Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://abre.ai/vfd210df

Overview

General Information

Sample URL:https://abre.ai/vfd210df
Analysis ID:1657961
Infos:

Detection

Score:1
Range:0 - 100
Confidence:80%

Signatures

Creates files inside the system directory
Deletes files inside the Windows folder
Detected suspicious crossdomain redirect

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 420 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2360,i,14913866966679879889,9602738007722573727,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2372 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6748 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://abre.ai/vfd210df" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://online.swifttech.cc/new/sc03HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.4:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.71.108.29:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.71.108.29:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 49.12.20.10:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 157.240.241.17:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.50:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.50:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.203.247:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.203.247:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: abre.ai to https://rplg.co/9379afc8?cd20csc
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.35.163
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /vfd210df HTTP/1.1Host: abre.aiConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /9379afc8?cd20csc HTTP/1.1Host: rplg.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /l?u=https%3A%2F%2Fonline.swifttech.cc%2Fnew%2Fsc03&cd20csc= HTTP/1.1Host: l.wl.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /new/sc03 HTTP/1.1Host: online.swifttech.ccConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://l.wl.co/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/styles/cf.errors.css HTTP/1.1Host: online.swifttech.ccConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://online.swifttech.cc/new/sc03Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1Host: online.swifttech.ccConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.swifttech.cc/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1Host: online.swifttech.ccConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.swifttech.cc/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1Host: online.swifttech.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: online.swifttech.ccConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.swifttech.cc/new/sc03Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1Host: online.swifttech.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: abre.ai
Source: global trafficDNS traffic detected: DNS query: rplg.co
Source: global trafficDNS traffic detected: DNS query: l.wl.co
Source: global trafficDNS traffic detected: DNS query: online.swifttech.cc
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknownHTTP traffic detected: POST /report/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEO HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 412Content-Type: application/reports+jsonOrigin: https://online.swifttech.ccUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 07 Apr 2025 02:47:39 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReferrer-Policy: same-originCache-Control: max-age=15Expires: Mon, 07 Apr 2025 02:47:54 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEO"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 92c63398d947f5f8-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=96185&min_rtt=96082&rtt_var=20326&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1262&delivery_rate=38719&cwnd=227&unsent_bytes=0&cid=da1147f6c720ca78&ts=244&x=0"
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 07 Apr 2025 02:47:40 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReferrer-Policy: same-originCache-Control: max-age=15Expires: Mon, 07 Apr 2025 02:47:55 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6ZXOgneNYPfm1YTV9XUisvJZevlD%2BqgQqCb%2Ff22PARgMDlGUOy9sYtltRyW1sRxNRzCYRp9O8mODo3lYmbunUuNXAtfeKDDj7xoChbRzEkZbMnztTHSzYSmmraTkTZD9at1Cawr"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 92c633a0cb99f569-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=96622&min_rtt=96473&rtt_var=20493&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1181&delivery_rate=38612&cwnd=227&unsent_bytes=0&cid=9d4908988f83f156&ts=245&x=0"
Source: chromecache_52.2.dr, chromecache_53.2.drString found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownHTTPS traffic detected: 142.251.40.196:443 -> 192.168.2.4:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.71.108.29:443 -> 192.168.2.4:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.71.108.29:443 -> 192.168.2.4:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 49.12.20.10:443 -> 192.168.2.4:49725 version: TLS 1.2
Source: unknownHTTPS traffic detected: 157.240.241.17:443 -> 192.168.2.4:49728 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.50:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.37.50:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.203.247:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.203.247:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir2500_893861587Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir2500_893861587Jump to behavior
Source: classification engineClassification label: clean1.win@23/12@14/8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2360,i,14913866966679879889,9602738007722573727,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2372 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://abre.ai/vfd210df"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2360,i,14913866966679879889,9602738007722573727,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2372 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1657961 URL: https://abre.ai/vfd210df Startdate: 07/04/2025 Architecture: WINDOWS Score: 1 5 chrome.exe 2 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.4, 138, 443, 49381 unknown unknown 5->13 10 chrome.exe 5->10         started        process4 dnsIp5 15 rplg.co 49.12.20.10, 443, 49725 HETZNER-ASDE Germany 10->15 17 www.google.com 142.251.40.196, 443, 49721, 49752 GOOGLEUS United States 10->17 19 6 other IPs or domains 10->19

