik!\|ZvHVi0?afi-c(lB<2BH1}GZFpTAE#jJ\|$,5,7L`uA!ip''DrS@5'N$1y=7D^AoA}>
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: f6 31 ec 6c 35 43 26 7e f0 6a 9a 66 7b 2c 12 f2 0c c2 d9 22 57 73 83 f8 3a a1 1a 22 a6 80 5c f3 75 1e 7c 71 99 0f d4 df df ea 84 7c c1 9c 06 56 1d 7d d9 51 a5 c2 4c 3d 4e 61 74 82 89 20 88 be 73 ca 57 46 c0 20 49 59 51 44 56 3f 09 83 b0 7d 34 44 93 42 5e 65 7d f4 15 34 d4 cf b3 54 c9 2e 6c 93 d0 5f 00 ee 5f 08 dc 3c 3d 2d 99 35 27 17 b6 a8 d1 90 67 84 d1 6f 50 ef 8d 20 91 2d a3 7e 89 e4 97 92 bc 03 d3 33 21 01 2d 91 4b 96 89 dc c6 d0 53 81 b5 c6 2a e1 ea b5 56 95 6e db fb 07 a4 6f 41 20 13 96 20 d7 f4 0b 66 42 31 ef b0 fc 8d fe 15 43 31 fd a6 43 d9 1d 7f cf 76 e5 23 ef 3f 70 ad 38 73 ff 62 fb b8 88 f8 33 75 80 90 a2 3e 15 c9 38 bf 9f 32 45 27 17 8a 4c 75 2d 09 fa ec 06 d2 db fb dd 4d a4 0e f8 99 31 14 24 f9 9f dd 92 2d fc bf bb 91 fd 9e 2e 99 a1 19 b5 ca Data Ascii: 1l5C&~jf{,"Ws:"\u\|q\|V}QL=Nat sWF IYQDV?}4DB^e}4T.l__<=-5'goP -~3!-KS*VnoA fB1C1Cv#?p8sb3u>82E'Lu-M1$-.
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 0b a8 f3 42 c5 1a 92 c5 cf 64 68 69 33 b4 72 11 74 1b c5 c0 41 1c 94 0a 42 4c dd d1 33 e2 13 6e 43 a7 cc 94 8f 78 ce 98 bb 32 07 b6 d6 2e 07 66 98 e3 49 54 d3 c2 4c 79 55 d3 ff ec 69 8a 78 e3 58 47 2c a2 9d d0 ba 15 72 19 d3 64 d5 1c c4 86 ab 7d 16 ca e9 82 82 5a 2a 1f 09 a5 1c 49 b3 ec cd 6f d9 3b 85 13 a5 b1 56 76 15 ef d8 12 8d f8 41 e8 32 8c 5d af 32 3d b0 5a b3 54 b9 30 c5 d1 f6 bf e4 8a 8f 35 3a a7 dd 75 be 98 b4 6d eb 5f 14 5b 2b 4d b0 2d 19 bd 04 45 b9 24 8a c2 d0 c3 14 f5 0c a0 a9 27 69 b6 d5 a7 25 87 8c b4 b9 48 94 e9 4f b9 ae d7 dc 66 2a 2b b7 74 68 e2 11 44 d4 2b 5c 5c 38 f1 7a 8c 90 7f ca ca 9c b4 b8 f0 9d f4 c0 c9 42 ff 0b 77 49 36 96 43 b0 33 a6 60 b0 ef b2 94 45 a8 0c db 1e 04 c6 5c c2 f3 c1 04 f2 92 10 ae 50 1a cf 49 61 c5 12 6b 32 18 cc Data Ascii: Bdhi3rtABL3nCx2.fITLyUixXG,rd}ZIo;VvA2]2=ZT05:um_[+M-E$'i%HOf+thD+\\8zBwI6C3`E\PIak2
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 24 f2 84 c6 36 a2 48 2a ca c8 0b e7 9f 91 6a ea b7 72 d2 f0 95 72 19 83 73 12 2e 5f 64 3a eb 90 1d 08 77 a2 3d 7e f5 20 e4 1b 77 2b ed e9 6e cb d5 60 2b 09 5d 10 07 a9 30 17 b4 6c 45 6d 4c c7 a3 d5 6d 9b d1 aa c6 9f 1e 1d 6c 9c 2e 75 f9 c1 a6 56 72 6a d0 19 b0 c9 07 01 74 4f 72 0a 3a c9 d4 23 81 23 55 90 68 5b bb 17 1c 63 51 8e 54 02 ce 09 bc 41 10 18 05 61 0f 0a 85 e4 a1 27 65 2e f8 8a 74 46 88 c1 65 40 0f 81 25 e4 2b f9 26 94 50 d2 58 19 ea 6a 20 87 4b 8b 1c 46 76 74 1b 9f c8 e1 12 96 d4 07 82 1c 73 58 3c d2 61 8f 6d 6a 48 40 48 c9 da a1 ba 96 ea 39 53 bb 60 ce f2 5b 1b 50 ab f3 f9 23 48 57 eb f3 db d0 2b 5c 6c 41 db 19 1c c4 3d 8e c3 6a c3 33 b3 92 69 83 87 63 bb ee 6b 9a 1a 31 11 5e 89 42 7f ee 29 01 d3 87 79 c0 c7 c4 d5 3d 8f 09 84 63 6d 36 3a 5d 8e Data Ascii: $6H*jrrs._d:w=~ w+n`+]0lEmLml.uVrjtOr:##Uh[cQTAa'e.tFe@%+&PXj KFvtsX<amjH@H9S`[P#HW+\lA=j3ick1^B)y=cm6:]
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: be db 36 73 f7 74 dd be 82 a5 7a f7 a0 99 3a a1 07 09 57 7b fd 36 99 d4 c2 04 dd 43 4c 7f 79 0f 1e 46 b2 ea 3d 78 a4 85 70 84 28 43 c2 53 39 86 4c 9a 1f 9e 47 f4 81 89 5b 1a cc 22 48 d1 b6 7f 5d 3a 0e 69 1c e7 fe cd 00 d6 e8 74 46 54 47 f3 68 fc f1 98 72 70 ea 20 5a b9 83 ce f0 ae b7 50 05 32 bb d1 ef be a8 e7 bd b9 a8 66 83 07 08 ff 49 71 d8 2f 03 4e 26 76 13 5a e2 39 f4 05 f0 6d 18 38 72 cf 41 d6 ee af 4b 1e 42 f9 03 3c 06 10 df f4 ac 92 1b 0c 85 f6 95 72 1e f5 29 b9 d0 34 49 74 99 01 fb f7 3b 0d bc a1 8e 90 04 14 4c 34 44 68 75 e9 53 3f be 77 70 d8 32 07 e8 ac 5c a7 81 97 1b 2b 3c 52 15 b2 f1 b7 55 82 36 62 2e 50 b8 0f 94 30 e7 6f a1 00 9c 52 64 9c 58 26 b0 25 30 33 dd e6 5f 0e ac e8 f1 54 34 1d 75 00 24 c2 6a c2 7d b4 36 09 2e 64 88 a8 8f 02 91 80 62 Data Ascii: 6stz:W{6CLyF=xp(CS9LG["H]:itFTGhrp ZP2fIq/N&vZ9m8rAKB<r)4It;L4DhuS?wp2\+<RU6b.P0oRdX&%03_T4u$j}6.db

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
136	192.168.2.16	49901	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	676	OUT	GET /gui/52564.fcbb1496712f373a7906.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 343cd6bb679ea3cb9e44478bef3381bc Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:12 GMT Expires: Sat, 18 Oct 2025 08:45:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521933 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 79 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 49 0d 0a 30 30 30 30 30 30 30 31 0d 0a 96 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2e 0d 0a 30 30 30 30 30 66 65 65 0d 0a fc ff fd 14 69 dd 1a bf d2 54 4a Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001y00000001_0000000100000001I0000000100000001.00000feeiTJ
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 03 7c e4 5f be e4 1d 40 c4 b8 d9 ba 99 e2 4c b8 35 7f 9e b3 fc 7c d4 6a ce be 7c 69 ce 7a 67 1f 83 27 17 79 7b 96 b4 87 32 4e 90 60 fd 6e d4 46 70 99 e4 67 ed 3e 30 da 10 30 16 9c a7 c3 68 14 ec 8c f0 ae e2 5e e3 bb eb a5 9b 46 b0 93 9d 47 00 4b f3 d7 9f 74 98 36 0e f8 24 99 9e 9b af 9f 06 4f ce 56 9e ee 9b fd 04 27 c9 28 0e a2 2c 88 02 cc f4 e4 11 7e 0a 9e 0c 93 0b fc 3b 79 fa 6c 9c c7 40 1e c1 c4 9c 26 01 2c c0 f3 67 d3 a0 99 4e 88 74 a2 51 eb c9 a3 09 9a eb ca 73 5c 7d 3b 19 4f 66 79 30 19 45 83 f8 2c 1d 61 cf bd c6 2f e8 61 87 69 04 9d 64 9c e4 3f 13 0d b9 b5 0a 52 6a 0f ce a2 f1 69 8c 6d cb 7e 9e 3e 79 54 1d 15 13 3d d2 e5 e1 df 40 a0 ad d7 e8 cf f2 1c 40 d4 d0 9b ec 35 ce 71 26 c9 b8 9d a7 93 6e b0 b2 34 f9 bc dd 70 eb d3 a6 b6 e3 65 32 8c 83 71 da Data Ascii: \|_@L5\|j\|izg'y{2N`nFpg>00h^FGKt6$OV'(,~;yl@&,gNtQs\};Ofy0E,a/aid?Rjim~>yT=@@5q&n4pe2q
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 60 5a 91 61 ed b4 83 68 3a a4 04 e8 49 8c a7 f1 39 78 bb f6 e9 34 1a 26 10 87 1a 90 34 e7 a4 4a 76 83 64 38 bc 0a 2e 74 dd a7 d1 a4 bd 12 4c da ab 1c ec 6c d5 1f be 0d 26 04 72 b4 d9 a0 36 3c 6f 2f a1 21 77 18 3c c9 46 69 1e 8c c1 1e f6 40 8d d0 92 13 f2 3b 0c f4 e8 6c b5 bc 36 11 a1 fb 10 30 3e dd 3e 9e 37 84 ae dd 8a 8b f2 17 8e 53 08 87 2a 1d ec 35 eb 77 65 60 50 f9 ab d4 ee c1 52 ab 9b 75 c6 29 46 18 9f 82 58 80 4c a8 92 44 79 6a 4f 39 12 41 39 12 8e 5a db 67 42 4d a6 73 d4 c4 d0 03 22 fe 89 4f 4f ca 4b 28 90 e6 a4 67 47 aa a2 31 73 65 72 99 1c 8d 58 6c 6b 79 69 a9 06 8b 6d 2e 6d 2d 6d 51 e1 da b4 6a 56 8b d9 54 f5 6a 50 1b 75 af d0 ac 6e 28 3e eb 8c 55 3f 0a cc a7 38 8e 9a d7 8d cd e5 15 60 3e 6a 5e b7 36 36 d7 a1 8f 9d c9 c7 ad cd c7 2d a8 5f 9d 6a Data Ascii: `Zah:I9x4&4Jvd8.tLl&r6<o/!w<Fi@;l60>>7S*5we`PRu)FXLDyjO9A9ZgBMs"OOK(gG1serXlkyim.m-mQjVTjPun(>U?8`>j^66-_j
2024-10-24 09:44:05 UTC	450	IN	Data Raw: e3 00 b5 66 3a ca 93 49 9b 0d cc d4 41 e9 07 a8 38 41 79 d3 31 9e 61 3a 69 04 7f 3a 4f 81 d6 08 5e b6 75 ed be 45 48 87 1c 9e d8 0d 7a da 09 fb dc 12 dd 96 d1 50 d8 8d 11 52 00 01 f6 52 df c6 93 74 9a 67 84 d5 e7 e9 14 a6 20 dc 2c d6 17 b7 20 f1 fe b2 c9 6b 3f 8c a3 e9 e0 ec dd 74 d4 84 77 83 d2 9c 69 77 0c 95 c6 38 1c 74 12 b6 d8 53 80 21 7c 34 c7 50 75 f8 68 e1 35 c0 e1 35 c1 21 b2 2b 95 a3 82 cb c4 18 f6 a0 38 80 92 02 96 a1 4f 0d ff aa 0d ba 88 b8 ce 9a 55 10 f0 ba 29 75 2a ad ae 07 78 7b 98 69 8f 33 dd 7e 26 18 73 d4 11 d3 17 0e fd 65 34 fd 44 02 d2 0a 9f bd 27 0f 64 48 e7 87 f0 8c 06 67 b5 bc ca fd 85 2f cb bf 93 ad a3 31 39 ee f5 3b af de 75 06 b3 29 d0 58 fe 0e 04 09 4a 74 15 28 f0 33 24 24 b0 fe 91 f8 7d c0 da 73 1a 37 b3 ce 33 ca 3d 42 b9 a7 e4 Data Ascii: f:IA8Ay1a:i:O^uEHzPRRtg , k?twiw8tS!\|4Puh55!+8OU)u*x{i3~&se4D'dHg/19;u)XJt(3$$}s73=B
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 09 0d 0a 30 30 30 30 30 30 30 31 0d 0a 61 0d 0a 30 30 30 30 30 30 30 31 0d 0a c3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 56 0d 0a 30 30 30 30 30 30 30 31 0d 0a 71 0d 0a 30 30 30 30 30 30 30 31 0d 0a a6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 58 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 30 30 30 30 30 30 30 31 0d 0a 88 0d 0a 30 30 30 30 30 30 30 31 0d 0a c2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 87 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 31 0d 0a d6 0d 0a 34 66 66 30 0d 0a 3b 8c f5 ae 72 82 94 53 da e7 68 18 4c ae 70 5e f2 60 ab c8 b5 ec 8a e2 7a 00 81 0d 46 c9 e0 93 c5 b2 f3 de 27 a2 e7 c3 82 85 Data Ascii: 000000010000000100000001a000000010000000100000001V00000001q0000000100000001X0000000100000001!00000001000000010000000100000001?00000014ff0;rShLp^`zF'
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 32 ec 90 25 51 31 34 7d 15 7d 58 82 30 23 44 27 a5 7b c9 74 30 52 d3 8c 18 bf 0b cf 1b 73 13 d6 d9 c0 90 78 c0 9b 6a ce 8c 4d 1b ef 0b 56 24 10 2e 4f 6d 26 51 18 dc f3 4e 93 ea 13 9c 14 d4 02 f4 fe f5 ae ef 12 d7 77 59 b9 3e 86 09 9c ca 05 96 5f 8b 50 3b 3b 51 41 10 09 0d e3 ce ac d5 14 a7 d1 e6 5a 8b 2a 9a 91 50 5a a3 9e f0 e6 53 73 4b 99 b5 e4 fd 0a 93 77 3e ac 05 1b 81 8e 5b c1 c2 e3 16 2d 3f 7a 2b 37 b9 e1 18 49 2b eb 3e 99 58 71 bc 40 27 5f 3b ea 63 7f 54 46 43 95 af 9f 3e fa 72 84 05 35 07 d7 48 0e c2 9d 29 2f 8b cd 9c db 15 5c 74 3f 8b 10 9a 76 fe 2a 6e b0 9f 7c 81 d3 f6 2b 84 cc 5b 1a 2f 62 53 ee d5 79 01 5d 29 fa 7e ea e9 d4 53 e8 70 c5 25 d9 79 9e 56 a5 db 73 b8 dd 5c 51 b2 fd 04 c9 56 c2 68 3d c9 16 12 29 23 62 b7 6f 77 45 dd 5c 5f 59 5a 52 09 Data Ascii: 2%Q14}}X0#D'{t0RsxjMV$.Om&QNwY>_P;;QAZPZSsKw>[-?z+7I+>Xq@'_;cTFC>r5H)/\t?vn\|+[/bSy])~Sp%yVs\QVh=)#bowE\_YZR
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: a8 fd c4 ee d0 0a 56 c5 ef da b1 98 4a 2f 64 7e 16 6f 5d 4c ee c5 a1 bd 55 39 be ad b8 7a db ca 1e 7f 89 68 96 56 c5 b1 1c 39 d5 f5 d8 ce 9d 21 ce fc 4c d7 e4 e6 b0 ba 63 cb 62 48 1c 8f dc 8d fd 66 e1 ca 74 f4 e3 12 bf a2 6b b1 40 40 9e a5 b2 18 3b ea fc 32 9c f7 9c 5c 31 b8 93 43 08 3b c5 72 28 94 dd b5 14 b6 71 f3 95 97 c2 c1 dc 4f ba 72 33 c5 fc 4a 2c cc 90 7f 3a 8a 4e ef 9a b5 c4 66 95 67 25 46 aa cc 6a 06 0d 1f 54 58 eb e2 51 f0 72 f9 10 e4 1c f8 c7 c3 87 ed 65 13 a4 c2 3f a1 7f 1d c6 9f 5f 23 31 57 97 cd 1a 70 20 57 8e 0a e9 31 74 7a b6 b2 c1 b1 6e 94 ed c6 af d1 45 d4 ee 5f 41 1f 90 0e 63 a6 ec da 01 7f c6 2f 7f b0 df 75 1b 8f 19 6f 8d 9f 78 f0 bd 46 26 d1 d7 90 2e 98 c7 23 1a 1e 60 dc e6 47 ee 80 2c 5e 0e 01 41 f3 aa c1 3a f9 54 25 07 e1 2f c5 ff Data Ascii: VJ/d~o]LU9zhV9!LcbHftk@@;2\1C;r(qOr3J,:Nfg%FjTXQre?_#1Wp W1tznE_Ac/uoxF&.#`G,^A:T%/
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: fc 96 1e 3b 3c 75 7f 63 16 cc e2 de 6d 6c ae 04 99 55 c1 0c ba 07 4f e3 e5 1f 85 86 88 15 e0 26 f8 88 20 f6 2f 40 bb fe b9 12 ff fe e3 38 f8 2e e4 65 4f 01 77 f1 cf c7 d3 e6 bd 56 31 be 8f 9f 79 da fa b7 20 33 25 4e c6 d2 58 06 34 35 45 2e 42 da 6e 5f 7c 0d fe e6 be 75 0d 14 f0 bf 69 01 f0 98 45 5f 7f 09 b7 62 51 70 f5 fd b2 ed 50 9e 07 69 2f 35 0b 7c 1d 86 77 f3 be f1 1f c5 3d 5e bb c6 1a e2 b5 2b 42 fd 57 42 f8 d7 00 b5 55 1e 50 35 00 34 b3 80 cb b8 0b c2 0f d5 54 5f ba 80 ff ab 8c 48 95 b0 fb 31 dc b7 52 f0 1f e8 10 3e 80 1d 20 41 33 98 05 c0 70 30 b3 05 e0 3b 13 13 35 b6 48 8e c3 63 38 1d d7 86 ef 90 43 b2 70 bd 30 42 8b 23 a8 04 81 0a 39 17 40 f4 8d e5 b3 f9 78 e7 46 61 12 b7 9c b4 5a c4 5b a1 49 28 8f 00 58 e3 0b 67 9a c2 99 f1 67 08 8d 50 1a 68 39 Data Ascii: ;<ucmlUO& /@8.eOwV1y 3%NX45E.Bn_\|uiE_bQpPi/5\|w=^+BWBUP54T_H1R> A3p0;5Hc8Cp0B#9@xFaZ[I(XggPh9
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 32 f5 f8 8e ff 60 14 b2 8b 40 b6 f4 ac f8 f5 9a 8c 89 b0 68 c7 e2 96 87 62 01 68 6f 47 72 72 74 61 4f 2f 8d 97 ef c4 3b fd 4a 1c 6e b7 df 89 3f 43 f7 a0 65 9d 8a f8 5c 7c 2f d1 0b c5 37 60 6f 14 5d c4 cf 41 3f 69 94 80 5f 95 ea 6a 50 ec 6f 97 6e 15 f0 e3 cf 4c 95 16 98 18 d4 47 58 43 94 e8 a8 ab 9c 5b 57 bf 46 9c 0a 94 77 a8 b9 25 27 54 8e 53 41 05 2e 5f c3 4b 5f 58 9c 91 7a 6e d9 e4 79 47 62 10 94 64 cd 78 eb 92 db 73 bb 61 54 e3 0e da 8f 11 0d 2a 2b 7d 4b 73 70 ac f5 e0 bc 2a 21 45 fd 18 f0 6f ea c2 66 3d c1 ee ea 1a 65 ac 31 e2 55 a0 69 dd 54 34 4e df 78 3a 3a 8a 1e 92 68 ac dc 19 79 01 2f 38 21 eb 2d 49 1c aa 92 0d cf c9 c5 ae 8f 6e c9 e8 42 5e d5 76 af 78 38 de 0e 7d d4 20 18 90 b3 fd 8f 40 75 0b f8 14 e8 05 96 e0 29 5a 6c 50 03 c5 24 b6 ac 73 e1 56 Data Ascii: 2`@hbhoGrrtaO/;Jn?Ce\\|/7`o]A?i_jPonLGXC[WFw%'TSA._K_XznyGbdxsaT+}Ksp!Eof=e1UiT4Nx::hy/8!-InB^vx8} @u)ZlP$sV
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 69 a0 31 74 e6 a4 91 6b 14 a3 dc d5 15 cb 68 75 bd 35 2d 58 50 dd 04 28 2e 83 45 de 31 01 0e 97 b1 51 12 1e 25 07 0c b4 86 4c 19 4c 14 13 98 5d da 8b 04 54 da 9f 78 f2 84 2a ff 1b 92 09 00 55 23 95 87 81 38 41 8b 8f 18 7a e0 88 8b 41 47 8e 40 e4 29 4a 4d a3 64 01 e4 5d 21 09 fa be 05 8b cb 0c 10 d5 0d be 0a f1 4a 1a 38 c1 68 36 ca 1b 02 bf 73 53 65 76 9a 0c 3a 4f 66 6c ab 60 83 3f fd c9 9b 4e 5f ae 45 b3 48 bc 69 96 11 08 11 e0 83 d5 df 50 9d c0 62 58 e8 45 15 85 76 55 0e 43 7a 09 3c eb 3c b4 2d 1c 1a cd 84 0e 02 d9 99 33 88 77 e2 6e fc 3d 14 29 0c 44 63 12 d0 5a 88 d0 0b c3 b6 47 b3 b8 8b 7b 71 4f 82 55 8a 81 78 25 ca 9d a8 8a 7f 5f 4e 13 29 b9 22 29 29 ba 39 40 b1 97 84 f9 8d 38 06 05 93 6b 3c 6a 45 61 2e 93 93 1a 17 8f 05 af 31 d4 04 e9 4d 63 a0 c2 ab Data Ascii: i1tkhu5-XP(.E1Q%LL]Tx*U#8AzAG@)JMd]!J8h6sSev:Ofl`?N_EHiPbXEvUCz<<-3wn=)DcZG{qOUx%_N)"))9@8k<jEa.1Mc

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
137	192.168.2.16	49902	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/84569.030dc629fa8cc22ed550.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: fba5273d9ff9bba209bc2d5d424b7a5a Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:49:45 GMT Expires: Sat, 18 Oct 2025 09:49:45 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 518060 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 31 0d 0a 00 0d 0a 30 66 66 38 0d 0a 02 ff bc 5c e9 7a db 46 96 fd 3f 4f 01 b1 13 37 90 80 10 49 89 14 45 06 76 dc b6 33 ad e9 b4 3b 9f ed cc a6 68 2c 10 28 92 68 83 00 07 28 4a 66 53 7c f7 39 b7 36 14 37 2d 3d 76 ac c4 86 6a bd 75 ee 5a 17 55 68 2c 2a e6 54 bc 4c 63 de 18 ba 15 cb c6 c1 2d 1b cd a3 f8 d3 ab e9 22 ff 74 c3 3f 2e d2 8f b3 28 cd c3 7b ea ee ee 2e af bc 60 be a8 a6 ee e5 65 ff b4 db 3b bf f2 57 9d 4e f7 f4 74 e0 32 9f fb b9 17 3e 5f dd 44 a5 53 84 b9 7b da 3f 6b 9d 7a 7e Data Ascii: 00000001000000010000000100000001000000010000000100000001010ff8\zF?O7IEv3;h,(h(JfS\|967-=vjuZUh,*TLc-"t?.({.`e;WNt2>_DS{?kz~
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 36 7a f8 42 43 cb 77 78 00 f0 32 08 1d fb 38 8e 66 69 96 b2 ca 9e 93 6b 8c 79 50 65 69 cc 00 70 cb 1b 6c af 60 67 08 d8 dd 4d 85 34 f3 ef ca 40 10 47 b3 79 94 4e f2 8d 89 2d e6 de 37 b1 e9 ab 64 cd 12 80 31 04 60 0c 01 10 e2 6f fe 02 6f 24 14 a9 5e 59 ba 4f 7a a6 e8 3c dd 27 3d 0a ac a6 00 6b f9 18 f9 f9 89 60 5d 1e 16 9d cd 11 b5 f0 48 3b ba cf 74 2a fa 4b 4d 7f b9 8f fe 39 e8 9f ef a3 5f 03 e6 18 d8 0f 53 a6 db 6a 9a bc f5 da 1f 05 15 5f 66 ac 0a 05 d2 8b bc 8a c6 ec d5 fb f7 9e 1b 07 2f 3d 7f e4 0d 6f dc 4b 54 a5 c1 5c b9 51 cf 5d 91 ab 1c 48 ef b3 f6 ae fc 25 d5 f1 82 4a fd 86 a5 48 0d 5f 9a 77 cf 3f 34 c6 9f 60 67 58 94 ef 0c 62 c4 bc 1e 62 19 ea 41 e2 45 c5 8b 99 72 60 9e 6b cf 48 aa 5b 35 88 24 6f ed f7 ce fa ad be 15 ef c0 04 c1 43 ac fe 93 0d 5c Data Ascii: 6zBCwx28fikyPeipl`gM4@GyN-7d1`oo$^YOz<'=k`]H;t*KM9_Sj_f/=oKT\Q]H%JH_w?4`gXbbAEr`kH[5$oC\
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 35 66 8d 8f 6c 25 29 11 f8 dc b0 ea 43 41 e3 c9 32 09 0e 0a 45 68 28 a6 c6 4a df 33 86 38 90 5a 91 66 56 f8 0d 11 a2 23 c7 92 4b bd f8 c5 2c 13 8f 8d b5 5b 20 6a 2e 60 1f 91 6e 04 91 14 17 86 e4 0a 44 c2 66 55 2e b0 ef 41 8a 50 64 00 63 ca 66 c1 86 c0 ac 22 ec 50 c1 d1 8a ac e0 80 f9 a2 e5 80 fb 59 3a 4b f9 a0 dd 6a f9 33 8a a2 3e 16 a2 eb 47 b1 1f ca 7d 96 53 48 9a 20 56 f6 69 1f 32 b8 6c 44 0b 5e 4c 18 52 53 94 7e 69 20 56 16 44 98 74 9b d8 52 c7 d3 02 fb f0 bf b2 7c 61 14 ef 12 ce 9e 22 ec 62 c7 28 f9 53 16 21 0a 1e 10 02 95 51 3a 52 a3 14 a1 10 7c 98 c8 70 22 f1 31 68 bc 2d 78 3a 5e 22 da 75 90 d5 64 c8 1f c1 84 2c 90 3f 64 8e 41 2f 51 c6 8d fa 13 2d d2 c6 ac 7d 33 bd e4 86 16 11 61 16 0d 05 4a 8e fe 59 22 14 a3 05 17 1f a4 63 cb 8a 1a 1a c0 e4 7f 76 Data Ascii: 5fl%)CA2Eh(J38ZfV#K,[ j.`nDfU.APdcf"PY:Kj3>G}SH Vi2lD^LRS~i VDtR\|a"b(S!Q:R\|p"1h-x:^"ud,?dA/Q-}3aJY"cv
2024-10-24 09:44:05 UTC	320	IN	Data Raw: eb 31 3d 1e bd 16 d3 c3 cc b1 bb 90 3a 3e 96 f0 07 e3 b4 ac f8 47 0b b9 a7 ec 14 45 b7 1b 84 ef 22 ef 64 52 57 3a 2e a0 4d a8 9a e6 1e 1b 25 5b e8 a0 e0 d7 fa e5 e6 43 9a 40 3b 08 f8 57 d9 ff 7e 36 5b a3 de 87 09 9c cc 17 db 31 5b 0b 4f 0f 58 67 4c a7 97 4d ce 79 d3 ad 20 17 f5 80 84 08 87 be ed c3 d2 f9 fd 48 ec 9b e8 10 24 c6 d9 7c 01 07 be ed bb b0 d9 24 99 d8 49 1e 1c f6 58 8f 04 04 91 08 9d 9f a0 f8 f0 31 58 d4 9e ea 62 fe 15 71 d0 e9 14 ed a4 d2 5d 07 05 a3 c1 cb 68 3c 4e e3 3a 24 a4 2d 39 f2 34 48 b1 53 ac f8 11 bd 2c c0 1e e3 53 90 4c 7c 8c 14 d5 fe e4 31 98 19 5f 02 9b bb 1d 16 12 89 26 e6 ff ea 51 61 3a df e7 3f 5e 8b 04 cf 3b 79 8a 51 9c 31 78 08 04 d9 43 e7 21 d5 09 84 fb 15 69 77 92 43 e2 63 99 c1 7f c6 da 92 c8 48 63 82 63 ae 74 02 81 44 9b Data Ascii: 1=:>GE"dRW:.M%[C@;W~6[1[OXgLMy H$\|$IX1Xbq]h<N:$-94HS,SL\|1_&Qa:?^;yQ1xC!iwCcHcctD
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 9e 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 31 0d 0a 69 0d 0a 63 32 63 0d 0a 46 c5 56 2b ca 0c 8b a4 ee c6 3b 66 94 5a 6d a4 7c ec 6b a7 6a ae ae 02 70 f1 4d 84 83 b9 38 d4 f6 7c 45 57 e3 f2 70 81 13 b0 b8 56 87 3b 7a 97 ad 2b 3a a6 7e d9 36 c7 d7 e4 94 45 3e 4e 27 c8 37 ff 54 94 a0 f9 6f e3 97 f4 d6 fb 7d 8c cc 6e 99 16 38 ca 22 4e eb 7a ea 0e 17 25 8d 3f e0 bc 35 2e c4 b0 0a 9d 70 3a 13 4a 79 ff 00 e2 2c 0c d2 bb 8c 83 16 9c a4 79 ae 2e 5e a5 38 80 aa 4f d2 e5 08 1c e8 da 94 b8 b0 c3 e4 f9 50 9c 7d c7 d9 51 7b 4d b8 40 40 d7 11 71 b7 8c d1 b5 2c 97 ab 83 a4 6e 81 9b 35 b8 7d 48 a7 72 e3 29 8b 3f bd f9 9c e2 c5 13 4e 7d d3 b1 3c 75 c2 73 54 1f 14 fe 0e e7 8b 41 36 8e f2 70 a2 81 4e 39 e7 80 08 87 f0 3d 71 0e 16 73 ba Data Ascii: 000000010000000101ic2cFV+;fZm\|kjpM8\|EWpV;z+:~6E>N'7To}n8"Nz%?5.p:Jy,y.^8OP}Q{M@@q,n5}Hr)?N}<usTA6pN9=qs
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 4d ac 1c 27 c9 58 a9 5d 0d 8a dd 82 b5 e8 67 13 90 8d fa 78 7c ce 98 ac 17 0c dd a8 ec 8e 4f b4 36 ea cb fb 76 3d 54 b5 c3 94 3e 2b a6 6e 54 47 ac ad e7 96 00 6c d4 c6 63 fc c8 99 c5 e2 ed 4a 5b 01 cd c2 c5 b5 c7 7a f1 e7 c9 a8 3f d6 4b 33 12 31 da 6a 15 77 e8 67 0b 80 ad 36 a3 56 c2 46 ca 54 49 10 b6 1a 9c 9f c7 d1 58 2d d4 00 b1 d5 66 dc 8d cf ce 95 e8 69 30 b6 9a b0 7e 74 16 29 ed 51 80 6c b5 b0 cd 94 04 65 ab 81 6d 82 84 c5 94 6a d4 e9 42 bd f4 5f 72 b1 c2 c0 1a fd 84 8a 2a a8 c6 48 05 35 ab 28 af 9a b8 84 9f 8e 07 4e e3 3d 42 b4 98 39 ef 51 46 d7 11 f1 0d 84 77 c5 08 d7 98 f5 bf 08 97 c6 dc 77 fe cc 70 fd 91 e3 f8 a5 ef bc 2c d3 28 f3 9d 7a 14 39 a5 18 7a 56 e4 45 85 af b4 40 3e f5 c8 af 8a 84 a9 91 4d ad ec 31 29 23 1c 97 cd f9 c0 c9 70 53 38 2a 9b Data Ascii: M'X]gx\|O6v=T>+nTGlcJ[z?K31jwg6VFTIX-fi0~t)QlemjB_rH5(N=B9QFwwp,(z9zVE@>M1)#pS8
2024-10-24 09:44:05 UTC	340	IN	Data Raw: 41 28 3a 9d 43 9c b3 6a d5 fa 76 35 42 6a 6d 22 be be d7 34 9f 7f fb 2c 76 34 eb b5 d5 9d 54 1f 76 b2 29 a7 5e f1 02 5f cb 41 a4 46 fe 0e 7e 87 c3 2e ba 27 3d da 85 21 af bc a7 1b 66 b8 a5 d9 ea 4e f8 94 60 86 ef a8 79 eb 2e 8a b5 7b a7 8f b2 e8 51 c5 02 ec b1 20 13 31 9b 16 19 05 98 13 a4 17 57 76 cf a0 d5 de 98 d8 6e 7c 8b af 1a ad 90 f1 fb d6 18 a3 59 54 7d 32 cb 1d 20 39 db fa d6 69 7d 3b dc 5f bc 5e 07 06 19 fd 61 bc 95 2e 19 e8 12 e7 48 de 36 89 72 8e ef 8a c0 e4 ef 7c ae 50 39 60 c3 4b 9d 1c 10 8d f5 e6 cb db 18 07 1b 11 dd 4a e6 71 6c 76 6d c9 9e 6e 68 52 23 9b 43 d9 1f 58 44 b8 61 29 9c 25 be 76 b1 08 47 37 c6 a0 cf 39 ae 64 7c 41 42 b4 35 7f 9a cf 17 5c c9 87 ac b3 54 d2 da 74 69 79 b5 cd 95 d1 43 32 57 7d 0a c6 d7 f0 f3 15 37 d2 2c 4d c1 10 1f Data Ascii: A(:Cjv5Bjm"4,v4Tv)^_AF~.'=!fN`y.{Q 1Wvn\|YT}2 9i};_^a.H6r\|P9`KJqlvmnhR#CXDa)%vG79d\|AB5\TtiyC2W}7,M
2024-10-24 09:44:05 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
138	192.168.2.16	49903	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	676	OUT	GET /gui/97174.987fc1d4b24686f2c0c7.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.0.1729762995.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: e43c67d7b0a8a871dced8794e1cb2b4b Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:12 GMT Expires: Sat, 18 Oct 2025 08:45:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521933 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	321	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 31 0d 0a 00 0d 0a 30 66 65 0d 0a 00 00 00 02 ff 7c 8f bd 6a c3 30 00 84 f7 3e 85 49 17 09 84 e2 bf 48 76 8c bb 14 0a 85 74 49 c9 64 4c 50 14 39 56 1d 4b aa 64 25 83 e3 77 af 5b 28 ed d2 6e 77 1c 77 1f b7 f0 4e 04 6e b0 92 0f 8b 02 38 71 6e f0 55 1c 0c e3 dd 63 eb 55 77 19 f6 5e ee 7b 26 55 f9 4f 76 bb 55 35 c4 c6 bb 16 54 55 4e 23 9a a2 94 ac 48 82 92 9c c4 a4 46 23 4d b3 30 5d 03 85 3c e2 b0 7c 18 39 b6 c0 43 c4 f1 11 78 34 6a 23 d4 46 aa ee 99 6b b5 06 73 ae 27 58 cc da 0d 81 2e 39 88 56 49 9c 40 cc ac d5 d7 9d d9 ca 53 3b 3c 59 dd bf be 7b 66 c5 67 67 42 34 21 61 f6 e7 be 39 7b f7 b3 8d bf ed Data Ascii: 000000010000000100000001000000010010fe\|j0>IHvtIdLP9VKd%w[(nwwNn8qnUcUw^{&UOvU5TUN#HF#M0]<\|9Cx4j#Fks'X.9VI@S;<Y{fggB4!a9{
2024-10-24 09:44:05 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
139	192.168.2.16	49904	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/13420.2099364bebdd02277cf9.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: f86025229c14c34778722cec42e60789 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:56:58 GMT Expires: Sat, 18 Oct 2025 08:56:58 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521227 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 66 66 64 0d 0a 00 00 00 00 00 02 ff ec 5d 79 77 db 46 92 ff 7f 3e 05 8c cd 7a 81 31 08 53 b7 4c 99 56 14 d9 89 9d 91 8f 58 72 2e ad d6 81 c8 96 88 98 04 18 00 94 cd 48 fc ee fb ab aa 6e a0 01 42 87 93 9d 79 3b f3 66 de bc 58 6c 74 37 aa ab ab aa eb 6c b8 b3 5c 39 79 91 c5 83 c2 dd f1 72 35 3e 0b 3f aa d3 69 34 f8 b0 3f 9a 25 1f 2e 8a f7 b3 f8 fd 24 8a 93 fe 0d cf ae ae 8e 4f fc 70 3a cb 47 de f1 f1 ca da fa 6a f7 24 b8 e4 7f 7b 5e 11 a8 20 f6 fb 4f 2e 2f a2 cc c9 fb b1 b7 b2 b6 b1 d5 f5 83 ac ef c5 de a3 ed 47 2b 7e 10 7b db 5b 6b eb 5b be 1f a4 78 be be bd d5 5d f7 83 84 ba 6e 6e ae 6f f8 41 84 3f 37 57 b7 d7 56 fd 60 8c 3f Data Ascii: 00000001000000010000000100000ffd]ywF>z1SLVXr.HnBy;fXlt7l\9yr5>?i4?%.$Op:Gj${^ O./G+~{[k[x]nnoA?7WV`?
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 0d 1a 10 c8 7a 0d 47 31 70 32 ca 10 5f 38 8a 72 af f0 77 27 61 4c 72 64 3f 9d 25 45 36 7f 15 4d 14 5a 7b ae 8c 77 65 93 d2 ac f8 6a 6e 5e a7 99 b4 b6 5e a1 8c 7e ff 68 d7 3d 44 67 e7 74 ee 68 f4 ba bd d6 8e 2f ab 8e 16 7f ba 3d 33 5c bf d8 da 88 fa eb 79 bf 20 0c 65 72 ab db ae fb 7d 0c ae a2 ed ec b9 f6 d4 37 74 b6 bb f5 64 bc 81 de 42 77 45 cd c7 fb 27 21 90 3e 88 0a ef 18 4c de 86 dc 0f 6a 8e fe 27 61 0e 6c 78 90 34 81 a2 03 56 76 2a ee b7 e2 3c c8 db da 55 29 15 e3 70 9c 0e a2 b1 da 4f 27 d3 28 53 5e ee 93 68 5a 7c 8c c7 e3 77 53 a2 50 ec db 65 c1 db ea 5a b4 ed 82 08 19 42 ab 0d f2 78 09 71 7d 33 c8 f5 17 a3 28 19 8e 15 11 b1 91 1a 32 37 88 72 4a 72 38 3a 07 a3 13 b7 b6 8b 97 eb 59 d5 70 58 53 20 95 00 d9 42 8a 41 6c f6 94 37 66 ea b7 19 78 e5 eb 78 Data Ascii: zG1p2_8rw'aLrd?%E6MZ{wejn^^~h=Dgth/=3\y er}7tdBwE'!>Lj'alx4Vv*<U)pO'(S^hZ\|wSPeZBxq}3(27rJr8:YpXS BAl7fxx
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: a4 b4 77 30 5e c8 23 25 e7 da 01 1e 1e d8 b4 3a 8e ce 8d 74 8a c6 f1 39 53 dc 59 67 00 4d 5a 65 10 47 71 9e 1a 89 50 92 10 86 3c 31 93 07 ad e6 3d 3c c3 c6 0f d0 fa 3c 2c d2 83 f4 a3 ca f6 a3 1c 26 19 8e e1 c1 78 06 d6 f4 54 fd 01 a6 31 2c ac b1 a0 19 5d f6 46 90 50 ee 0e ef da ad cc fa 1a 08 78 6d 23 80 39 be 22 77 83 8c 49 ce 27 0d 50 40 f2 ab 2e 5b 1b a7 de 3f 05 f3 56 6e ad 06 db 6a df 61 9c b3 ff 35 28 99 f8 40 7c cb ae e6 ba a3 8a 31 0f 2b 27 b3 79 fa b2 e2 43 cd 0f ac c2 d7 18 d1 56 ea 7d 38 c6 8d 28 5d 2c 76 f6 bc 63 d0 68 12 4e b5 77 df 87 ab 1a 1e fc 9e 38 c5 17 fe 49 f0 94 9e 15 29 b5 06 fa 70 35 bc 02 18 d8 ef e8 07 d7 4d f3 55 9a e2 d4 48 96 e6 29 8f 95 3f 33 05 a3 ed 8f 4f 60 11 ec f2 24 e4 64 56 3e 7c 6b f5 f5 1b d1 4f c2 e9 b3 07 09 d7 7c Data Ascii: w0^#%:t9SYgMZeGqP<1=<<,&xT1,]FPxm#9"wI'P@.[?Vnja5(@\|1+'yCV}8(],vchNw8I)p5MUH)?3O`$dV>\|kO\|
2024-10-24 09:44:05 UTC	270	IN	Data Raw: d2 c4 d8 7c d5 9d 1b ad 17 71 1e e3 d8 d4 69 0b 8d 87 67 71 96 17 87 e4 c6 86 76 22 51 4a a4 c5 ac 70 d0 1b 56 38 42 f1 3c 73 bd db b3 64 38 4d e3 a4 20 3b bd 0a d6 eb 50 6d 63 2d c2 80 da 4c 24 0f 88 2c 51 9a 11 c7 e5 e9 09 85 da 62 84 28 29 9b 2c 53 51 9f 99 26 78 09 f7 44 b1 80 bf d9 5e b6 3d 31 3d 53 bb 2e ce 74 24 dd f4 dc 07 55 10 5f bf 66 d7 ce 80 42 fe 03 e5 43 d9 9e 21 28 43 ee e2 97 60 4c b2 ae b7 d2 5d 40 e4 0a 8e cf d8 e2 7f ce 61 7f 68 97 48 55 20 5a 22 35 40 e2 ab 3b 39 7c f4 38 82 54 78 3a 47 18 1a 2e 0a f6 fb b8 3d 23 b0 29 b2 d3 c0 51 5f 21 52 31 27 8f be 18 a3 82 80 32 d3 44 b6 cc f3 77 78 36 bd c9 6e 8f 75 05 a3 4b b0 1c e6 71 02 a0 87 23 17 ff bf 5c d8 50 e7 7e 80 06 c4 c6 39 81 a5 a7 75 1a 52 d9 4b 00 ec 88 4b 6c 22 2e 10 e9 32 04 4f Data Ascii: \|qigqv"QJpV8B<sd8M ;Pmc-L$,Qb(),SQ&xD^=1=S.t$U_fBC!(C`L]@ahHU Z"5@;9\|8Tx:G.=#)Q_!R1'2Dwx6nuKq#\P~9uRKKl".2O
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 84 0d 0a 30 30 30 30 30 30 30 31 0d 0a d6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 43 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 67 0d 0a 30 30 30 30 30 30 30 31 0d 0a cb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 01 0d 0a 30 30 30 30 30 30 30 31 0d 0a d6 0d 0a 30 30 30 30 30 30 30 31 0d 0a b6 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5e 0d 0a 30 30 30 30 30 30 30 31 0d 0a 3f 0d 0a 30 30 30 30 30 30 30 31 0d 0a c8 0d 0a 30 30 30 30 30 30 30 31 0d 0a ea 0d 0a 30 30 30 30 30 30 30 31 0d 0a c4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 03 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2b 0d 0a 30 30 30 30 30 30 30 31 0d 0a d2 0d 0a 30 30 30 30 30 30 30 31 0d 0a 69 0d 0a 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 Data Ascii: 000000010000000100000001C00000001k00000001g0000000100000001000000010000000100000001^00000001?0000000100000001000000010000000100000001+0000000100000001i0000000100000001
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 4e e3 4a ee 88 95 a9 33 41 ca 50 2c 61 42 70 55 e5 55 a5 b8 15 e0 26 f1 03 41 06 48 f4 df f8 6b 59 8d 14 85 d2 45 72 53 72 ae 88 39 b9 f3 5e 8e e4 00 2a dd 31 b0 95 c7 2a 96 2d b9 bf 6f a2 62 04 ad 03 61 9b 21 6b 72 a0 84 04 1c 05 87 3f 6a b2 9e 1f bd 3c a0 a1 26 6e c7 6e 6d e6 8d 6a c5 0a f9 bb a5 b5 46 9d f9 d0 41 60 41 27 0a 4f 33 45 29 d2 4f 25 37 8a ec 6a ae 8e 22 83 a8 96 06 1c 72 34 10 e5 65 38 d4 15 47 51 86 2f 10 9d f0 d8 a0 37 69 92 be 44 a3 58 92 48 19 99 e8 cf 1c 41 91 a3 04 01 33 fd 8a 42 c7 e6 fa 28 f7 aa cd c8 12 c3 d5 73 ed e5 4f 01 be 7d 9a 64 46 2f cc e4 6d af cf 10 a6 32 81 3e 94 8b d5 27 03 82 af 9f 2a 35 53 a5 d5 54 3b 79 5f fc b8 e4 20 33 85 38 14 5b da 6d 26 a4 f4 2e 19 d2 1e 4a 74 28 15 5e 47 79 38 5b 3c de 8d ad a6 85 44 f4 70 f6 Data Ascii: NJ3AP,aBpUU&AHkYErSr9^1-oba!kr?j<&nnmjFA`A'O3E)O%7j"r4e8GQ/7iDXHA3B(sO}dF/m2>'*5ST;y_ 38[m&.Jt(^Gy8[<Dp
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: d4 67 b8 0c 83 b6 fb 0c 09 12 2a c4 72 f4 71 6f ca 7c 98 ae 2d f9 46 95 c7 ae 83 28 8a 63 ab 80 5a 37 af e8 5a 18 b5 a1 ad 06 40 80 15 ee d5 50 32 b9 f8 da 75 77 53 0f ec af 4c 6b 91 47 d5 60 29 63 e6 e5 7c c9 4a fb 76 eb 71 b7 51 85 74 ab 96 a5 9d a4 36 bb fe 84 9d fc 69 49 30 2f 6f 9a c3 4d a2 63 38 93 82 4b 11 bd bf fa 0e 1d 9b 0e 39 71 c6 d1 9c 4e 7f da 2b 8d 6f 67 12 0d 15 55 41 9d 65 0a c9 93 03 3e f3 f2 52 18 5a b9 f8 02 e7 75 a2 aa 14 3f 62 e0 1a f1 a9 d5 b0 2a a3 5f 23 05 9a 6d db 01 61 51 ef 57 58 f3 57 86 7a 8d 78 b8 ab 88 22 d9 2f 14 ff d5 1c 62 97 94 8e bb 52 bd e4 94 83 74 65 18 51 f3 05 dd a4 61 e3 8c 4c 70 34 44 85 ee d4 a4 e9 da d9 b3 24 ca 98 91 2b 41 28 5a 06 3c ed 7f 50 12 6a 2d a5 21 0c 59 0b 2a 05 98 45 cd b5 36 8b a0 75 7b 29 9c 1a Data Ascii: grqo\|-F(cZ7Z@P2uwSLkG`)c\|JvqQt6iI0/oMc8K9qN+ogUAe>RZu?b_#maQWXWzx"/bRteQaLp4D$+A(Z<Pj-!Y*E6u{)
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 11 d5 70 54 c2 95 fb 7a e3 b5 08 74 1d c2 14 e6 54 c0 37 78 5b f7 a1 c7 e1 10 b7 4d 5f ee ad b0 bd 77 1a 3c 3d e2 3f a6 c1 8f 53 fe 63 12 fc fc 0d ff 31 0f 7e 3b e3 3f 66 b8 df 91 2a 98 e8 16 f5 cd 47 9b 5d be 9f 93 ae 03 df 7e b4 2e 77 a7 eb bb d5 e9 ee 74 b9 52 1d 29 7e e6 c2 f3 ea f6 04 dc 33 40 97 b2 07 fa 5e 02 a4 73 e0 26 02 9a 18 f7 6c 1f a7 27 b8 44 9b 92 01 25 d7 a9 ba 1c 40 07 c1 39 89 25 86 00 5a 44 7c cb c0 ae c2 1d ec bd 37 f0 dd 21 fd 8d b2 db d2 f1 05 35 49 0a 3c 5e 61 55 86 8f aa 33 bd ba b3 c1 94 d9 92 c4 43 82 56 59 b4 ac ed 19 ae 7a d7 d3 5b 45 ca 34 31 c3 8c 54 6f 5d 48 4d d7 92 57 8b c4 dd e7 c8 06 a1 bc 50 dc be 80 74 d0 c0 a5 8b 15 38 34 5f 56 3d 22 bd a9 d1 87 6b 6a b9 53 e2 49 ba 0e 1d 39 8b aa 2c 7b 40 b8 33 01 f0 6a 11 98 07 89 Data Ascii: pTztT7x[M_w<=?Sc1~;?f*G]~.wtR)~3@^s&l'D%@9%ZD\|7!5I<^aU3CVYz[E41To]HMWPt84_V="kjSI9,{@3j
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 6c 6b 27 2f f6 97 98 b4 30 00 93 d0 05 ae 41 8b ec 69 6c 20 10 28 17 96 42 97 c2 70 25 d7 da 91 5b 55 2e 29 a0 30 f1 1d a8 0a 0b 59 da 1f 73 87 95 5e f5 6d 9b 20 ae 5f bd 0f b4 a6 32 6f c4 00 f0 a7 56 55 ce c6 f8 8a 25 47 1a 33 cb d6 48 79 40 03 3f 57 57 1c 45 e0 40 6e 9d 2e 45 be 8d f9 db 6a 3a 4c 4c c6 82 16 90 e2 72 31 d0 b6 61 5e 12 bd 78 77 f9 32 4a da 23 62 38 6e b1 b7 c5 aa 96 96 ab 23 b5 9c a0 54 05 f9 b3 01 33 43 a6 d3 5d 9b 8f 4a 14 ec de 65 5d 25 60 d0 0f 98 4b c0 bd 36 68 56 e9 9d 80 e6 9b af cb a1 ec ae 1c 41 bb 6a 8f b2 aa ec ec 05 35 41 a5 f3 a3 9a 8f 04 90 ce 83 b0 e7 ca 0d cd e2 da 01 5c 24 02 ab bd 0d d7 1a 23 86 15 48 f2 e9 dc aa 43 2a bd b0 27 54 66 42 a8 33 3c 21 c4 f7 22 e0 2f 05 5a 2e 3d da 65 72 ce 69 df 1b ca c7 cd d7 0c e9 c3 86 Data Ascii: lk'/0Ail (Bp%[U.)0Ys^m _2oVU%G3Hy@?WWE@n.Ej:LLr1a^xw2J#b8n#T3C]Je]%`K6hVAj5A\$#HC*'TfB3<!"/Z.=eri
2024-10-24 09:44:05 UTC	561	IN	Data Raw: 7d 76 f7 96 91 f0 fa cb 95 d2 08 cb 02 36 5b 43 b4 f5 40 51 7c cf 20 93 ce 20 93 90 59 7f b3 f2 ea 40 2d a3 af 21 96 f6 59 bb 92 46 ea 8e 51 08 e9 9c 30 c3 2a 7b ec ae e3 58 1f 2e 4b 1a 96 15 e2 83 60 0f 2a e5 1e 65 ab 0e ad 6c 55 c4 47 12 f2 a8 ef 1f 1e fa de 80 b2 55 87 fe ce 21 27 ab a6 94 8e 0a 1b b7 c0 07 8b e4 a3 54 9c 56 45 79 96 fb 76 a6 2a 5b b6 65 92 e5 75 63 ab fc d4 da e0 da de 57 59 7d d7 cd 62 65 8c d6 a6 b1 14 bc 3f 37 89 75 14 dd 3e 91 98 6b 4b 08 61 e4 2f 8f ae b2 37 6b a0 8b f6 57 75 df ef 9b c5 37 d3 19 25 5d 5b 30 56 16 d4 52 5a e3 3e e2 7f ab ab 9b db 1b 6d 2e d0 47 1b eb 5b 72 57 6b 82 b0 0e 2e 20 8a bd b5 ed 0d 7c 09 07 f7 0f 22 44 e7 a5 74 fd 20 5c a5 db db 9b 8f 28 df 10 df 7b f7 e8 63 eb 3b e3 30 46 f6 18 28 62 2c d7 f4 1d c3 2b Data Ascii: }v6[C@Q\| Y@-!YFQ0{X.K`elUGU!'TVEyv*[eucWY}be?7u>kKa/7kWu7%][0VRZ>m.G[rWk. \|"Dt \({c;0F(b,+