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://abre.ai/vfd210df0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://online.swifttech.cc/cdn-cgi/images/browser-bar.png?13767556370%Avira URL Cloudsafe
https://online.swifttech.cc/favicon.ico0%Avira URL Cloudsafe
https://rplg.co/9379afc8?cd20csc0%Avira URL Cloudsafe
https://online.swifttech.cc/cdn-cgi/images/cf-no-screenshot-error.png0%Avira URL Cloudsafe
https://online.swifttech.cc/cdn-cgi/styles/cf.errors.css0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
star.c10r.facebook.com
157.240.241.17
truefalse
    		high
    a.nel.cloudflare.com
    		35.190.80.1
    		truefalse
      		high
      rplg.co
      		49.12.20.10
      		truefalse
        		unknown
        online.swifttech.cc
        		104.21.37.50
        		truefalse
          		unknown
          www.google.com
          		142.251.40.196
          		truefalse
            		high
            abre.ai
            		167.71.108.29
            		truefalse
              		unknown
              l.wl.co
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://l.wl.co/l?u=https%3A%2F%2Fonline.swifttech.cc%2Fnew%2Fsc03&cd20csc=false
                  		high
                  https://a.nel.cloudflare.com/report/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEOfalse
                    		high
                    https://online.swifttech.cc/cdn-cgi/images/browser-bar.png?1376755637false
                    • Avira URL Cloud: safe
                    		unknown
                    https://a.nel.cloudflare.com/report/v4?s=X6ZXOgneNYPfm1YTV9XUisvJZevlD%2BqgQqCb%2Ff22PARgMDlGUOy9sYtltRyW1sRxNRzCYRp9O8mODo3lYmbunUuNXAtfeKDDj7xoChbRzEkZbMnztTHSzYSmmraTkTZD9at1Cawrfalse
                      		high
                      https://online.swifttech.cc/new/sc03false
                        		unknown
                        https://online.swifttech.cc/cdn-cgi/images/cf-no-screenshot-error.pngfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://online.swifttech.cc/cdn-cgi/styles/cf.errors.cssfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://c.pki.goog/r/gsr1.crlfalse
                          		high
                          http://c.pki.goog/r/r4.crlfalse
                            		high
                            https://online.swifttech.cc/favicon.icofalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://rplg.co/9379afc8?cd20cscfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://abre.ai/vfd210dffalse
                              		unknown
                              NameSourceMaliciousAntivirus DetectionReputation
                              https://www.cloudflare.com/5xx-error-landingchromecache_52.2.dr, chromecache_53.2.drfalse
                                		high

                                World Map of Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public IPs

                                IPDomainCountryFlagASNASN NameMalicious
                                172.67.203.247
                                		unknownUnited States
                                		13335CLOUDFLARENETUSfalse
                                104.21.37.50
                                		online.swifttech.ccUnited States
                                		13335CLOUDFLARENETUSfalse
                                49.12.20.10
                                		rplg.coGermany
                                		24940HETZNER-ASDEfalse
                                157.240.241.17
                                		star.c10r.facebook.comUnited States
                                		32934FACEBOOKUSfalse
                                142.251.40.196
                                		www.google.comUnited States
                                		15169GOOGLEUSfalse
                                35.190.80.1
                                		a.nel.cloudflare.comUnited States
                                		15169GOOGLEUSfalse
                                167.71.108.29
                                		abre.aiUnited States
                                		14061DIGITALOCEAN-ASNUSfalse