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
140	192.168.2.16	49905	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/30192.1c2ba98f9e3aa24d1929.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 2a511da9cd66121d7c08ee7d9f16b424 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 09:22:07 GMT Expires: Sat, 18 Oct 2025 09:22:07 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 519718 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 31 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 02 ff ec 7d 7b 77 db 46 92 ef ff f7 53 c0 9c 8c 96 cc 80 30 49 89 92 48 9a 56 3c b2 b3 d7 67 ed 24 6b 39 b9 e7 5c af 8f 03 02 4d 12 31 08 70 01 50 32 47 e6 77 bf bf ea 07 50 78 50 0f c7 f6 9d dd 75 9c c4 12 fa 5d 5d 5d 5d ef 6e 6d 52 61 a5 59 12 78 59 6b d2 4e 45 38 77 ae c4 6c ed 7a ef cf 97 9b e8 fd 65 f6 6e 13 bc 5b b9 41 34 bd a1 ec e3 c7 37 6f 3b ce 7a 93 2e db 6f de 1c f6 fa a3 81 7d d8 3b ee f7 ec 51 ff 68 78 64 0f 87 27 a3 c1 5b fb fa f0 f4 e4 e8 68 dc ce 6c 61 07 9d e9 e3 eb 4b 37 b1 d2 69 d0 3e ec f7 4e 4f 3b 76 8c 1f 8f 4e 4f 7a 47 1d db c5 8f fd e3 e3 a3 61 c7 4e f0 e3 f1 e0 f4 70 d0 b1 23 fc 38 3a 1e 9d 9e 74 ec 90 7e 1c 1e 53 33 0f 3f 9e f4 fb c3 e3 ce 24 14 99 e5 db 1b 7b 6d 2f ed 99 7d 39 Data Ascii: 0001000}{wFS0IHV<g$k9\M1pP2GwPxPu]]]]nmRaYxYkNE8wlzen[A47o;z.o};Qhxd'[hlaK7i>NO;vNOzGaNp#8:t~S3?${m/}9
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: d2 76 d6 39 63 24 65 09 ac 5c 4a ac e4 87 7f e6 fa 0b 61 e1 38 82 1e f9 dd 75 80 ed 9d 2d 40 0f b0 ab 19 a8 7d 80 4d 55 18 48 9f 0c 26 3d 8f cf f5 06 29 52 61 ce 53 65 74 bb d5 6f 3d 50 87 aa 52 72 d6 4a 5b e3 d8 89 62 9c b8 68 01 ea 6c 7e 94 87 11 6d 0e 0e e8 54 3e 98 4e db 02 24 bf d8 4a d0 78 75 0c 51 24 0e 0e 84 13 83 26 05 11 5f e7 0c eb 9c dd 71 9d 31 6e fc 20 db 76 fb 3d 89 a9 66 7d 86 04 62 5d 00 60 e2 48 fa fb d2 5d 77 da d7 2d 40 c7 77 a3 05 a8 25 28 41 31 31 3d 11 ba 38 9d f3 82 82 fc 2c a7 e7 fc 6b 1c 2f 42 f1 1a c4 c0 cd 9e 83 18 87 76 4b 9e 1e d5 53 57 ac d6 4b 37 0d 00 93 3f d5 25 a6 16 44 f3 f8 3e bd fc e2 26 59 24 12 3d 9d 4f 6e 8d 91 d3 8d e7 89 b4 79 09 d8 ac 3b 41 e5 e0 a0 61 fd 7b 1a 97 67 ae 47 bf 19 92 7b 7a aa 6d ce 27 4c 83 ce 5f Data Ascii: v9c$e\Ja8u-@}MUH&=)RaSeto=PRrJ[bhl~mT>N$JxuQ$&_q1n v=f}b]`H]w-@w%(A11=8,k/BvKSWK7?%D>&Y$=Ony;Aa{gG{zm'L_
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 1a d8 d9 8e 76 e5 57 b6 4f a4 b2 fe a6 34 fe 14 a5 31 f8 1e e0 c7 3f a6 6f 5a a4 7c 6a d9 c0 3d a5 36 87 e2 07 bf 29 b5 05 7e 68 d6 0a a1 80 49 78 f8 ad 90 e5 f0 4b 5d 6a c3 c7 92 7c d6 7a 2b a9 ff cb 29 34 3e 37 f0 c3 10 47 ad 20 bd 50 d7 df 93 08 bc a3 92 7a 7e 0c 92 34 7b 11 bb a4 4e 85 8e 5a 61 f2 83 b6 64 92 8c 74 24 7c a5 ce 78 42 3a ef 14 22 33 e9 b7 8b c2 97 6e 78 05 65 ed 93 c8 7f 0d 6e a3 5e 7e ee ae d6 6e b0 88 ea 25 50 5d 31 05 4a ad e3 57 62 1d 27 59 bd d9 6f 9b 10 8a 0c 77 16 84 38 87 82 54 b7 37 4e d8 09 b1 3c e1 13 75 29 4f 9c af ca 09 52 0d 85 8f 1f 2b d5 2a eb db db 5d b5 de fe 1e 73 88 ec ed ab a8 b1 bf 97 32 f4 f6 76 55 a9 b6 bf 3f 0d ee bd 1d 99 f2 fd 3d 54 36 66 6f 4f d5 7a 79 8f 52 6d d2 88 a7 cf 48 02 33 46 14 45 ab 6c d8 b6 ec 5c Data Ascii: vWO41?oZ\|j=6)~hIxK]j\|z+)4>7G Pz~4{NZadt$\|xB:"3nxen^~n%P]1JWb'Yow8T7N<u)OR+*]s2vU?=T6foOzyRmH3FEl\
2024-10-24 09:44:05 UTC	233	IN	Data Raw: 37 0e 66 7a 5d 61 2d 2b ac a5 b4 94 ff ba e7 f9 dc 48 42 96 82 91 a5 d8 68 18 8a 3f d7 11 6f ed 1b 82 1f fd 00 52 5c d0 74 f4 33 7d 62 03 83 91 81 d3 7c f4 b3 b3 4c 1e 7d 97 74 af e5 53 6f 7c 89 6e ed 83 8c 0a f2 d4 ef 3d f3 ac 8b 06 ea 9f d3 01 86 2f 5b e0 cb b6 86 fb 0a d9 ba 72 b2 1a fb 19 fe 35 e3 79 ad 8d c2 74 e2 af 35 9a bf 82 a1 1d 92 c9 ab 5c f0 da 87 eb 65 f9 6a 0f a6 2f 30 f3 c5 7f 47 4c 2f e0 f3 65 d0 9c f5 ff 65 70 7c 11 c6 33 41 04 f1 ff 17 9e 17 6c 50 13 ca cf 81 38 f3 1a ca e7 38 a7 f1 3d ff bd 19 db f3 62 59 bd 86 ea e7 75 21 bc 40 76 18 e8 62 28 bc c3 fa 4d 74 85 a9 5d fd 57 c1 e9 32 e7 a5 57 5c a1 d3 9a f3 32 ae c7 4d bc df 0d ec 57 ab b9 d3 02 6b 99 72 7f 9f a6 82 0d 0a Data Ascii: 7fz]a-+HBh?oR\t3}b\|L}tSo\|n=/[r5yt5\ej/0GL/eep\|3AlP88=bYu!@vb(Mt]W2W\2MWkr
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a bb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8a 0d 0a 30 30 30 30 30 30 30 31 0d 0a 99 0d 0a 30 30 30 30 31 0d 0a 21 0d 0a 32 30 37 39 0d 0a 67 65 52 74 ee 6b ce d4 7e 4a 95 97 33 bb 05 ff 17 e4 ea 4c ad 03 bb 43 67 9c 31 6a e4 15 83 b3 a0 72 61 98 19 6b 25 d4 1d 06 61 2c e0 1d af 83 ef 80 80 df 11 02 ba 15 c7 2c 1e 14 91 c1 8d 42 80 df 7e 37 0b dd e8 3d dc de ee 1e f1 42 95 b9 2f 3b 39 a9 d5 22 25 2a 41 2d a5 38 10 ed 01 d6 c8 ea 19 0e 53 b1 0a 9a 53 b0 7f ff ee 9a e2 0b 76 c4 76 31 7e 52 72 8e a4 fb Data Ascii: 0000000100000001_00000001L00000001000000010000000100000001000000010000000100001!2079geRtk~J3LCg1jrak%a,,B~7=B/;9"%*A-8SSvv1~Rr
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: fa be 81 3e e2 88 3f 99 fc eb 7e 6d c3 bb 35 e3 7d cd 61 a6 6a dd 67 60 df 14 60 df 4c 6f f5 c4 44 6d b8 d7 d4 c0 fe 0b c0 fe cb 97 01 7b 65 ea 05 cc 6b be 34 95 9a 9c ee ac 0d ec d7 7f 02 f6 95 fe ed d6 65 85 41 e6 f7 2f 45 47 c2 d3 94 12 c1 c8 80 f1 52 74 e4 9a a2 23 97 9d c9 af 32 3a 32 71 fe bd d3 46 98 de 4b 1e 09 d9 24 51 17 41 80 37 34 6c d0 1f dc af 5d 4e 52 f3 a0 f4 1b 46 cb 55 fe ca 61 f0 2e 4d 14 cf a2 b8 28 e9 84 77 97 46 7b 34 5f 77 5a 59 41 1a 5f 33 af c3 7b 36 ad 5c f8 f7 6c 9d 5f 59 f7 6c 57 26 b6 f7 6c ac 69 c5 3d 5b 55 b0 bc da ba 1e ca 5b c4 bf 96 10 18 f7 c2 73 ff cf b4 26 99 aa 68 ff 72 aa b0 30 86 55 a2 9c e7 80 2b 79 48 29 81 64 07 71 b8 59 45 14 f9 fa 12 91 af 32 c2 94 45 be 22 a4 f5 74 d4 d7 1e c7 14 b4 aa 92 96 95 d2 1e 04 ed d3 Data Ascii: >?~m5}ajg``LoDm{ek4eA/EGRt#2:2qFK$QA74l]NRFUa.M(wF{4_wZYA_3{6\l_YlW&li=[U[s&hr0U+yH)dqYE2E"t
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 57 65 77 ff cf a1 8b a3 65 b3 41 6e 54 c1 81 e3 92 fa 57 30 73 d0 5b c3 d1 d4 30 d1 f7 53 c1 11 ab 5b 11 a3 18 ab 2b 7d 83 70 99 c0 e5 30 e5 ec ae 62 b8 cb 28 ca 19 ee 5c bb 58 59 11 5d 2b da 99 8c 3c f2 6f e0 f7 8b 28 96 78 1a 3b 7a 0a fc 88 31 ff 9f 3f e2 20 6a b7 6c ab 6c 45 df c7 ac 56 18 7b c6 ac 32 b7 96 3d cc 2a 14 9f 35 dd 97 11 18 4a 69 9a f6 b0 c3 2c 29 93 b4 1f 40 ac c5 ed 2c 53 c4 e9 f4 e9 0c f8 94 97 09 49 7d ea fa 33 4e 74 6a 2c 81 92 44 b0 35 37 84 b9 dc ca 21 ab 11 94 43 9a 66 92 d9 a0 37 b1 c9 ac da dd 18 e5 cb 92 f1 7c c5 6f 77 d6 57 71 c7 af a6 aa c5 cd 0a 30 be 80 9c 5b 5e e1 c6 97 86 bd 7b df f8 27 fd 5e 1f e9 6d e5 33 48 48 a4 de 53 0c b4 ce 9d 8e 44 b9 f9 1b 47 eb 6f 97 f7 67 ba bc 97 94 5a ad 9c 2d d2 75 9e 5e 4b 4d d2 ed 4f 1b a9 Data Ascii: WeweAnTW0s[0S[+}p0b(\XY]+<o(x;z1? jllEV{2=*5Ji,)@,SI}3Ntj,D57!Cf7\|owWq0[^{'^m3HHSDGogZ-u^KMO
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: e0 41 e8 e7 c8 8b 1e 21 99 af b7 2d bb 78 3c 50 c9 ae c5 c4 ce 51 fe 1a 0f 85 e7 ea c1 fa 08 4a 70 27 17 24 f2 af ed ca 24 4a e8 92 5e 16 97 fc 92 2e 80 f6 02 e3 ba 01 a4 34 55 93 82 10 84 04 0f d1 75 99 86 75 9a 3f 46 a6 83 0c 1f f7 99 5d 23 2f 7c d3 e7 cf 96 f5 df ea 3c 0c 3e 99 44 e6 81 48 26 9e f3 9f ef f0 9a 1a 81 5e de 88 3a be 42 4e a9 78 cc 8c 94 ef ac 44 36 32 09 43 5e c9 b4 42 90 d3 5f 89 ff dc 04 89 f0 91 c5 dd c7 0e 9e ab 60 11 e4 ab c4 13 c5 95 2f 7e 47 09 b3 6a 60 b3 e7 f4 2c e2 32 98 93 22 47 cd b3 52 bc c6 93 f1 28 53 d8 53 2e 9b be 71 1c 4c 90 74 2f 25 34 7a 0b d0 b1 d4 ed d7 f8 15 b0 c4 bf 7b 77 4f ab 90 74 34 49 b1 ff 12 a3 f2 77 eb 00 10 0a 64 0f bc 20 de a4 32 f3 05 8d 22 16 71 b2 c5 80 e6 bd 78 88 e0 19 26 44 08 bc b3 ba d0 63 cb 8d Data Ascii: A!-x<PQJp'$$J^.4Uuu?F]#/\|<>DH&^:BNxD62C^B_`/~Gj`,2"GR(SS.qLt/%4z{wOt4Iwd 2"qx&Dc
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: a2 45 f2 3d 42 31 ac 8f 60 79 d6 5c fc 05 0f 01 7e 46 8a 2c 74 f8 db 2d c3 23 81 9d 60 31 fa f2 62 a4 f7 5b e8 69 3b aa 98 b6 f1 d8 86 1a 4d 71 ed 17 b8 b2 64 fe dd 1b 04 67 25 9a cb 59 f8 88 d6 bf 71 1e 39 7f f7 85 27 a2 e4 26 2e be 6b 90 80 8b 8c 25 48 72 31 9e 26 fe dc ff 64 b8 10 8f 22 e1 58 d7 28 00 30 6a 54 f5 96 bd a4 a2 60 29 ee a4 52 d8 d7 67 bc 16 91 e9 95 b1 29 d4 a7 9c 45 1c fd 8c 1a 8a cc 91 cc 2f d9 18 50 16 30 04 4d 42 95 52 6d 04 b9 ca 01 bc 22 f2 69 2b f9 5b 3e b4 fd 4a 40 c6 12 97 d0 20 14 32 9a 89 63 be 85 a5 f2 c2 18 4c 37 c4 d7 24 74 71 15 5f ef a3 ed 1d fb a8 d7 93 71 d3 c4 15 6c d2 0e 25 83 94 8c 18 45 9a 93 e4 5d 16 ae f3 62 50 67 e7 35 04 62 7a b0 49 bd 0a 4e 8f d8 83 d3 b7 30 c3 a3 de 91 64 7d 75 9f 9c d2 36 b4 d2 b0 fb 29 ce 7e Data Ascii: E=B1`y\~F,t-#`1b[i;Mqdg%Yq9'&.k%Hr1&d"X(0jT`)Rg)E/P0MBRm"i+[>J@ 2cL7$tq_ql%E]bPg5bzIN0d}u6)~
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 0b cd 01 51 a9 33 1f 7a 27 23 8d 7a 06 18 95 2a e2 d4 3d 71 f5 e9 d1 00 a9 d4 e0 64 4a 01 a5 52 81 93 20 49 31 f5 19 1b e2 78 81 cb 95 ff 53 8b 95 04 36 3f 9f 38 a2 1a 54 73 84 7f 75 91 fc 39 85 4a 38 09 e6 63 ab 75 21 0d aa d6 05 be 91 4c 85 58 d4 57 f1 2c ce 62 f3 f7 d3 c4 9d 67 b6 f5 bf 05 f4 98 c4 1f da d6 93 24 70 43 db 2a 7a 51 43 ca ae 61 41 8c e1 f4 e9 81 96 9b 9e cf 11 b0 a1 7b ce 4b 55 8b 45 82 e7 87 89 f5 b4 88 37 75 13 84 29 a9 0f 6d dc fa be 58 d8 16 68 8f db 36 2b d3 6b ec 39 7d e8 79 9b 8b 20 9e a8 5b 32 f6 b7 5d 39 21 f5 be ca 18 51 1a 49 5b 16 55 20 50 6b 20 b3 3f f6 a1 84 aa f6 74 25 e8 18 8f 2d 1c 7d 56 24 b9 ea a5 2e ea 3b e6 7e a3 f1 61 11 89 89 e4 82 53 c0 15 cc da c8 02 b5 39 87 20 a9 44 00 8f 8e 58 f9 8c a8 77 7e 13 ca 58 07 1c 0f Data Ascii: Q3z'#z=qdJR I1xS6?8Tsu9J8cu!LXW,bg$pCzQCaA{KUE7u)mXh6+k9}y [2]9!QI[U Pk ?t%-}V$.;~aS9 DXw~X