                                Private

                                IP
                                192.168.2.4

                                General Information

                                Joe Sandbox version:42.0.0 Malachite
                                Analysis ID:1657961
                                Start date and time:2025-04-07 04:46:29 +02:00
                                Joe Sandbox product:CloudBasic
                                Overall analysis duration:0h 3m 4s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Cookbook file name:browseurl.jbs
                                Sample URL:https://abre.ai/vfd210df
                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                Number of analysed new started processes analysed:20
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:CLEAN
                                Classification:clean1.win@23/12@14/8
                                EGA Information:Failed
                                HCA Information:
                                • Successful, ratio: 100%
                                • Number of executed functions: 0
                                • Number of non-executed functions: 0
                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                • Excluded IPs from analysis (whitelisted): 142.250.80.14, 142.251.40.195, 172.253.115.84, 172.217.165.142, 142.251.32.110, 142.251.41.14, 23.203.176.221, 23.210.73.6, 142.250.65.174, 142.250.65.206, 142.251.35.174, 142.250.80.110, 142.250.65.227, 142.251.32.99, 184.31.69.3, 204.79.197.222, 20.12.23.50
                                • Excluded domains from analysis (whitelisted): fp.msedge.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, ocsp.digicert.com, update.googleapis.com, clients.l.google.com, c.pki.goog
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtOpenFile calls found.
                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                • VT rate limit hit for: https://abre.ai/vfd210df

                                Simulations

                                Behavior and APIs

                                No simulations

                                Joe Sandbox View / Context

                                IPs

                                No context

                                Domains

                                No context

                                ASNs

                                No context

                                JA3 Fingerprints

                                No context

                                Dropped Files

                                No context

                                Created / dropped Files

                                Chrome Cache Entry: 49

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 178 x 175, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):3213
                                Entropy (8bit):7.553565995366911
                                Encrypted:false
                                SSDEEP:96:35QRRzQqgtYCWBzmuvuLf33Pf309TxeL+vD+7SrQ9o6Br2eJk:GRRsqgOBzvcnM9TxVk9JCeJk
                                MD5:0D768CBC261841D3AFFC933B9AC3130E
                                SHA1:AFF136A4C761E1DF1ADA7E5D9A6ED0EBEA74A4B7
                                SHA-256:1C53772285052E52BB7C12AD46A85A55747ED7BF66963FE1993FCEF91FF5B0D0
                                SHA-512:CE5B1BBB8CF6B0C3D1FA146D1700DB2300ABD6F2BDBE43ECAAC6AEBC911BE6E1BCD2F8C6704A2CFA67BBB45598793DDEC017E05C2C37CE387293AAE08E7C342F
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............n.t.....PLTE..........UU.@@.33.**.$I.@@.99.33....**.''.$7.33.00.--.**.((.&&.$1....,,.**.)).''.&/.$..,,.**.)).((.''.**.)).((.''.&&.%,.$*.**.)).((.''.&&.%*.$*.)).((.&&.&*.%*.$).((.''.&&.&*.%).$(.$(.''.''.&&.%).$(.''.&&.%).%(.$(.$'.''.&&.&).%(.$'.$'.''.&&.&).%(.%(.$'.$'.&&.&&.&(.%(.%'.&&.&&.%(.%(.$'.$&.&&.&(.%(.%'.%'.$'.$&.&&.&(.%'.%'.$'.$&.&&.&(.%'.%'.$&.$&.&(.%'.%'.$&.$&.$(.%'.%'.%'.$&.$&.$(.%'.%'.%'.%&.$&.$&.$'.%'.%'.%'.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%&.%&.%&.$'.$'.$'.%'.%&.%&.%&.$'.$'.$'.$'.%&.%&.%&.$'.$'.$'.$&.%&.%&.%&.$'.$'.$'.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$&.$&.$&.%&.%'.%'.$'.$&.$&.$&.%&.%'.%'.$'.$&.$&.$&.%&.%'.%'.$&.$&.$&.$&........tRNS................................ !$%&'()*+,-./01235678:;<=>?@ABCEFHIKLMNOPQRTUVWXYZ[\]^_`adefgijklmnopqrsuvwxyz|}..................................................................................................................