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
141	192.168.2.16	49906	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/51452.bfed120085deab858144.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:05 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 4056fdd31dca38231ff99256b2a62956 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:52:48 GMT Expires: Sat, 18 Oct 2025 08:52:48 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521477 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:05 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 66 66 34 0d 0a 69 63 1b c7 91 f6 f7 fd 15 23 d8 d6 02 ce 00 02 78 13 14 a4 c8 92 9c 28 96 2c af 68 3b bb ab e5 2a 03 a0 41 4c 08 60 90 99 01 0f 53 f8 ef ef 53 55 dd 3d 3d 07 48 4a 96 23 67 df 11 6d 12 e8 fb a8 ae ae ae b3 b1 4a 94 97 a4 71 38 4a 1b 47 cd 44 cd 26 9d 0b 35 5c 06 a3 b3 a7 d3 d5 e2 Data Ascii: 00000001000000010000000100000001000000010000000100000001000000010000000100000001000000010000001}0ff4ic#x(,h;*AL`SSU==HJ#gmJq8JGD&5\
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 70 d6 39 0f 66 2b b5 6e f9 1a 93 a1 7c 35 b4 00 c8 05 7c 01 64 ea b1 7c ec ab ce 3c 58 32 10 3a 60 31 04 58 0c 1d b0 a8 d8 07 4c c7 cb a0 d6 ac ff 34 1c ab 27 8c 81 93 ca 65 66 98 d2 bb ec 31 8a 19 34 26 17 ed 21 36 94 52 79 d9 73 3b c0 30 a2 0b 12 a0 a1 e8 f8 aa 8d 23 9b 86 41 7c 85 3a 6d 2f 18 01 ad 8e c3 c5 a9 97 46 9e 00 9d 47 6d 20 4b 83 51 1a ce 55 3b 38 8d bc d5 22 bc a4 2f 66 6c 66 83 4d 01 da 4d b3 f5 b9 5d e5 f6 4c e9 ea d5 e0 6d ce 0e b2 7f af eb 03 79 87 8b b3 c7 ce c2 2e b0 b0 0b 2c ec c3 c0 9b c6 6a 62 20 34 05 ee 54 38 06 ef 86 b3 60 71 d6 78 24 4b 10 3c 02 e0 48 1b f8 c3 4b d7 c2 7e f1 07 24 c8 54 39 67 ae 80 27 e7 4b 7c 16 90 48 dc 3e 67 e8 73 c6 9b c9 8b 29 07 4e 97 93 ae cc ac b9 3b 9d d3 ea 37 80 06 5b ad 75 01 bb 00 b3 02 7a 93 d4 8b Data Ascii: p9f+n\|5\|d\|<X2:`1XL4'ef14&!6Rys;0#A\|:m/FGm KQU;8"/flfMM]Lmy.,jb 4T8`qx$K<HK~$T9g'K\|H>gs)N;7[uz
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: c5 1a b7 c0 d6 01 7c 80 94 a6 17 d3 08 87 f0 34 8a af 04 e6 98 9c 66 f0 c7 1b 8b ee c8 6f c1 a2 78 aa 8b a0 9e 29 4d 35 81 07 c6 60 84 1e ab 20 1e 4d 1f 17 be 03 69 58 c6 17 38 40 c2 47 d3 7c 1e ec de 4c fd 10 9e 47 29 78 4f c2 ad a1 3d 8f 12 35 b6 a9 0e 80 af 00 e0 2b 06 70 c6 0a 7a 4d 81 4b c3 f3 70 bc 0a 66 6d 0b ec e6 31 28 ab 63 5e 68 98 28 71 ac 64 fd f9 28 d1 5b 0d 8f b5 dc 38 5c 4e 99 f0 7b a6 e8 77 7a c7 7e e9 96 70 1f a9 ce c6 67 db e7 20 38 1e 5b 6e 01 69 93 02 5c f3 e0 24 82 6a c1 7b a7 41 ef e1 f6 98 d8 30 71 a3 df b0 d4 1c 1e 7b d9 3e 80 93 61 37 73 5d 5c c4 f2 94 26 98 d2 e4 ae 53 d2 40 67 17 53 f3 42 cf d4 55 02 48 c8 0d be 25 c8 29 ce 21 a6 73 74 76 ce 9d e5 d6 c6 c2 30 96 a3 bc 0c 6f e3 13 20 38 da 9e 4a 00 6c 5d 83 a1 cc f0 49 90 da c2 Data Ascii: \|4fox)M5` MiX8@G\|LG)xO=5+pzMKpfm1(c^h(qd([8\N{wz~pg 8[ni\$j{A0q{>a7s]\&S@gSBUH%)!stv0o 8Jl]I
2024-10-24 09:44:05 UTC	373	IN	Data Raw: 57 1e b4 82 bc a1 52 d0 48 a1 5f e0 a7 3d 1c a2 f9 c0 5c 4f b7 90 1a 45 be f1 2d a4 87 26 df c0 2e 40 47 60 e9 c6 a4 48 b3 60 09 94 f7 74 1a 43 1e 04 89 17 f2 30 59 ec 21 28 15 1a 8b 56 4d d0 75 65 4a 39 75 99 8c e5 db 06 3e 00 4f 5e df 6b f3 21 38 6e 37 29 f4 bc 80 9c 0c fc 77 3c f6 a1 44 a4 75 78 dc 61 80 9d 06 c5 35 08 ae 50 e8 34 10 65 0b 1a 86 dd 00 51 2a e0 4e 71 bb e5 98 db ee dd da 06 c3 6a 09 26 1a 09 a6 b2 1b 73 33 06 83 9c 84 5e 04 56 bb 84 e5 22 46 b3 24 7f b9 d2 fa e8 1b 78 73 7b 54 88 d9 8b 66 2d 6d 1d ab f7 24 2b e7 14 a4 f2 86 64 9a 45 a7 d1 4f f1 cc 25 52 9f 00 48 9f 30 90 4a ef c1 39 8e 13 b6 93 98 5e 83 46 8c 9b 1e ca 4e ed 11 8b 30 bd 70 7e 0a ce f1 6a 3e 5c e0 a5 80 1d 71 18 e8 76 92 71 70 71 1c 8f 0c 8b df 0c 50 9a a5 81 18 21 a1 1e Data Ascii: WRH_=\OE-&.@G`H`tC0Y!(VMueJ9u>O^k!8n7)w<Duxa5P4eQ*Nqj&s3^V"F$xs{Tf-m$+dEO%RH0J9^FN0p~j>\qvqpqP!
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 17 0d 0a 30 30 30 30 30 30 30 31 0d 0a ad 0d 0a 30 30 30 30 30 30 30 31 0d 0a ca 0d 0a 30 30 30 30 30 30 30 31 0d 0a 39 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 15 0d 0a 30 30 30 30 30 30 30 31 0d 0a dd 0d 0a 30 30 30 30 30 30 30 31 0d 0a e4 0d 0a 30 30 30 30 30 30 30 31 0d 0a 10 0d 0a 30 30 30 30 30 30 30 31 0d 0a 21 0d 0a 31 0d 0a 43 0d 0a 33 30 64 39 0d 0a 0a 06 9d 34 e8 8f 26 78 0f a4 9e c5 b4 24 c1 81 46 24 f8 fb b8 87 e3 c4 bb 52 cc d3 47 31 19 29 3e 44 8b 19 a4 69 f2 22 64 56 1a 8e e7 64 e2 dd f7 c6 d1 e9 24 8a 08 9d 70 dd 6a ee fb f7 b9 de 34 04 62 43 87 05 51 4a d5 8e de 01 d7 f2 be f0 79 b1 8a 60 a9 bc 73 8b 18 3a 35 18 3a ed c8 6e e6 6b 69 1d c5 62 ad c8 d4 8a 2a 6b 41 8b 97 b8 95 Data Ascii: 000000010000000100000001000000019000000010000000100000001000000010000000100000001!1C30d94&x$F$RG1)>Di"dVd$pj4bCQJy`s:5:nkib*kA
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: f0 1b 74 ba 7d 6c 9a d4 9e 2e 48 ba 49 26 6d d7 54 0e 6d d2 96 49 22 33 6b 69 6f 5b 27 95 81 f4 3f b0 08 ff 21 8b 50 26 d2 99 24 17 05 7d a8 23 24 69 fb 14 7c cd 25 0b 75 bd e5 25 ab bb ba 8f 39 7e d0 c0 82 7a 41 aa a7 46 8a 2e 6f 39 a7 6d 07 d0 77 b2 85 74 6d 1f 73 54 2c 68 20 d6 28 7f 4e 7f f1 88 cc 49 2e da 55 fa 11 d6 cc d0 90 7e f9 fd 05 c6 22 2e fd 33 fc e9 e7 f6 4d 8a 3d f2 5e c7 a7 c1 22 fc 85 05 03 c5 12 c2 66 d7 07 90 a6 86 cd 0e fd d4 6c a0 ab 03 02 35 5f 68 43 f0 26 52 5f c7 53 e0 41 ad 0d 11 61 07 c1 1f 35 d4 5a 4e 3b e4 3f b1 21 ff c9 58 c3 59 b3 8d 2b 9b 87 7d 3e 36 43 52 ca 2c 03 9f 79 45 96 41 e0 bf d0 e3 7f 15 7b 74 28 41 32 ba c8 6d c9 27 95 47 91 38 ca 1e e5 0a b1 d1 ab 17 c7 3f dc 55 62 54 78 63 1a 8b 11 17 46 33 30 76 21 7a 32 83 8b Data Ascii: t}l.HI&mTmI"3kio['?!P&$}#$i\|%u%9~zAF.o9mwtmsT,h (NI.U~".3M=^"fl5_hC&R_SAa5ZN;?!XY+}>6CR,yEA{t(A2m'G8?UbTxcF30v!z2
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 08 bc fe 04 db 11 f2 a3 1a 75 9e bf 6d 10 65 48 5a fd 64 9f 00 fd a6 b6 d5 76 6e 9c 18 89 cd 73 ab ce fa 0d a4 65 a3 1f e0 e2 2e 27 97 f2 ba b0 ed 34 98 c7 5a 9c ba 76 93 23 22 0b 47 6a f0 84 1e 6d 1b 9e 25 37 b8 24 e5 6e c9 17 0b f9 ec 85 fa 56 d1 9a 81 39 e7 e4 89 54 1b 32 58 56 fd 06 cb 05 19 01 fc 42 b4 81 d2 c4 9c ca 7b 8c 35 80 4b 27 b8 f4 30 ca fa 8f e1 e5 69 16 0c e1 b3 d7 a4 10 5b 4b 0f c1 26 65 66 19 45 ad fe 5c fb 64 73 20 ea 58 46 e9 3f ab 28 ef 32 12 a2 34 8a 33 25 5d 52 71 09 c9 bc c9 77 09 34 d9 66 42 a5 eb cf 31 e9 97 ac 45 71 24 db a8 97 90 53 e5 f6 c8 91 f8 2d 69 33 60 2b 8c cd d0 82 c3 d8 7a c3 60 cb de 14 bb 49 da 77 40 35 b1 88 ce 34 92 75 1a 39 a5 46 4e 3f 7a 47 ab 6c 52 8a bb f8 f1 e6 28 8e 70 ad 07 8d 39 b8 a6 b9 88 71 ed 1b ad 3a Data Ascii: umeHZdvnse.'4Zv#"Gjm%7$nV9T2XVB{5K'0i[K&efE\ds XF?(243%]Rqw4fB1Eq$S-i3`+z`Iw@54u9FN?zGlR(p9q:
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: 7c 4d 6a d4 7d b5 ee 43 24 b5 ce 0d a7 e8 02 31 97 49 0f ef 3b fb 40 4c 5c 1f 88 33 62 51 cb 13 c9 22 2a ec 7e a2 9d 18 8e 81 b9 c7 83 39 18 c3 ab 99 e5 d0 d1 c7 1c 4f e6 4e 3e d7 84 fe fd 28 b7 6b e4 d9 57 36 a8 72 3b 35 09 52 bd d7 b2 e6 cc b6 62 d3 0a 33 b3 11 66 36 e2 99 cd 0a fe b2 2d 2b d2 51 60 0a b1 59 cc 43 6c 30 e9 0f 61 d9 5c 3b 35 7f 0c 27 b1 60 4d 1b 72 4c 14 c5 b5 b6 b4 50 e4 cc ab 2b 14 a3 1c cb a8 a8 2a 40 56 04 8e f9 b7 21 ff c9 5d fe 04 46 40 cc 33 6d c3 af f9 05 c5 fe 92 91 55 18 15 3c 98 c1 c9 37 16 0f 76 26 38 53 c3 e8 52 f1 c5 6c d6 40 9c 5b d2 ee 0a 41 aa 0b b5 69 b6 6d 92 39 66 d5 2c 09 6a dd f3 5a 56 bc 71 75 a4 28 f6 81 61 a0 17 9b a2 fb d8 19 05 db 5d e2 bd 69 fc 5f c2 12 86 3a 85 c8 16 a1 23 1a 0d 60 73 38 04 a5 14 54 d2 7f 74 Data Ascii: \|Mj}C$1I;@L\3bQ"~9ON>(kW6r;5Rb3f6-+Q`YCl0a\;5'`MrLP+@V!]F@3mU<7v&8SRl@[Aim9f,jZVqu(a]i_:#`s8Tt
2024-10-24 09:44:05 UTC	1408	IN	Data Raw: cd e1 29 6a d9 9b 90 ab e0 78 6c da 6a 83 dc 6c 7f 16 35 e5 73 2a a0 21 c3 1a 66 ac db 7b db a3 1d 83 42 ed b1 72 06 bc bb e3 7b 7b 80 a7 7d 7d 13 66 4d c8 a8 0f 27 c1 64 28 73 71 b3 f4 e8 77 70 19 6c ed a2 fa d6 ae 26 49 a0 9e c9 81 77 ed e8 f7 b6 f6 46 07 7a 35 f2 99 d2 c6 e1 01 ee 93 2e fd 32 97 86 2d c5 23 50 23 a5 26 c5 fa 76 f9 68 ad b7 b6 51 7b cb ac 38 29 6d 90 7f 50 bd 02 e1 02 2f cf 30 95 19 d0 6b c8 64 e0 e6 c8 b6 31 cb 90 41 15 b7 91 f3 75 74 76 78 87 eb 93 f2 a9 c6 b3 9c 35 a5 07 af 6d d9 bd e7 8b d9 d2 7e e9 72 1e e1 50 65 f5 1d 7a 8e 3c 65 08 76 31 5b ea 8e 3b cb 95 dd 52 93 a1 d2 1b a1 51 a7 f6 8d df 83 67 7c 7d 92 04 a3 92 f7 fc 3e 84 63 d0 c6 cd 65 98 5e d4 ae 3a 34 f8 58 37 25 50 03 1a 7b 91 cc 56 e4 6a ac 2f 87 96 b0 91 fc d7 e9 ed c3 Data Ascii: )jxljl5s*!f{Br{{}}fM'd(sqwpl&IwFz5.2-#P#&vhQ{8)mP/0kd1Autvx5m~rPez<ev1[;RQg\|}>ce^:4X7%P{Vj/
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 7b d1 9a 10 9a ca 56 85 2c 32 8e d8 2c 63 0c 75 4d 5e 48 60 97 0b 49 22 95 c7 3e fd 72 fb bb 96 a7 10 9d ee c2 da ca 75 dd 27 72 98 1f 44 19 8d e5 12 88 2d 5c eb 15 34 e0 51 86 16 f5 fe 12 57 9f f8 05 74 24 c4 84 c0 87 88 96 24 df 32 4e bb 22 34 7c 77 84 b9 15 41 6c 69 b7 8e 3e 3a ed 99 9a a4 c2 ce 30 29 2c c3 10 34 bc 69 75 3d 68 18 51 e8 eb 6b ea b1 bf e3 f6 69 b3 64 75 80 6a 47 4d 60 4b af cd 0f a7 96 5b 34 3f 3c 1d 5a 58 9a dc 77 cb 79 26 4b 9a 44 6b 39 28 c4 f2 e0 e0 93 62 a9 26 f4 f3 9b ea b6 54 d9 a3 47 72 68 07 5e c0 7f c0 b5 67 24 ce 7d 81 3b a1 85 6d 22 a4 1d e1 12 4e 1a 37 37 2e 1b a5 61 a4 38 e4 3b 1e 9c cd ad 3b 9b 7f fb 3a 43 c3 cc 82 8a 03 b3 66 32 b8 73 f5 1c ed 43 24 45 58 f9 db c1 d7 00 0c 83 10 3f a8 ef 34 60 83 b4 3b fc 80 f7 c0 13 c3 Data Ascii: {V,2,cuM^H`I">ru'rD-\4QWt$$2N"4\|wAli>:0),4iu=hQkidujGM`K[4?<ZXwy&KDk9(b&TGrh^g$};m"N77.a8;;:Cf2sC$EX?4`;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
142	192.168.2.16	49907	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:05 UTC	522	OUT	GET /gui/67916.54c2c0cc036592986ddb.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:06 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: ccf459a67bcfd1a535719cdaa4bba032 Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:52:48 GMT Expires: Sat, 18 Oct 2025 08:52:48 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521478 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:06 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 73 0d 0a 30 66 66 32 0d 0a db 46 b6 e6 ef fb 57 20 98 ac 8b cc 05 61 bd 2d 51 a6 35 8a ec dc 68 fd 48 ca b2 93 9a ab d1 95 41 b2 25 22 26 01 2e 00 4a e6 48 fc df ef 77 ce e9 06 1a 0f 8a 92 e2 4c cd ec a6 a6 26 a6 80 7e f7 79 9f Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}0000000100000001s0ff2FW a-Q5hHA%"&.JHwL&~y
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: ec de 2c 20 8a db 32 25 b3 64 f1 83 96 2c 3e 90 d5 eb c6 3e 11 cf 0f 10 7e ef 55 3a 05 dd 29 48 14 61 b2 72 fb 83 07 b5 3f 30 ed 0f 6a ed ff 1a 66 a3 78 96 a1 3b ec 17 64 59 2e 9e 53 ff 83 3f 0a a2 e1 58 bd 4a 12 b0 8e 02 9f 34 2e 6d ca ef 7b 2e ff e3 d0 f8 c1 44 ce a0 e0 1d 27 8b 9d eb 51 38 18 39 10 e1 0e 6d b8 13 a6 4e b1 4b ee 02 ac 1d 8c c7 f3 9b d5 64 09 2e cc 29 6a a1 05 7a b6 80 48 6d b5 99 ef de c6 89 3a 69 20 d5 34 e7 3d 62 f6 25 fc 46 32 8c 04 12 74 41 c1 3c bd 56 06 06 2b 46 db 48 38 16 67 32 b3 8d 82 94 46 f2 e4 89 30 60 af 45 6c 7c ff 36 12 bb 62 e2 4f 54 16 40 7c e6 cc 8f d7 89 3f 98 25 69 9c b4 f5 1a 08 75 40 54 2c 95 3d 10 60 37 17 e1 38 53 09 eb 10 c8 90 16 49 8e bb 07 e5 4b 0d bb 73 a2 78 d7 f5 e2 64 68 b5 04 11 bf aa 25 ae 60 37 94 1e Data Ascii: , 2%d,>>~U:)Har?0jfx;dY.S?XJ4.m{.D'Q89mNKd.)jzHm:i 4=b%F2tA<V+FH8g2F0`El\|6bOT@\|?%iu@T,=`78SIKsxdh%`7
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 7e 78 01 f1 85 d2 c3 76 6b f9 9c f4 7c a5 29 2d 2a 8b a6 6e 6f 4d ab 6d 5b 56 cc 31 f9 39 26 2f 6c ab 89 a4 32 fd 62 76 cc 85 e0 21 1e c4 ea 8e 40 ea 7a d7 ec f5 9e a0 cb 09 af b7 30 f5 c5 38 b8 4c c1 20 e0 3a e2 10 27 48 b5 10 d1 a3 61 59 a5 49 b5 10 04 52 17 63 59 b2 d6 41 74 89 10 76 d7 9d 10 69 86 f1 2c 45 90 3e a7 27 8a 28 35 d0 93 65 e1 12 3d 59 94 24 1b 78 2d dc 8d 56 d3 59 3a ad 37 4b 91 9c 86 66 53 43 a6 29 93 69 ad d9 74 36 80 d0 4f d1 6c 5f 45 e1 65 64 8f 74 dc dc a4 e5 1f 97 47 4a e1 9d 7c 0c dd 5c 3d c8 8e 89 22 3a d4 32 0e dc 60 c4 1d ac 30 ff dd 47 8e 6b 5f 5e aa e1 71 f4 e4 c9 37 bc c7 61 5a 57 ca f6 5e f6 b1 97 7d 22 9f 06 b9 1c 84 9d 2b d2 e8 8e 6f cb ad e3 a1 61 21 0e 5f e7 7f be 68 94 ed a6 8d 17 d8 68 c5 21 6d 49 e1 b4 06 c8 89 61 c4 Data Ascii: ~xvk\|)-*noMm[V19&/l2bv!@z08L :'HaYIRcYAtvi,E>'(5e=Y$x-VY:7KfSC)it6Ol_EedtGJ\|\=":2`0Gk_^q7aZW^}"+oa!_hh!mIa
2024-10-24 09:44:06 UTC	398	IN	Data Raw: 78 73 ff f5 6b 44 5f a2 21 1b e2 10 f7 29 4b cc ba 49 47 83 93 80 17 c2 4d d4 ba a3 bb 76 ad 46 3e c4 47 e3 70 da 8f 83 04 d0 44 48 22 2f 27 46 23 ea 2a 9b 64 13 a4 15 0b e1 a6 f1 0e 00 01 f7 6f 87 ef 0f 4d 5f 08 68 4d 43 84 b1 00 29 a1 70 d4 c0 74 06 6d 05 35 12 11 fc c1 4c 5a e4 b3 68 41 92 b5 5a 0b 56 a9 c4 16 b3 9c 8b e2 ae 0f 78 59 4c 93 1f 10 34 fa 01 7e 7d b3 90 e1 35 d7 7b 5b 99 9d 70 80 e7 62 ed dc 76 57 96 1a 56 c0 87 18 99 2b 59 1f f7 24 46 66 8d c2 9f ce 35 f6 c5 b9 4e e2 e8 d2 77 8e 82 08 51 51 c7 0c 80 27 9b 2f f7 82 34 b4 a8 7b 52 43 f5 4d dd c7 24 d9 17 54 c6 bb fc c0 b1 1e 9f 1c 08 10 84 61 cc e3 21 00 92 77 95 21 41 b7 0f e5 83 a4 28 93 f5 55 a8 ae 69 7d bf 9f d3 1b 32 cb da 8b ca 33 80 54 db 37 8f 23 2a 9a 96 23 56 0a 68 8a 3b d4 ce b1 Data Ascii: xskD_!)KIGMvF>GpDH"/'F#doM_hMC)ptm5LZhAZVxYL4~}5{[pbvWV+Y$Ff5NwQQ'/4{RCM$Ta!w!A(Ui}23T7##Vh;
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 0f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ed 0d 0a 30 30 30 30 30 30 30 31 0d 0a 95 0d 0a 30 30 30 30 30 30 30 31 0d 0a c0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8c 0d 0a 30 30 30 30 30 30 30 31 0d 0a fb 0d 0a 30 30 30 30 30 30 30 31 0d 0a 98 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 5b 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a 05 0d 0a 30 30 30 30 30 30 30 31 0d 0a f0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8d 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a 04 0d 0a 30 30 30 30 30 30 30 31 0d 0a 79 0d 0a 30 31 0d 0a 0b 0d 0a 30 66 65 66 0d 0a 1a 17 f2 7c bc 54 82 29 05 09 dd e8 d7 e7 ec b9 96 8c 9e 73 12 1a e7 00 03 42 d6 a0 9e 29 18 0e bb 99 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001[00000001000000010000000100000001000000010000000100000001y010fef\|T)sB)
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 09 46 72 42 23 09 1e 80 6b a1 98 85 4d 8e 6f d0 c8 1b 34 a2 39 11 01 0d e1 c3 06 d9 25 69 15 c1 38 e3 a0 eb 58 d0 99 75 ef e1 18 4d 1e 33 85 8b 95 91 8e 43 42 9b 21 71 1d a9 b1 43 66 0f b9 c5 ef c1 be 88 c5 88 60 84 a4 48 91 b7 1f 1b ed ec b0 49 2e 16 da 48 01 af 95 90 cd 38 da 78 a1 6b 75 59 8c 3c 7f 8a 27 0e a6 5f 81 f2 38 89 42 4b 51 cc 91 8f a4 84 fa c9 6d 44 a0 7c 8c 69 4d 46 aa 74 45 49 71 ea c8 32 5b 07 80 81 75 64 08 0e 19 7b cb 5f 9f 9f 6b 1b d1 b1 10 5a 9b ce 74 0e 98 56 cd 4b 10 22 09 9c 04 b9 ea 9e 2b 7a b8 6a 5b 0a c2 cb 29 99 90 18 9c cd e9 c6 0a 4d 3b db a5 c4 bc 73 64 05 28 31 51 9a ed 1f d7 19 69 43 0a 3d 4a 47 9a fe c5 6d b1 56 52 1f 8d eb 28 3a 4f 57 5f 91 c2 f7 40 ba 6d 20 f1 bf 3e f0 78 68 57 0d fd 7c b3 b4 3b a4 ed 57 de 1c 93 61 a0 Data Ascii: FrB#kMo49%i8XuM3CB!qCf`HI.H8xkuY<'_8BKQmD\|iMFtEIq2[ud{_kZtVK"+zj[)M;sd(1QiC=JGmVR(:OW_@m >xhW\|;Wa
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: a7 26 bc e3 43 f6 9e 1a e4 c4 04 3c c8 bc de 6a 88 63 81 4e b6 03 4b 56 58 8a 57 1f 68 7c f1 2c dd f7 d8 8c 87 03 1b bd 8c 01 fe 36 b4 d1 ea d8 0a 49 e5 a8 c6 73 74 79 c0 f3 30 21 9a 0f 48 94 41 08 1a 60 63 51 bf 20 90 6a e0 ad 28 b3 6a 72 5d 59 b2 af 80 77 44 a2 f4 88 1c f6 2f 92 2f b5 d0 6b bd 6c 3f bd 0e 91 3c 61 11 07 6c a3 9b 26 83 f3 70 ea 76 07 f4 07 72 ef 40 1f e3 af 04 b8 e2 06 60 5b 38 ed 00 f6 0c 7c 1a 81 da da fb 7d 5c e4 f7 79 9f 6b 8e 10 50 a2 50 d1 d2 aa c3 98 ae f5 ac 56 03 75 2f ad 21 2a 1e 96 2f 8d 04 05 5f c6 33 28 b0 57 11 99 d4 90 e1 a5 ee 7f 0b 36 f5 14 f0 0b c7 2a 8b f1 5b 28 b7 be 1a 05 57 38 17 9a 9c 47 2a bb 8e 93 cf 04 70 d3 93 c0 bd 01 04 f0 a5 8a 74 c1 26 e1 d7 f8 ba cd 44 a7 37 8e 87 29 ab 4e bd ae c2 4e 38 a9 c1 80 28 4e 71 Data Ascii: &C<jcNKVXWh\|,6Isty0!HA`cQ j(jr]YwD//kl?<al&pvr@`[8\|}\ykPPVu/!/_3(W6[(W8G*pt&D7)NN8(Nq
2024-10-24 09:44:06 UTC	78	IN	Data Raw: 4e e2 18 5d cb fa 03 d6 4b f9 80 d5 f1 cb 13 d6 19 94 17 30 c7 e5 70 9a 2f 99 a5 e4 9b e2 2c 92 dc 4f e4 a4 73 dc 03 a2 81 f9 e2 a3 8b d9 86 8f 46 5c 82 2b 29 04 6f f9 f2 59 82 0b 18 f9 a2 12 5c 1d 02 e5 c3 d7 1c 52 01 ec 22 be 0d 0a Data Ascii: N]K0p/,OsF\+)oY\R"
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 38 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 30 30 30 30 30 30 31 0d 0a 04 0d 0a 30 30 30 30 30 30 30 31 0d 0a 4c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 92 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9f 0d 0a 30 30 30 30 30 30 30 31 0d 0a ac 0d 0a 30 30 30 30 30 30 30 31 0d 0a c3 0d 0a 30 30 30 30 30 30 30 31 0d 0a a7 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 70 0d 0a 30 30 30 30 30 30 30 31 0d 0a ca 0d 0a 30 30 30 30 30 30 31 0d 0a 58 0d 0a 64 63 34 0d 0a 7d 51 03 dc 44 3c 04 d6 ca 19 ce 11 e8 43 6d 73 93 98 93 e2 e0 5d 3f fe a2 52 f8 fe 2e e8 3e 4f 65 b0 90 92 08 03 d3 90 46 c7 89 24 96 64 12 f2 5d e6 8a 83 32 61 d1 41 20 ba 7c 52 7f 06 a7 10 ca 3a aa 50 ca 3e d9 62 d9 52 2a ec 62 71 f4 53 df f1 Data Ascii: 000000018000000010000000100000001L00000001000000010000000100000001000000010000000100000001p000000010000001Xdc4}QD<Cms]?R.>OeF$d]2aA \|R:P>bR*bqS
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 2f 67 88 53 51 c8 4b 5f 05 35 47 12 c5 31 71 16 b9 df 90 f6 8e 37 90 f2 27 f7 0d 5e 94 cb 15 db 22 f9 d2 b7 a5 21 14 e1 36 84 b9 78 c0 fa 76 70 87 f8 1b 17 65 11 3a 06 9f a3 31 39 b9 61 3e 05 21 67 27 b8 00 ce 5a c2 66 ff 20 ec 0d 95 46 e0 3c 41 7c 06 53 68 9e 2f df b7 41 05 d3 60 32 65 74 4d e8 eb 4b ea 71 4f b2 b9 2a 99 c8 50 00 05 3a da 65 91 ba 7c 1a e6 6b f3 2a af 34 ff 07 ec 02 d1 c1 72 b1 91 79 4b ef c4 4b 2d 24 16 62 46 f2 49 b2 34 6f 04 42 00 f9 64 71 eb 69 5a c2 4d 9d 75 8b a3 1b 0b 6c 1c e0 40 2b 3e e1 02 27 d2 73 80 8f 6f f3 85 09 d5 76 0e 5c 19 2a 4a f1 8f 90 6e 4b 28 be 16 80 3b e8 03 04 d3 71 4d 7e fd 0e fa 98 ee a0 0f f0 b5 ab 55 66 f8 dc 36 c3 69 6b 0a ab 64 de 33 b5 9b 8d 0a a3 0a 84 e8 b5 46 20 73 65 0e fb 82 3f 6f 6e db 17 a5 cf 9a ff Data Ascii: /gSQK_5G1q7'^"!6xvpe:19a>!g'Zf F<A\|Sh/A`2etMKqOP:e\|k4ryKK-$bFI4oBdqiZMul@+>'sov\*JnK(;qM~Uf6ikd3F se?on

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
143	192.168.2.16	49908	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	522	OUT	GET /gui/97174.987fc1d4b24686f2c0c7.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:06 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: dbbe709d594e42109a0fe77120ff01cb Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 13:10:06 GMT Expires: Sat, 18 Oct 2025 13:10:06 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 506040 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:06 UTC	455	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8f 0d 0a 30 30 30 30 30 30 30 31 0d 0a bd 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6a 0d 0a 30 30 30 30 30 30 30 31 0d 0a c3 0d 0a 30 30 30 30 31 0d 0a 30 0d 0a 30 66 33 0d 0a 00 84 f7 3e 85 49 17 09 84 e2 bf 48 76 8c bb 14 0a 85 74 49 c9 64 4c 50 14 39 56 1d 4b aa 64 25 83 e3 77 af 5b 28 ed d2 6e 77 1c 77 1f Data Ascii: 0000000100000001000000010000000100000001000000010000000100000001000000010000000100000001\|000000010000000100000001j000000010000100f3>IHvtIdLP9VKd%w[(nww
2024-10-24 09:44:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
144	192.168.2.16	49909	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	522	OUT	GET /gui/52564.fcbb1496712f373a7906.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:06 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: 343cd6bb679ea3cb9e44478bef3381bc Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 08:45:12 GMT Expires: Sat, 18 Oct 2025 08:45:12 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 521934 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:06 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 66 66 37 0d 0a ff ec bd 79 5f 1b 49 96 2e fc ff fd 14 69 dd 1a bf d2 54 4a 66 37 08 cb 34 05 76 17 5d de da e0 ea e9 f2 f8 e2 94 94 40 96 85 52 a3 4c 81 29 cc 77 7f 9f e7 9c 88 c8 c8 54 0a b0 bb ba ef cc fd d5 2c 2e 21 c5 1e 27 ce be 34 66 59 1c 64 f9 34 19 e4 8d ed 66 16 8f 4e 3a 97 71 7f 12 0d 3e ed 9d cd c6 9f 2e f2 e3 59 72 7c 1e 25 e3 de 2d bf 7d f9 f2 fe 43 ab 33 99 65 67 cd f7 ef d7 57 d6 37 d6 Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000ff7y_I.iTJf74v]@RL)wT,.!'4fYd4fN:q>.Yr\|%-}C3egW7
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 2c 88 02 cc f4 e4 11 7e 0a 9e 0c 93 0b fc 3b 79 fa 6c 9c c7 40 1e c1 c4 9c 26 01 2c c0 f3 67 d3 a0 99 4e 88 74 a2 51 eb c9 a3 09 9a eb ca 73 5c 7d 3b 19 4f 66 79 30 19 45 83 f8 2c 1d 61 cf bd c6 2f e8 61 87 69 04 9d 64 9c e4 3f 13 0d b9 b5 0a 52 6a 0f ce a2 f1 69 8c 6d cb 7e 9e 3e 79 54 1d 15 13 3d d2 e5 e1 df 40 a0 ad d7 e8 cf f2 1c 40 d4 d0 9b ec 35 ce 71 26 c9 b8 9d a7 93 6e b0 b2 34 f9 bc dd 70 eb d3 a6 b6 e3 65 32 8c 83 71 da ee 03 54 e2 69 23 30 07 36 4c 32 20 bd ec 69 b0 17 8d 07 f1 08 53 ea 32 b4 73 75 2c de 92 07 1e 3f c8 62 1a a5 29 fa d8 29 4f 7a 04 38 b4 93 98 5b 79 1a b8 ab 98 9b c6 ec d4 cc ae 8b 7b 1a 7c 6c 85 0f 04 96 8f e5 b6 15 ae fd cf e9 78 4f 6f 3c f4 a0 7f d8 f9 e9 a7 4e 3f 19 0f 9f 5d e0 d9 c9 d9 1f 01 95 12 37 13 c6 ec 83 69 00 29 Data Ascii: ,~;yl@&,gNtQs\};Ofy0E,a/aid?Rjim~>yT=@@5q&n4pe2qTi#06L2 iS2su,?b))Oz8[y{\|lxOo<N?]7i)
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 8e 53 08 87 2a 1d ec 35 eb 77 65 60 50 f9 ab d4 ee c1 52 ab 9b 75 c6 29 46 18 9f 82 58 80 4c a8 92 44 79 6a 4f 39 12 41 39 12 8e 5a db 67 42 4d a6 73 d4 c4 d0 03 22 fe 89 4f 4f ca 4b 28 90 e6 a4 67 47 aa a2 31 73 65 72 99 1c 8d 58 6c 6b 79 69 a9 06 8b 6d 2e 6d 2d 6d 51 e1 da b4 6a 56 8b d9 54 f5 6a 50 1b 75 af d0 ac 6e 28 3e eb 8c 55 3f 0a cc a7 38 8e 9a d7 8d cd e5 15 60 3e 6a 5e b7 36 36 d7 a1 8f 9d c9 c7 ad cd c7 2d a8 5f 9d 6a 76 c2 6f d7 37 36 37 5b 61 9f df ae 2d ad a3 db 05 17 f0 f8 f1 fa 3a 54 ba 98 6a 79 79 6b 83 1f 36 d7 96 56 e5 1b 60 e1 b5 2d 48 1e e7 e8 b2 bc ba fe 78 c9 53 73 9e 58 dd de bf 5a 97 0b 09 d2 6a a8 02 ab 94 04 7e 28 18 d5 df 5b 97 7b 72 0f 5d 6e a9 cd 22 5d ae ea 1e 8d 14 6f 15 8a a1 88 bf 54 25 a6 19 34 05 fa 00 a0 38 99 e6 7b Data Ascii: S*5we`PRu)FXLDyjO9A9ZgBMs"OOK(gG1serXlkyim.m-mQjVTjPun(>U?8`>j^66-_jvo767[a-:Tjyyk6V`-HxSsXZj~([{r]n"]oT%48{
2024-10-24 09:44:06 UTC	340	IN	Data Raw: d8 53 80 21 7c 34 c7 50 75 f8 68 e1 35 c0 e1 35 c1 21 b2 2b 95 a3 82 cb c4 18 f6 a0 38 80 92 02 96 a1 4f 0d ff aa 0d ba 88 b8 ce 9a 55 10 f0 ba 29 75 2a ad ae 07 78 7b 98 69 8f 33 dd 7e 26 18 73 d4 11 d3 17 0e fd 65 34 fd 44 02 d2 0a 9f bd 27 0f 64 48 e7 87 f0 8c 06 67 b5 bc ca fd 85 2f cb bf 93 ad a3 31 39 ee f5 3b af de 75 06 b3 29 d0 58 fe 0e 04 09 4a 74 15 28 f0 33 24 24 b0 fe 91 f8 7d c0 da 73 1a 37 b3 ce 33 ca 3d 42 b9 a7 e4 dc ec 40 c9 ad 03 c1 20 96 d4 0c 94 47 27 27 b0 63 14 44 61 17 67 b0 fb 2d a7 1d b4 05 e5 3f 79 54 3a f4 b7 f1 30 99 42 ca e4 e5 37 dc b2 e1 8c d2 c9 04 f9 1c 7f 8a af 44 3e 73 7f e1 27 77 8a a5 db d9 c7 ca f6 b1 32 a5 2c 3a 9b 20 a2 62 a4 52 5f 0a 12 16 53 3f 33 92 95 21 aa de 7e 8f 30 ea 11 f7 eb 69 c7 e8 2a 85 67 ec 7d 03 5c Data Ascii: S!\|4Puh55!+8OU)ux{i3~&se4D'dHg/19;u)XJt(3$$}s73=B@ G''cDag-?yT:0B7D>s'w2,: bR_S?3!~0ig}\
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 09 0d 0a 31 0d 0a 61 0d 0a 34 66 66 64 0d 0a c3 0b 56 71 a6 58 0f 21 88 c2 87 3f d6 3b 8c f5 ae 72 82 94 53 da e7 68 18 4c ae 70 5e f2 60 ab c8 b5 ec 8a e2 7a 00 81 0d 46 c9 e0 93 c5 b2 f3 de 27 a2 e7 c3 82 85 9f 52 f3 90 40 96 f2 42 22 23 a9 28 09 00 f0 d8 04 ff a5 bf c5 9a df 56 d6 7c ff 5b f7 21 c3 f0 47 06 e1 78 80 80 75 f3 af f2 c1 1a de ce 5d b5 11 1d 65 b9 df 72 d5 2f b0 8f 17 f6 1e fd 65 b9 e3 fc 96 0b 60 67 08 04 ce fd c8 f9 fd d4 ec c8 82 8a 7d 69 8e 71 f5 de d8 73 ac f2 b9 39 6d bc ab b3 0d 8b c8 27 fd 36 18 14 0f de a1 0d de 28 bf 3c 01 1d 72 1f a0 7f 70 99 88 a6 57 c1 79 5f 54 d0 ef 26 5c 67 16 c0 8d 90 26 44 9a 9c 83 7e 4c 41 26 cb 67 50 6b 0f 3b 70 2f 8c e0 a0 75 95 25 59 Data Ascii: 00000001000000011a4ffdVqX!?;rShLp^`zF'R@B"#(V\|[!Gxu]er/e`g}iqs9m'6(<rpWy_T&\g&D~LA&gPk;p/u%Y
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 72 84 05 35 07 d7 48 0e c2 9d 29 2f 8b cd 9c db 15 5c 74 3f 8b 10 9a 76 fe 2a 6e b0 9f 7c 81 d3 f6 2b 84 cc 5b 1a 2f 62 53 ee d5 79 01 5d 29 fa 7e ea e9 d4 53 e8 70 c5 25 d9 79 9e 56 a5 db 73 b8 dd 5c 51 b2 fd 04 c9 56 c2 68 3d c9 16 12 29 23 62 b7 6f 77 45 dd 5c 5f 59 5a 52 09 77 75 6b 6d 15 51 b1 94 70 57 d6 d7 e8 95 4a 09 77 ed f1 ea 32 5c af 28 e1 ae 2f af ad c2 e1 8a 12 ee ea c6 d2 06 3e d2 79 6b 73 73 65 d5 38 6f 19 8f 2d 3a 6f 6d ae 6e ad 63 30 3a 6f 41 30 7e 8c 75 50 1c fb 43 e2 fd a7 87 8c 56 25 de 49 e7 cd 7d 7d 5a 85 27 fd 0d dc 22 dd 59 ef 2f 1c f7 0b e1 d8 57 d6 59 aa 66 65 1a 83 ce 3d 3a 36 8c 73 f5 17 43 a4 e1 0e 50 76 04 8b 13 d1 a4 c1 4f 96 00 4c 8c 2e b4 40 03 1e 2e 2d b9 82 f2 7d c0 dc 09 f6 1a d6 31 58 81 04 89 a8 57 a8 37 2d 4d 73 ed Data Ascii: r5H)/\t?v*n\|+[/bSy])~Sp%yVs\QVh=)#bowE\_YZRwukmQpWJw2\(/>yksse8o-:omnc0:oA0~uPCV%I}}Z'"Y/WYfe=:6sCPvOL.@.-}1XW7-Ms
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 7f 1d c6 9f 5f 23 31 57 97 cd 1a 70 20 57 8e 0a e9 31 74 7a b6 b2 c1 b1 6e 94 ed c6 af d1 45 d4 ee 5f 41 1f 90 0e 63 a6 ec da 01 7f c6 2f 7f b0 df 75 1b 8f 19 6f 8d 9f 78 f0 bd 46 26 d1 d7 90 2e 98 c7 23 1a 1e 60 dc e6 47 ee 80 2c 5e 0e 01 41 f3 aa c1 3a f9 54 25 07 e1 2f c5 ff f1 fd 47 b6 60 8f 8f 1f 90 99 8b 3a 56 51 17 c3 46 88 88 12 66 71 13 2b ad be 67 2e b8 57 b4 61 2a 2b 88 40 f4 50 b5 ce 2f aa 83 74 4a 65 b4 87 d9 cf 18 45 11 8f cf c4 2c d1 e8 39 e6 30 e7 96 9d 45 c8 84 07 8c 4a 7d a5 f2 d7 46 13 ed 71 e6 2a 3d fc 34 1f 78 1b 5c 2e 52 fc d3 d1 9a 06 3f d0 40 06 05 c3 17 b9 4d d7 e6 a0 6a c0 e9 c7 f9 25 ad 8b c6 61 57 45 89 45 0a 04 51 e1 8a 49 61 28 ee cd 65 95 89 6a 65 c1 3f 17 2a f4 b3 5b 9c 4f 45 8b 7e 9a 27 bb 62 8c f4 f9 7b 15 80 7e 2a b9 49 Data Ascii: _#1Wp W1tznE_Ac/uoxF&.#`G,^A:T%/G`:VQFfq+g.Wa+@P/tJeE,90EJ}Fq=4x\.R?@Mj%aWEEQIa(eje?[OE~'b{~I
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 8c 48 95 b0 fb 31 dc b7 52 f0 1f e8 10 3e 80 1d 20 41 33 98 05 c0 70 30 b3 05 e0 3b 13 13 35 b6 48 8e c3 63 38 1d d7 86 ef 90 43 b2 70 bd 30 42 8b 23 a8 04 81 0a 39 17 40 f4 8d e5 b3 f9 78 e7 46 61 12 b7 9c b4 5a c4 5b a1 49 28 8f 00 58 e3 0b 67 9a c2 99 f1 67 08 8d 50 1a 68 39 06 17 67 cf 14 3b 54 8f cc b5 33 79 76 3c 39 58 a3 5a 85 5a dd 83 2b aa 9e b7 22 96 9a b0 f3 f9 d0 f2 7b 5f 8d 39 4f 21 67 b5 d6 db b9 5d bd cf 3f 74 4c ec 3b dd 95 2b de a3 f5 27 c1 3e e4 c8 59 0d a1 e4 4d a8 18 41 dd 03 88 21 84 01 05 1e 29 1c 08 40 4c 35 61 88 55 21 89 46 c9 e6 1f b2 7a a3 dc 27 84 07 f0 20 3d e8 55 44 18 2f 60 63 25 38 bf 32 e9 33 ac 78 8c b4 ec 5e 26 00 1f 12 3d ca b6 66 85 6a 73 77 a5 21 3d 55 90 46 d4 56 15 6e aa fb f0 87 26 86 6f 53 b9 5e 69 7a 87 27 d3 bc Data Ascii: H1R> A3p0;5Hc8Cp0B#9@xFaZ[I(XggPh9g;T3yv<9XZZ+"{_9O!g]?tL;+'>YMA!)@L5aU!Fz' =UD/`c%823x^&=fjsw!=UFVn&oS^iz'
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 45 fd 18 f0 6f ea c2 66 3d c1 ee ea 1a 65 ac 31 e2 55 a0 69 dd 54 34 4e df 78 3a 3a 8a 1e 92 68 ac dc 19 79 01 2f 38 21 eb 2d 49 1c aa 92 0d cf c9 c5 ae 8f 6e c9 e8 42 5e d5 76 af 78 38 de 0e 7d d4 20 18 90 b3 fd 8f 40 75 0b f8 14 e8 05 96 e0 29 5a 6c 50 03 c5 24 b6 ac 73 e1 56 51 71 f9 e4 2a 30 ca 83 d8 8c c1 7a a2 0f ec 80 12 70 c0 5c df d9 64 94 e4 cd c6 7f fe 27 4e 08 05 5d de 27 ae 10 e8 07 ab c2 4b 7a 20 1d da ec d1 7c 2b a4 b5 9c 4b 5a 49 d5 59 37 c3 d2 ea 0c 90 ee 78 49 92 4a 66 c8 1e 6c 8d fa 16 8a fa 7b 68 84 24 11 b4 81 83 a7 0c 5e c0 1b 81 fc 65 60 98 cb 4e f0 06 e4 07 59 43 2e a3 24 87 0b 12 96 27 76 cc 13 b1 92 3e 93 40 77 bc 5e 3e 0f 83 08 c5 37 91 61 e7 78 6a 28 15 5b a4 18 ae ac 64 19 9e 71 37 db 3f 2f a8 52 a1 b0 c2 ac 5e bf cc c5 bc 18 Data Ascii: Eof=e1UiT4Nx::hy/8!-InB^vx8} @u)ZlP$sVQq*0zp\d'N]'Kz \|+KZIY7xIJfl{h$^e`NYC.$'v>@w^>7axj([dq7?/R^
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 3c eb 3c b4 2d 1c 1a cd 84 0e 02 d9 99 33 88 77 e2 6e fc 3d 14 29 0c 44 63 12 d0 5a 88 d0 0b c3 b6 47 b3 b8 8b 7b 71 4f 82 55 8a 81 78 25 ca 9d a8 8a 7f 5f 4e 13 29 b9 22 29 29 ba 39 40 b1 97 84 f9 8d 38 06 05 93 6b 3c 6a 45 61 2e 93 93 1a 17 8f 05 af 31 d4 04 e9 4d 63 a0 c2 ab 11 35 74 40 70 2e ee d1 6c db 5a 43 4c 32 3d f0 2f 68 54 32 88 78 85 e1 dc 58 20 54 d8 a6 47 25 f4 a5 10 3d 43 0b c2 2a 78 b6 d4 a0 ba 7e b3 7a 8e 2d 2f 68 32 02 e8 72 a4 78 1a 2c 6e d8 14 7b ea ba 5d 08 fd 79 ca e8 79 ac 47 1b 1b 83 84 64 89 60 6b ba 7b 36 67 f8 df eb 1b ed 6e 56 ff e5 cb b5 5b 29 f5 5a ad 10 0d ae dd 60 5d d4 27 89 73 98 d1 8d 79 09 9a 1d ed 2e 87 66 3e 6b 7c fd f3 f2 e1 dd 39 b3 ce 54 4c ce ba ad b2 31 7f 68 f7 f3 dc ae 3c 95 a6 59 21 60 12 2a 55 ab ba 92 a1 6a Data Ascii: <<-3wn=)DcZG{qOUx%_N)"))9@8k<jEa.1Mc5t@p.lZCL2=/hT2xX TG%=Cx~z-/h2rx,n{]yyGd`k{6gnV[)Z`]'sy.f>k\|9TL1h<Y!`Uj

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
145	192.168.2.16	49910	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	522	OUT	GET /gui/88292.a814e2f9bbd53eb184a3.js HTTP/1.1 Host: www.virustotal.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:06 UTC	350	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: a58c3bdce1afff20f5fa23b2ebcf0f0d Content-Encoding: gzip Server: Google Frontend Date: Fri, 18 Oct 2024 10:03:42 GMT Expires: Sat, 18 Oct 2025 10:03:42 GMT Cache-Control: public, max-age=31536000 ETag: "udq24w" Content-Type: text/javascript Age: 517224 Connection: close Transfer-Encoding: chunked
2024-10-24 09:44:06 UTC	1058	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 1f 0d 0a 30 30 30 30 30 30 30 31 0d 0a 8b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 08 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 00 0d 0a 30 30 30 30 30 30 30 31 0d 0a 02 0d 0a 30 30 30 30 30 30 30 31 0d 0a ff 0d 0a 30 30 30 30 30 30 30 31 0d 0a ec 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 6b 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7f 0d 0a 30 30 30 30 30 30 30 31 0d 0a db 0d 0a 30 30 30 30 30 30 30 31 0d 0a 36 0d 0a 30 30 30 30 30 30 30 31 0d 0a b3 0d 0a 30 30 30 30 30 30 30 31 0d 0a e7 0d 0a 30 30 31 0d 0a fb 0d 0a 30 66 65 64 0d 0a fd 14 8c 36 27 47 da Data Ascii: 000000010000000100000001000000010000000100000001000000010000000100000001000000010000000100000001}00000001k000000010000000100000001600000001000000010010fed6'G
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 30 a8 7c fd aa 8e 16 1e 27 eb ea cf 7a 52 4b c2 dd f0 5c 46 9b 7e 2c cb 95 ca 7a a7 76 da 0b 5b 72 37 18 30 d0 f5 4e ad 13 b6 3f 46 41 92 c8 01 81 31 fe fc 59 94 15 f0 e9 9a d2 8b 0a f0 a2 36 f0 fb 40 0e de 46 ef dc 93 17 f8 a8 13 7b 83 da db 3f d4 99 8f 46 34 b7 72 e5 2a 1e 0d 65 54 ae d5 6a f6 5c 57 44 d2 0d e2 9a 3e 68 5b 7e e2 37 3e 7d 1e 63 91 3b 32 da 0d e2 24 8b f6 0e ae f5 81 6b 7d e0 da f4 03 ae d1 aa 5f f5 47 49 48 27 dc 3d ef fa b8 57 99 9e 98 f3 52 53 14 82 e6 65 1f e1 ef 24 c2 76 b8 0f af a7 0b c5 64 01 e8 1b 94 f3 73 c5 ec 85 14 71 ad 2f a2 da 4f a2 1c 81 3e e4 9b 34 a2 0c ad 50 cb 15 cb e4 03 51 0e d5 e1 c4 6a 55 40 51 f4 1a 66 d7 cf e3 de 27 da 8f c7 98 25 48 f3 97 86 6e de 78 89 95 1e d4 46 0f 2b e5 73 9c 23 e6 3d 63 b1 b2 f8 74 61 d5 61 Data Ascii: 0\|'zRK\F~,zv[r70N?FA1Y6@F{?F4r*eTj\WD>h[~7>}c;2$k}_GIH'=WRSe$vdsq/O>4PQjU@Qf'%HnxF+s#=ctaa
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 6e fa 14 60 54 ea 0e 4c 53 00 2a 1a 40 d9 af 6f 18 00 8b 9b e0 24 b0 f1 8a 17 58 a6 0b ac 67 69 36 12 16 4e bb bb 58 79 d2 14 dd 27 84 69 8e a9 e7 81 31 f5 c8 af 5f 1f c8 8a de 3e c9 8e 91 00 06 19 85 43 30 8a 1e 46 41 1f 7e 80 33 f9 99 70 d2 fa 24 02 83 81 41 ad ed f7 7a b4 e0 5f bf 5a 6d 9c f1 d7 58 95 ec 50 91 19 26 5a 83 85 37 3c f7 06 f2 dc 3b 82 e6 bc 1d 45 30 11 95 be ff de 19 ce eb 43 3b f6 34 5c be 37 34 60 78 ec 20 a8 95 0c ca 95 4b e4 70 82 49 81 ad b9 4a 05 af ef 8f fa 2d 19 c1 4e 57 19 03 32 d3 c2 d8 8e 4a 31 1f a2 d4 a4 95 c0 70 96 7c 57 2a 8d 71 2c 2a c1 c0 93 85 18 a1 36 0c 0b 0b 33 63 3d 10 e9 91 a8 3f 58 10 d0 b4 4e 82 d3 11 1f 11 fa 7d 0e 4b 31 1d 17 fc 3d ae d4 95 8b 43 c8 31 ed 4a df d9 27 b2 23 7e b3 eb cd 63 d7 53 26 b8 53 6b 5b 9f Data Ascii: n`TLS@o$Xgi6NXy'i1_>C0FA~3p$Az_ZmXP&Z7<;E0C;4\74`x KpIJ-NW2J1p\|Wq,*63c=?XN}K1=C1J'#~cS&Sk[
2024-10-24 09:44:06 UTC	453	IN	Data Raw: 9c a6 2c 8b a1 05 1c f3 67 22 0d cc 31 9b 7a cc 8d 4a 32 39 ec d4 4f ac 9a 60 bf 19 8b a5 a7 ab 0b 6e 90 82 b6 b6 9e d8 a8 5b 13 b5 50 64 65 45 b4 ad 32 a2 72 b4 ad f2 f3 72 58 d4 13 04 e4 3a 71 51 c2 86 d4 e6 ac a8 7d 25 c7 68 9e ef 9a c0 c0 7b f8 04 d6 82 98 ff 85 30 64 a4 18 09 bb 10 34 bd b4 35 89 cd 04 26 24 0b 0e 18 94 eb f4 6f bd 34 42 d8 1d c7 83 96 ac 19 4b 99 c6 1e 3d b2 46 32 90 03 04 42 85 11 e2 5b e5 27 58 b1 cc ef 12 9b cc 94 61 d3 d8 cb 10 f4 1a 8a 01 e2 89 3f 7d 86 d9 98 b4 06 28 e6 6b 49 74 49 9c 32 6c 20 20 d6 18 d4 2a 15 88 ba 17 89 58 20 c3 16 33 52 b5 f7 30 39 22 26 38 d0 33 59 43 27 8b 63 1b 66 b5 f6 00 a1 3f b0 f8 22 42 87 ac 72 b0 4e 22 6c 71 20 49 99 f4 55 4c 75 a4 22 6c 61 bf d6 b1 58 e8 2c c1 3a 03 96 ca da b8 4d 8a 0f 49 f0 00 Data Ascii: ,g"1zJ29O`n[PdeE2rrX:qQ}%h{0d45&$o4BK=F2B['Xa?}(kItI2l *X 3R09"&83YC'cf?"BrN"lq IULu"laX,:MI
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 30 30 30 30 30 30 30 31 0d 0a 89 0d 0a 30 30 30 30 30 30 30 31 0d 0a 7d 0d 0a 30 30 30 30 30 30 30 31 0d 0a 62 0d 0a 30 30 30 30 30 30 30 31 0d 0a 51 0d 0a 30 30 30 30 30 30 30 31 0d 0a 48 0d 0a 30 30 30 30 30 30 30 31 0d 0a b1 0d 0a 30 30 30 30 30 30 30 31 0d 0a 2a 0d 0a 30 30 30 30 30 30 30 31 0d 0a b0 0d 0a 30 30 30 30 30 30 30 31 0d 0a 9b 0d 0a 30 30 30 30 30 30 30 31 0d 0a ee 0d 0a 30 30 30 30 30 30 30 31 0d 0a 0c 0d 0a 30 30 30 30 30 30 30 31 0d 0a 60 0d 0a 30 30 30 30 30 30 30 31 0d 0a 93 0d 0a 30 30 30 30 30 30 30 31 0d 0a 44 0d 0a 30 30 30 30 30 30 30 31 0d 0a ac 0d 0a 30 30 30 30 30 30 30 31 0d 0a 38 0d 0a 30 30 30 30 30 30 30 31 0d 0a 88 0d 0a 30 30 30 30 30 30 30 31 0d 0a 80 0d 0a 30 31 0d 0a ec 0d 0a 31 66 65 64 0d 0a 0f 13 2f 09 bd 0e 3a a4 Data Ascii: 0000000100000001}00000001b00000001Q00000001H0000000100000001*0000000100000001000000010000000100000001`0000000100000001D000000010000000180000000100000001011fed/:
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: af 8b 0d 42 53 f2 e4 96 57 9f 40 de a0 58 bb 27 4b 4f 9e 21 02 8f d2 af b5 f1 28 4d bf 16 6d 18 51 ca cb ab cb cf 11 82 47 4d 97 11 b8 87 3f 96 97 97 9e 71 28 df ea f3 55 4a e3 46 ba cc f2 53 e4 7e 2b 13 93 93 ad 2d 4e c4 a5 b8 10 e7 e2 8b 78 28 9a 62 43 6c 8a 1d 71 28 8e c4 56 9a 46 73 fc 4d f1 bc 07 c5 93 e4 c8 83 9c 96 31 4f 18 0f f2 5c 38 95 8f d2 bd 1a a5 bd 9d a3 77 db de c6 d1 d1 a3 cd b7 de 11 f2 54 83 76 ec 21 cb dd 3b 92 ed ee 20 20 cf b9 76 e5 ea ef 4c ac 23 6c a7 d9 af ff eb 7f 7b 01 3e f5 28 11 98 82 0a 90 90 4c 29 6e 94 ff ee 7d 19 84 e7 3d d9 39 95 5e 8b c2 14 60 92 f2 3b a0 ea 31 65 db 20 5f db 0e 0a e7 8e 1e 94 1b 76 3c e4 d9 c3 93 df ab 9e 87 51 0f bf 5a 31 1c f7 ec c7 8e 6b 16 2c f2 8a 37 51 36 01 b3 49 73 8b cd 5b 84 50 18 8f f8 6d f4 Data Ascii: BSW@X'KO!(MmQGM?q(UJFS~+-Nx(bClq(VFsM1O\8wTv!; vL#l{>(L)n}=9^`;1e _v<QZ1k,7Q6Is[Pm
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: b4 39 9b 60 7c 91 e0 3f 64 bb a6 1f 2f f9 c7 62 7d 41 04 a6 4d a2 90 00 be 25 46 06 f8 6f 8c 2d 5c 75 16 34 ae de ef bf dd 3f f8 b8 5f af 2e 8a 9d fd d7 07 f8 7a f7 e0 63 7d 51 ec 6d 6f ed bc df ab 2f 89 37 3b 3f bc a9 2f 9b e0 38 0f be 9d 5a 0c 89 10 79 1f 97 9f 5f 04 9f 60 64 37 bf d6 17 eb 99 b7 2f b3 6f 01 e6 c2 98 7c ed 96 57 b0 79 1e ee cf 38 b5 81 20 f0 93 e6 ed d2 24 98 dd 15 f8 46 dc a3 a3 69 51 2d 56 46 7e 48 79 ee c3 46 c2 b1 02 5a 3e 24 5f 77 fe 03 0c eb 3e 6c 04 63 f7 67 16 20 ce 31 d2 82 ad 09 9c 50 95 96 6e a4 10 3c c5 88 c6 4a 9b 62 2c 26 06 ba c7 b0 61 43 0f 91 83 ae f9 68 03 f1 13 da 40 6f 28 35 85 6e 28 49 d3 a1 c7 97 38 d3 97 38 d3 19 3b bb 29 a5 a5 79 cb b5 c7 dd 10 71 2a 0f a6 48 76 84 10 c0 46 49 d5 4a 2b 19 ca de f2 49 07 8c 40 52 Data Ascii: 9`\|?d/b}AM%Fo-\u4?_.zc}Qmo/7;?/8Zy_`d7/o\|Wy8 $FiQ-VF~HyFZ>$_w>lcg 1Pn<Jb,&aCh@o(5n(I88;)yq*HvFIJ+I@R
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 10 7c d6 be f3 fe 87 17 f4 31 41 44 ff a4 8a b8 12 d0 cc da a5 b2 19 ca ad 77 7a 72 4b e3 01 39 2f 64 67 53 d5 60 57 38 60 3e b1 28 a2 51 c3 2c dc 2e b9 04 5c f9 46 85 a1 d2 e6 d1 fc ac ee a5 97 99 3d 08 b9 35 85 7c c1 0a d6 71 45 f9 ea 90 c5 ad 5a 73 df 59 83 ac 8a 4b d5 bd 6b 09 9c 37 06 9d 30 ce c2 97 6b 6a 56 90 c2 a5 77 61 0b 48 9e da e5 f9 0c bc 5c 74 a1 36 09 a3 5a 12 36 08 e0 b7 e0 ae e8 22 1b d5 62 01 0b 26 a4 c4 f0 68 dc 53 aa bd 1d ab e5 3c 18 92 8b 2f 3e 42 35 db 82 f2 16 0a d3 20 29 aa 33 c6 3f f5 92 ab f9 f3 13 d4 fa 26 7f c2 07 60 73 07 06 40 7b 4c 58 bc af 29 0a c0 1d 98 f3 6e 12 9c f9 6b bd 77 d7 d6 1d 28 71 27 e6 f4 94 04 4c 78 93 a5 07 b8 37 9d 13 4e 54 87 72 f4 b5 5d 9d 3f 1f 4f 4c 99 3c f0 14 87 01 5a 52 82 7d 14 62 3a 52 d4 65 c2 c1 Data Ascii: \|1ADwzrK9/dgS`W8`>(Q,.\F=5\|qEZsYKk70kjVwaH\t6Z6"b&hS</>B5 )3?&`s@{LX)nkw(q'Lx7NTr]?OL<ZR}b:Re
2024-10-24 09:44:06 UTC	1408	IN	Data Raw: 6c bb 89 38 5f b6 82 96 dc fe 4b a2 d4 1c ca 76 70 02 33 b6 a9 e4 03 03 5c 82 79 73 c2 8f 0e 5c 8c 29 3b 47 5f 72 e8 95 29 13 a8 0f d4 f2 5a 51 e8 77 7a 97 9e b9 dd b0 82 9d 46 16 08 d4 12 e4 e5 a8 a2 69 f6 2b c4 27 23 c3 9b 0a 3a a2 fc 74 14 20 1f d9 1b 0d 40 15 bb b8 51 f0 4f 04 71 52 a7 5d 3f ea 9f 8c 7a 1e 25 ff 9c 29 20 10 ea e4 23 d0 99 0c 6a 68 44 06 bb 11 2c f2 28 b0 82 24 80 30 fa 22 50 7f 05 95 5a a8 6e 27 72 7f 4a 70 ab a6 fb a6 18 0e 3d da be 18 f6 00 2f ee fe 53 11 f1 06 71 54 12 f1 89 13 4b c2 9e da db 46 c4 a7 31 f0 9b 1b 87 1b 14 7e c0 a3 71 74 96 b5 9b e6 c0 a8 d4 07 e6 3e 2c eb ee 4e b2 76 40 c7 7d af 2a f0 68 37 84 39 d9 c6 4c c8 67 a8 e8 74 3b 05 2f d3 c3 a2 22 e6 8b 0e 8b 8d 98 0f 40 62 4c c8 c8 ed 02 e4 cd 49 d0 79 18 93 be 6e e3 0f Data Ascii: l8_Kvp3\ys\);G_r)ZQwzFi+'#:t @QOqR]?z%) #jhD,($0"PZn'rJp=/SqTKF1~qt>,Nv@}*h79Lgt;/"@bLIyn
2024-10-24 09:44:06 UTC	1382	IN	Data Raw: f4 59 55 f5 e2 c4 a0 e4 82 4d 72 9e 04 d0 45 95 e5 5c c4 ba df 80 38 be 69 fc 34 b7 f7 6e 71 e1 ae dc 39 b3 9a 36 7e ce 91 d1 8a 35 64 87 2d 7f c0 1c 3e d0 1c 26 d2 6c 66 34 f7 78 35 8e 60 34 f6 20 72 df 49 76 b0 99 27 c5 41 a9 59 43 29 77 e1 96 51 70 5c 7c ff 52 21 c1 65 f7 d6 48 54 68 85 d2 2d b5 a1 6a c2 94 ea da 91 fe 4c ed 48 fb d7 54 48 90 94 4d 22 1e b0 71 9d d2 6d c8 7c c1 31 0d 90 64 6d 0e 0d 97 c7 eb e1 1a ac a4 ab ad 2f 85 e7 02 cc 39 2b 9d a8 5d ca 1b 38 7f c4 ee ff 88 dd cf 66 9b 6a 3e cf 75 39 e0 7a a4 78 56 fa 10 7d 02 c0 8c 78 f0 11 df 7f c4 f7 b4 18 2c 11 50 03 b4 23 fb 92 6b 8e fa 03 ed fe 60 2c cb a4 b5 da 81 94 b5 8b be c2 c7 6a ce 94 cd 62 a4 90 5f f1 f9 af f4 39 2f 3a 0f a4 1a 91 f1 43 4b 1c a9 f0 91 39 14 c6 4d 09 59 e3 87 29 b2 86 Data Ascii: YUMrE\8i4nq96~5d->&lf4x5`4 rIv'AYC)wQp\\|R!eHTh-jLHTHM"qm\|1dm/9+]8fj>u9zxV}x,P#k`,jb_9/:CK9MY)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
146	192.168.2.16	49912	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	949	OUT	POST /ui/intelligence/rules_matching_iocs HTTP/1.1 Host: www.virustotal.com Connection: keep-alive Content-Length: 89 sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTE5MTcxOTU2NzYtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjM1MQ== sec-ch-ua-platform: "Windows" Origin: https://www.virustotal.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:06 UTC	89	OUT	Data Raw: 5b 7b 22 69 64 22 3a 22 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 22 2c 22 74 79 70 65 22 3a 22 66 69 6c 65 22 7d 5d Data Ascii: [{"id":"c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3","type":"file"}]
2024-10-24 09:44:07 UTC	802	IN	HTTP/1.1 401 Unauthorized Content-Type: application/json Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 559f4368f95ff838835e81153a7ae686 Date: Thu, 24 Oct 2024 09:44:07 GMT Server: Google Frontend Content-Length: 88 Connection: close
2024-10-24 09:44:07 UTC	88	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 20 7b 22 63 6f 64 65 22 3a 20 22 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 52 65 71 75 69 72 65 64 45 72 72 6f 72 22 2c 20 22 6d 65 73 73 61 67 65 22 3a 20 22 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 72 65 71 75 69 72 65 64 22 7d 7d Data Ascii: {"error": {"code": "AuthenticationRequiredError", "message": "Authentication required"}}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
147	192.168.2.16	49911	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	930	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3 HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTgxNzQyODM3NjctWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjM1MQ== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:07 UTC	882	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 67caacc1a87ccaf82e091499ae901262 Date: Thu, 24 Oct 2024 09:44:07 GMT Server: Google Frontend Content-Length: 26916 Expires: Thu, 24 Oct 2024 09:44:07 GMT Cache-Control: private Connection: close
2024-10-24 09:44:07 UTC	526	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 7b 22 69 64 22 3a 20 22 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 22 2c 20 22 74 79 70 65 22 3a 20 22 66 69 6c 65 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 66 69 6c 65 73 2f 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 22 7d 2c 20 22 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 74 79 70 65 5f 74 61 67 22 3a 20 22 70 65 65 78 Data Ascii: {"data": {"id": "c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3", "type": "file", "links": {"self": "https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3"}, "attributes": {"type_tag": "peex
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 22 3a 20 7b 22 59 6f 6d 69 20 48 75 6e 74 65 72 22 3a 20 7b 22 63 61 74 65 67 6f 72 79 22 3a 20 22 6d 61 6c 69 63 69 6f 75 73 22 2c 20 22 6d 61 6c 77 61 72 65 5f 63 6c 61 73 73 69 66 69 63 61 74 69 6f 6e 22 3a 20 5b 22 4d 41 4c 57 41 52 45 22 5d 2c 20 22 73 61 6e 64 62 6f 78 5f 6e 61 6d 65 22 3a 20 22 59 6f 6d 69 20 48 75 6e 74 65 72 22 7d 7d 2c 20 22 73 69 67 6d 61 5f 61 6e 61 6c 79 73 69 73 5f 73 75 6d 6d 61 72 79 22 3a 20 7b 22 53 69 67 6d 61 20 49 6e 74 65 67 72 61 74 65 64 20 52 75 6c 65 20 53 65 74 20 28 47 69 74 48 75 62 29 22 3a 20 7b 22 63 72 69 74 69 63 61 6c 22 3a 20 30 2c 20 22 68 69 67 68 22 3a 20 30 2c 20 22 6d 65 64 69 75 6d 22 3a 20 31 2c 20 22 6c 6f 77 22 3a 20 30 7d 7d 2c 20 22 64 65 74 65 63 74 69 74 65 61 73 79 22 3a 20 7b 22 66 69 6c Data Ascii: ": {"Yomi Hunter": {"category": "malicious", "malware_classification": ["MALWARE"], "sandbox_name": "Yomi Hunter"}}, "sigma_analysis_summary": {"Sigma Integrated Rule Set (GitHub)": {"critical": 0, "high": 0, "medium": 1, "low": 0}}, "detectiteasy": {"fil
2024-10-24 09:44:07 UTC	484	IN	Data Raw: 31 64 62 33 30 64 61 35 61 33 65 61 31 62 30 65 64 39 62 39 22 2c 20 22 74 79 70 65 22 3a 20 22 52 54 5f 4d 41 4e 49 46 45 53 54 22 7d 5d 2c 20 22 72 65 73 6f 75 72 63 65 5f 6c 61 6e 67 73 22 3a 20 7b 22 4e 45 55 54 52 41 4c 22 3a 20 31 2c 20 22 45 4e 47 4c 49 53 48 20 55 53 22 3a 20 32 7d 2c 20 22 72 65 73 6f 75 72 63 65 5f 74 79 70 65 73 22 3a 20 7b 22 52 54 5f 4d 41 4e 49 46 45 53 54 22 3a 20 31 2c 20 22 52 54 5f 56 45 52 53 49 4f 4e 22 3a 20 31 2c 20 22 43 41 42 49 4e 45 54 22 3a 20 31 7d 2c 20 22 6f 76 65 72 6c 61 79 22 3a 20 7b 22 63 68 69 32 22 3a 20 39 37 30 33 31 2e 38 32 2c 20 22 66 69 6c 65 74 79 70 65 22 3a 20 22 75 6e 6b 6e 6f 77 6e 22 2c 20 22 65 6e 74 72 6f 70 79 22 3a 20 37 2e 38 33 38 37 37 36 35 38 38 34 33 39 39 34 31 2c 20 22 6f 66 66 Data Ascii: 1db30da5a3ea1b0ed9b9", "type": "RT_MANIFEST"}], "resource_langs": {"NEUTRAL": 1, "ENGLISH US": 2}, "resource_types": {"RT_MANIFEST": 1, "RT_VERSION": 1, "CABINET": 1}, "overlay": {"chi2": 97031.82, "filetype": "unknown", "entropy": 7.838776588439941, "off
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 6d 64 35 22 3a 20 22 34 63 31 66 36 64 37 65 38 35 30 66 62 66 30 34 64 36 62 62 32 32 63 65 37 31 35 62 34 37 62 30 22 7d 2c 20 7b 22 6e 61 6d 65 22 3a 20 22 2e 72 64 61 74 61 22 2c 20 22 63 68 69 32 22 3a 20 33 32 38 37 36 35 33 2e 35 2c 20 22 76 69 72 74 75 61 6c 5f 61 64 64 72 65 73 73 22 3a 20 32 30 30 37 30 34 2c 20 22 65 6e 74 72 6f 70 79 22 3a 20 35 2e 30 31 2c 20 22 72 61 77 5f 73 69 7a 65 22 3a 20 36 35 35 33 36 2c 20 22 66 6c 61 67 73 22 3a 20 22 72 22 2c 20 22 76 69 72 74 75 61 6c 5f 73 69 7a 65 22 3a 20 36 33 37 36 30 2c 20 22 6d 64 35 22 3a 20 22 34 33 36 32 33 38 31 34 31 39 36 66 34 35 63 33 34 61 61 34 66 37 36 37 33 34 35 62 30 66 64 66 22 7d 2c 20 7b 22 6e 61 6d 65 22 3a 20 22 2e 64 61 74 61 22 2c 20 22 63 68 69 32 22 3a 20 31 32 33 30 Data Ascii: md5": "4c1f6d7e850fbf04d6bb22ce715b47b0"}, {"name": ".rdata", "chi2": 3287653.5, "virtual_address": 200704, "entropy": 5.01, "raw_size": 65536, "flags": "r", "virtual_size": 63760, "md5": "43623814196f45c34aa4f767345b0fdf"}, {"name": ".data", "chi2": 1230
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 69 6f 6e 73 22 3a 20 5b 22 41 64 64 41 63 63 65 73 73 41 6c 6c 6f 77 65 64 41 63 65 22 2c 20 22 41 64 6a 75 73 74 54 6f 6b 65 6e 50 72 69 76 69 6c 65 67 65 73 22 2c 20 22 41 6c 6c 6f 63 61 74 65 41 6e 64 49 6e 69 74 69 61 6c 69 7a 65 53 69 64 22 2c 20 22 43 68 65 63 6b 54 6f 6b 65 6e 4d 65 6d 62 65 72 73 68 69 70 22 2c 20 22 43 6f 70 79 53 69 64 22 2c 20 22 45 76 65 6e 74 52 65 67 69 73 74 65 72 22 2c 20 22 45 76 65 6e 74 55 6e 72 65 67 69 73 74 65 72 22 2c 20 22 45 76 65 6e 74 57 72 69 74 65 54 72 61 6e 73 66 65 72 22 2c 20 22 46 72 65 65 53 69 64 22 2c 20 22 47 65 74 4c 65 6e 67 74 68 53 69 64 22 2c 20 22 47 65 74 54 6f 6b 65 6e 49 6e 66 6f 72 6d 61 74 69 6f 6e 22 2c 20 22 47 65 74 54 72 61 63 65 45 6e 61 62 6c 65 46 6c 61 67 73 22 2c 20 22 47 65 74 54 Data Ascii: ions": ["AddAccessAllowedAce", "AdjustTokenPrivileges", "AllocateAndInitializeSid", "CheckTokenMembership", "CopySid", "EventRegister", "EventUnregister", "EventWriteTransfer", "FreeSid", "GetLengthSid", "GetTokenInformation", "GetTraceEnableFlags", "GetT
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 2c 20 22 47 65 74 45 78 69 74 43 6f 64 65 50 72 6f 63 65 73 73 22 2c 20 22 47 65 74 46 69 6c 65 41 74 74 72 69 62 75 74 65 73 57 22 2c 20 22 47 65 74 46 69 6c 65 53 69 7a 65 45 78 22 2c 20 22 47 65 74 46 69 6c 65 54 79 70 65 22 2c 20 22 47 65 74 4c 61 73 74 45 72 72 6f 72 22 2c 20 22 47 65 74 4d 6f 64 75 6c 65 46 69 6c 65 4e 61 6d 65 57 22 2c 20 22 47 65 74 4d 6f 64 75 6c 65 48 61 6e 64 6c 65 45 78 57 22 2c 20 22 47 65 74 4d 6f 64 75 6c 65 48 61 6e 64 6c 65 57 22 2c 20 22 47 65 74 4f 45 4d 43 50 22 2c 20 22 47 65 74 50 72 6f 63 41 64 64 72 65 73 73 22 2c 20 22 47 65 74 50 72 6f 63 65 73 73 48 65 61 70 22 2c 20 22 47 65 74 50 72 6f 63 65 73 73 54 69 6d 65 73 22 2c 20 22 47 65 74 53 74 61 72 74 75 70 49 6e 66 6f 57 22 2c 20 22 47 65 74 53 74 64 48 61 6e 64 Data Ascii: , "GetExitCodeProcess", "GetFileAttributesW", "GetFileSizeEx", "GetFileType", "GetLastError", "GetModuleFileNameW", "GetModuleHandleExW", "GetModuleHandleW", "GetOEMCP", "GetProcAddress", "GetProcessHeap", "GetProcessTimes", "GetStartupInfoW", "GetStdHand
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 20 22 69 6d 70 6f 72 74 65 64 5f 66 75 6e 63 74 69 6f 6e 73 22 3a 20 5b 22 55 75 69 64 43 72 65 61 74 65 22 5d 7d 2c 20 7b 22 6c 69 62 72 61 72 79 5f 6e 61 6d 65 22 3a 20 22 6e 74 64 6c 6c 2e 64 6c 6c 22 2c 20 22 69 6d 70 6f 72 74 65 64 5f 66 75 6e 63 74 69 6f 6e 73 22 3a 20 5b 22 4e 74 53 65 74 49 6e 66 6f 72 6d 61 74 69 6f 6e 46 69 6c 65 22 2c 20 22 52 74 6c 43 61 70 74 75 72 65 43 6f 6e 74 65 78 74 22 2c 20 22 52 74 6c 47 65 74 56 65 72 73 69 6f 6e 22 2c 20 22 52 74 6c 4c 6f 6f 6b 75 70 46 75 6e 63 74 69 6f 6e 45 6e 74 72 79 22 2c 20 22 52 74 6c 4e 74 53 74 61 74 75 73 54 6f 44 6f 73 45 72 72 6f 72 22 2c 20 22 52 74 6c 50 63 54 6f 46 69 6c 65 48 65 61 64 65 72 22 2c 20 22 52 74 6c 55 6e 77 69 6e 64 22 2c 20 22 52 74 6c 55 6e 77 69 6e 64 45 78 22 2c 20 Data Ascii: "imported_functions": ["UuidCreate"]}, {"library_name": "ntdll.dll", "imported_functions": ["NtSetInformationFile", "RtlCaptureContext", "RtlGetVersion", "RtlLookupFunctionEntry", "RtlNtStatusToDosError", "RtlPcToFileHeader", "RtlUnwind", "RtlUnwindEx",
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 53 6b 79 68 69 67 68 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 53 6b 79 68 69 67 68 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 76 32 30 32 31 2e 32 2e 30 2b 34 30 34 35 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 4c 59 61 63 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e Data Ascii: 1010", "category": "undetected", "result": null}, "Skyhigh": {"method": "blacklist", "engine_name": "Skyhigh", "engine_version": "v2021.2.0+4045", "engine_update": "20241010", "category": "undetected", "result": null}, "ALYac": {"method": "blacklist", "en
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 72 6f 77 64 53 74 72 69 6b 65 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 33 31 30 32 36 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 72 63 61 62 69 74 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 72 63 61 62 69 74 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 30 32 32 2e 30 2e 30 2e 31 38 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 Data Ascii: ine_name": "CrowdStrike", "engine_version": "1.0", "engine_update": "20231026", "category": "undetected", "result": null}, "Arcabit": {"method": "blacklist", "engine_name": "Arcabit", "engine_version": "2022.0.0.18", "engine_update": "20241010", "category
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 22 3a 20 6e 75 6c 6c 7d 2c 20 22 43 6c 61 6d 41 56 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 6c 61 6d 41 56 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 34 2e 31 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 30 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 4b 61 73 70 65 72 73 6b 79 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 4b 61 73 70 65 72 73 6b 79 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 Data Ascii: ": null}, "ClamAV": {"method": "blacklist", "engine_name": "ClamAV", "engine_version": "1.4.1.0", "engine_update": "20241010", "category": "undetected", "result": null}, "Kaspersky": {"method": "blacklist", "engine_name": "Kaspersky", "engine_version": "2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
148	192.168.2.16	49916	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	944	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/dropped_files HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTI4OTQ4MzI0MDAtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMQ== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:07 UTC	883	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 3b45c29889e50d7b18e691ecad9b2683 Date: Thu, 24 Oct 2024 09:44:07 GMT Server: Google Frontend Content-Length: 240830 Expires: Thu, 24 Oct 2024 09:44:07 GMT Cache-Control: private Connection: close
2024-10-24 09:44:07 UTC	525	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 5b 7b 22 69 64 22 3a 20 22 30 31 63 62 32 66 39 64 35 36 38 32 64 66 38 64 35 63 38 37 65 30 35 33 33 62 65 66 35 38 35 61 32 39 30 37 34 38 36 30 62 64 61 61 65 31 63 34 38 30 37 65 38 65 33 66 38 37 39 30 39 61 30 36 22 2c 20 22 74 79 70 65 22 3a 20 22 66 69 6c 65 22 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 66 69 6c 65 73 2f 30 31 63 62 32 66 39 64 35 36 38 32 64 66 38 64 35 63 38 37 65 30 35 33 33 62 65 66 35 38 35 61 32 39 30 37 34 38 36 30 62 64 61 61 65 31 63 34 38 30 37 65 38 65 33 66 38 37 39 30 39 61 30 36 22 7d 2c 20 22 61 74 74 72 69 62 75 74 65 73 22 3a 20 7b 22 6d 64 35 22 3a 20 22 36 37 38 33 64 31 30 30 Data Ascii: {"data": [{"id": "01cb2f9d5682df8d5c87e0533bef585a29074860bdaae1c4807e8e3f87909a06", "type": "file", "links": {"self": "https://www.virustotal.com/ui/files/01cb2f9d5682df8d5c87e0533bef585a29074860bdaae1c4807e8e3f87909a06"}, "attributes": {"md5": "6783d100
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 78 65 63 75 74 61 62 6c 65 22 2c 20 22 77 69 6e 64 6f 77 73 22 2c 20 22 77 69 6e 33 32 22 2c 20 22 70 65 22 2c 20 22 70 65 64 6c 6c 22 5d 2c 20 22 6c 61 73 74 5f 73 75 62 6d 69 73 73 69 6f 6e 5f 64 61 74 65 22 3a 20 31 37 32 38 36 30 38 33 35 30 2c 20 22 6c 61 73 74 5f 61 6e 61 6c 79 73 69 73 5f 64 61 74 65 22 3a 20 31 37 32 39 32 31 33 31 39 39 2c 20 22 6c 61 73 74 5f 6d 6f 64 69 66 69 63 61 74 69 6f 6e 5f 64 61 74 65 22 3a 20 31 37 32 39 32 32 30 34 35 35 2c 20 22 75 6e 69 71 75 65 5f 73 6f 75 72 63 65 73 22 3a 20 31 2c 20 22 73 73 64 65 65 70 22 3a 20 22 31 35 33 36 3a 39 79 48 47 79 6f 46 58 58 41 74 41 57 48 46 44 72 2b 46 41 6f 64 54 79 69 42 32 72 45 50 54 7a 36 52 66 3a 6b 48 55 46 58 58 41 74 6c 6c 44 72 38 41 6f 64 54 79 69 42 32 72 45 62 32 66 Data Ascii: xecutable", "windows", "win32", "pe", "pedll"], "last_submission_date": 1728608350, "last_analysis_date": 1729213199, "last_modification_date": 1729220455, "unique_sources": 1, "ssdeep": "1536:9yHGyoFXXAtAWHFDr+FAodTyiB2rEPTz6Rf:kHUFXXAtllDr8AodTyiB2rEb2f
2024-10-24 09:44:07 UTC	484	IN	Data Raw: 5f 6e 61 6d 65 22 3a 20 22 4d 69 63 72 6f 57 6f 72 6c 64 2d 65 53 63 61 6e 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 34 2e 30 2e 34 30 39 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 43 54 58 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 54 58 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 30 32 34 2e 38 2e 32 39 2e 31 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 38 22 2c 20 22 63 61 74 65 67 6f 72 Data Ascii: _name": "MicroWorld-eScan", "engine_version": "14.0.409.0", "engine_update": "20241017", "category": "undetected", "result": null}, "CTX": {"method": "blacklist", "engine_name": "CTX", "engine_version": "2024.8.29.1", "engine_update": "20241018", "categor
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 53 6b 79 68 69 67 68 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 76 32 30 32 31 2e 32 2e 30 2b 34 30 34 35 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 4c 59 61 63 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 4c 59 61 63 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 2e 30 2e 30 2e 31 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 Data Ascii: "blacklist", "engine_name": "Skyhigh", "engine_version": "v2021.2.0+4045", "engine_update": "20241017", "category": "undetected", "result": null}, "ALYac": {"method": "blacklist", "engine_name": "ALYac", "engine_version": "2.0.0.10", "engine_update": "202
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 64 61 74 65 22 3a 20 22 32 30 32 33 31 30 32 36 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 42 61 69 64 75 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 42 61 69 64 75 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 30 2e 30 2e 32 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 31 39 30 33 31 38 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 56 69 72 49 54 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 Data Ascii: date": "20231026", "category": "undetected", "result": null}, "Baidu": {"method": "blacklist", "engine_name": "Baidu", "engine_version": "1.0.0.2", "engine_update": "20190318", "category": "undetected", "result": null}, "VirIT": {"method": "blacklist", "e
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 43 6c 61 6d 41 56 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 34 2e 31 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 47 44 61 74 61 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 47 44 61 74 61 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 41 3a 32 35 2e 33 39 30 37 34 42 3a 32 37 2e 33 37 38 35 32 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 Data Ascii: cklist", "engine_name": "ClamAV", "engine_version": "1.4.1.0", "engine_update": "20241017", "category": "undetected", "result": null}, "GData": {"method": "blacklist", "engine_name": "GData", "engine_version": "A:25.39074B:27.37852", "engine_update": "202
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 3a 20 22 32 30 32 34 2e 31 2e 30 2e 35 33 37 35 32 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 46 2d 53 65 63 75 72 65 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 46 2d 53 65 63 75 72 65 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 38 2e 31 30 2e 31 35 34 37 2e 33 30 37 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 38 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a Data Ascii: : "2024.1.0.53752", "engine_update": "20241017", "category": "undetected", "result": null}, "F-Secure": {"method": "blacklist", "engine_name": "F-Secure", "engine_version": "18.10.1547.307", "engine_update": "20241018", "category": "undetected", "result":
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 20 6e 75 6c 6c 7d 2c 20 22 53 6f 70 68 6f 73 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 53 6f 70 68 6f 73 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 32 2e 35 2e 35 2e 30 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 49 6b 61 72 75 73 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 49 6b 61 72 75 73 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 36 2e 33 2e 32 33 2e 30 22 Data Ascii: null}, "Sophos": {"method": "blacklist", "engine_name": "Sophos", "engine_version": "2.5.5.0", "engine_update": "20241017", "category": "undetected", "result": null}, "Ikarus": {"method": "blacklist", "engine_name": "Ikarus", "engine_version": "6.3.23.0"
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 4b 69 6e 67 73 6f 66 74 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 4b 69 6e 67 73 6f 66 74 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 4e 6f 6e 65 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 34 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 47 72 69 64 69 6e 73 6f 66 74 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 Data Ascii: ": "20241017", "category": "undetected", "result": null}, "Kingsoft": {"method": "blacklist", "engine_name": "Kingsoft", "engine_version": "None", "engine_update": "20241014", "category": "undetected", "result": null}, "Gridinsoft": {"method": "blacklist"
2024-10-24 09:44:07 UTC	1408	IN	Data Raw: 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 68 6e 4c 61 62 2d 56 33 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 33 2e 32 36 2e 31 2e 31 30 35 30 37 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 31 30 31 37 22 2c 20 22 63 61 74 65 67 6f 72 79 22 3a 20 22 75 6e 64 65 74 65 63 74 65 64 22 2c 20 22 72 65 73 75 6c 74 22 3a 20 6e 75 6c 6c 7d 2c 20 22 41 63 72 6f 6e 69 73 22 3a 20 7b 22 6d 65 74 68 6f 64 22 3a 20 22 62 6c 61 63 6b 6c 69 73 74 22 2c 20 22 65 6e 67 69 6e 65 5f 6e 61 6d 65 22 3a 20 22 41 63 72 6f 6e 69 73 22 2c 20 22 65 6e 67 69 6e 65 5f 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 32 2e 30 2e 31 32 31 22 2c 20 22 65 6e 67 69 6e 65 5f 75 70 64 61 74 65 22 3a 20 22 32 30 32 34 30 33 32 38 22 Data Ascii: , "engine_name": "AhnLab-V3", "engine_version": "3.26.1.10507", "engine_update": "20241017", "category": "undetected", "result": null}, "Acronis": {"method": "blacklist", "engine_name": "Acronis", "engine_version": "1.2.0.121", "engine_update": "20240328"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
149	192.168.2.16	49915	74.125.34.46	443	2972	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:44:06 UTC	945	OUT	GET /ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_urls HTTP/1.1 Host: www.virustotal.com Connection: keep-alive sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114" x-app-version: v1x308x1 X-Tool: vt-ui-main sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 content-type: application/json accept: application/json Accept-Ianguage: en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header: MTkxOTAxNDQ5NDEtWkc5dWRDQmlaU0JsZG1scy0xNzI5NzYzMDQ1LjQwMg== sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.virustotal.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: _ga=GA1.2.78030099.1729762991; _gid=GA1.2.1454910718.1729762991; _gat=1; _ga_BLNDV9X2JR=GS1.2.1729762992.1.1.1729763039.0.0.0
2024-10-24 09:44:07 UTC	880	IN	HTTP/1.1 200 OK Content-Type: application/json Vary: Accept-Encoding Set-Cookie: VT_SESSION_ID=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_ID=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_SESSION_HASH=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ Set-Cookie: VT_AUGMENT=; Domain=virustotal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ X-Cloud-Trace-Context: 9c971110d2afa904904fea98a2b477bb Date: Thu, 24 Oct 2024 09:44:07 GMT Server: Google Frontend Content-Length: 181 Expires: Thu, 24 Oct 2024 09:44:07 GMT Cache-Control: private Connection: close
2024-10-24 09:44:07 UTC	181	IN	Data Raw: 7b 22 64 61 74 61 22 3a 20 5b 5d 2c 20 22 6d 65 74 61 22 3a 20 7b 22 63 6f 75 6e 74 22 3a 20 30 7d 2c 20 22 6c 69 6e 6b 73 22 3a 20 7b 22 73 65 6c 66 22 3a 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 76 69 72 75 73 74 6f 74 61 6c 2e 63 6f 6d 2f 75 69 2f 66 69 6c 65 73 2f 63 38 39 37 32 36 64 32 37 61 32 30 38 64 38 66 61 38 65 33 35 61 30 35 63 37 66 32 33 64 62 33 37 37 31 39 35 37 31 62 39 62 64 34 66 66 37 39 37 39 65 61 65 33 65 64 63 34 62 30 37 31 66 33 2f 63 6f 6e 74 61 63 74 65 64 5f 75 72 6c 73 3f 6c 69 6d 69 74 3d 31 30 22 7d 7d Data Ascii: {"data": [], "meta": {"count": 0}, "links": {"self": "https://www.virustotal.com/ui/files/c89726d27a208d8fa8e35a05c7f23db37719571b9bd4ff7979eae3edc4b071f3/contacted_urls?limit=10"}}

Target ID:	4
Start time:	05:42:30
Start date:	24/10/2024
Path:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff7ff910000
File size:	2'450'432 bytes
MD5 hash:	B6CB00FCB81D3B66870817AEBE7163BB
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	5
Start time:	05:42:30
Start date:	24/10/2024
Path:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2056 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7ff910000
File size:	2'450'432 bytes
MD5 hash:	B6CB00FCB81D3B66870817AEBE7163BB
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	7
Start time:	05:42:32
Start date:	24/10/2024
Path:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" "http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com"
Imagebase:	0x7ff7ff910000
File size:	2'450'432 bytes
MD5 hash:	B6CB00FCB81D3B66870817AEBE7163BB
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	9
Start time:	05:42:44
Start date:	24/10/2024
Path:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7ff910000
File size:	2'450'432 bytes
MD5 hash:	B6CB00FCB81D3B66870817AEBE7163BB
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	11
Start time:	05:43:11
Start date:	24/10/2024
Path:	C:\Windows\System32\rundll32.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Imagebase:	0x7ff69a280000
File size:	71'680 bytes
MD5 hash:	EF3179D498793BF4234F708D3BE28633
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	15
Start time:	05:43:34
Start date:	24/10/2024
Path:	C:\Users\user\AppData\Local\Chromium\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-GB --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5208 --field-trial-handle=1996,i,1775928385925400890,13953614706138782368,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7ff910000
File size:	2'450'432 bytes
MD5 hash:	B6CB00FCB81D3B66870817AEBE7163BB
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may abuse various implementations of JavaScript for execution. JavaScript (JS) is a platform-independent scripting language (compiled just-in-time at runtime) commonly associated with scripts in webpages, though JS can be executed in runtime environments outside the browser.
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse rundll32.exe to proxy execution of malicious code. Using rundll32.exe, vice executing directly (i.e. Shared Modules ), may avoid triggering security tools that may not monitor execution of the rundll32.exe process because of allowlists or false positives from normal operations. Rundll32.exe is commonly associated with executing DLL payloads (ex: `rundll32.exe {DLLname, DLLfunction}` ).
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Lowering of HIPS / PFW / Operating System Security Settings

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\Downloads\96b75cd5-f570-4f95-98aa-75ac2d49a0ba.tmp

C:\Users\user\Downloads\Unconfirmed 135111.crdownload

C:\Users\user\Downloads\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe (copy)

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

DNS Queries

DNS Answers

HTTP Packets

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5632, Parent PID: 4720

General

Chronological Activities

Analysis Process: chrome.exePID: 2972, Parent PID: 5632

General

Chronological Activities

Analysis Process: chrome.exePID: 6244, Parent PID: 4720

General

Chronological Activities

Windows Analysis Report
http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com