                                Chrome Cache Entry: 50

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (24050)
                                Category:downloaded
                                Size (bytes):24051
                                Entropy (8bit):4.941039417164537
                                Encrypted:false
                                SSDEEP:192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk
                                MD5:5E8C69A459A691B5D1B9BE442332C87D
                                SHA1:F24DD1AD7C9080575D92A9A9A2C42620725EF836
                                SHA-256:84E3C77025ACE5AF143972B4A40FC834DCDFD4E449D4B36A57E62326F16B3091
                                SHA-512:6DB74B262D717916DE0B0B600EEAD2CC6A10E52A9E26D701FAE761FCBC931F35F251553669A92BE3B524F380F32E62AC6AD572BEA23C78965228CE9EFB92ED42
                                Malicious:false
                                Reputation:low
                                URL:https://online.swifttech.cc/cdn-cgi/styles/cf.errors.css
                                Preview:#cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapper del,#cf-wrapper details,#cf-wrapper dfn,#cf-wrapper div,#cf-wrapper dl,#cf-wrapper dt,#cf-wrapper em,#cf-wrapper embed,#cf-wrapper fieldset,#cf-wrapper figcaption,#cf-wrapper figure,#cf-wrapper footer,#cf-wrapper form,#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3,#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper header,#cf-wrapper hgroup,#cf-wrapper html,#cf-wrapper i,#cf-wrapper iframe,#cf-wrapper img,#cf-wrapper label,#cf-wrapper legend,#cf-wrapper li,#cf-wrapper mark,#cf-wrapper menu,#cf-wrapper nav,#cf-wrapper object,#cf-wrapper ol,#cf-wrapper output,#cf-wrapper p,#cf-wrapper pre,#cf-wrapper s,#cf-wrapper samp,#cf-wrapper section,#cf-wrapper small,#cf-wrapper span,#cf-wrapper strike,#cf-wrapper strong,#cf-wrapper sub,#cf-w

                                Chrome Cache Entry: 51

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 178 x 175, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):3213
                                Entropy (8bit):7.553565995366911
                                Encrypted:false
                                SSDEEP:96:35QRRzQqgtYCWBzmuvuLf33Pf309TxeL+vD+7SrQ9o6Br2eJk:GRRsqgOBzvcnM9TxVk9JCeJk
                                MD5:0D768CBC261841D3AFFC933B9AC3130E
                                SHA1:AFF136A4C761E1DF1ADA7E5D9A6ED0EBEA74A4B7
                                SHA-256:1C53772285052E52BB7C12AD46A85A55747ED7BF66963FE1993FCEF91FF5B0D0
                                SHA-512:CE5B1BBB8CF6B0C3D1FA146D1700DB2300ABD6F2BDBE43ECAAC6AEBC911BE6E1BCD2F8C6704A2CFA67BBB45598793DDEC017E05C2C37CE387293AAE08E7C342F
                                Malicious:false
                                Reputation:low
                                URL:https://online.swifttech.cc/cdn-cgi/images/cf-no-screenshot-error.png
                                Preview:.PNG........IHDR.............n.t.....PLTE..........UU.@@.33.**.$I.@@.99.33....**.''.$7.33.00.--.**.((.&&.$1....,,.**.)).''.&/.$..,,.**.)).((.''.**.)).((.''.&&.%,.$*.**.)).((.''.&&.%*.$*.)).((.&&.&*.%*.$).((.''.&&.&*.%).$(.$(.''.''.&&.%).$(.''.&&.%).%(.$(.$'.''.&&.&).%(.$'.$'.''.&&.&).%(.%(.$'.$'.&&.&&.&(.%(.%'.&&.&&.%(.%(.$'.$&.&&.&(.%(.%'.%'.$'.$&.&&.&(.%'.%'.$'.$&.&&.&(.%'.%'.$&.$&.&(.%'.%'.$&.$&.$(.%'.%'.%'.$&.$&.$(.%'.%'.%'.%&.$&.$&.$'.%'.%'.%'.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%'.%&.%&.$&.$'.$'.%'.%&.%&.%&.$'.$'.$'.%'.%&.%&.%&.$'.$'.$'.$'.%&.%&.%&.$'.$'.$'.$&.%&.%&.%&.$'.$'.$'.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$'.$&.$&.%&.%&.%'.$'.$&.$&.$&.%&.%'.%'.$'.$&.$&.$&.%&.%'.%'.$'.$&.$&.$&.%&.%'.%'.$&.$&.$&.$&........tRNS................................ !$%&'()*+,-./01235678:;<=>?@ABCEFHIKLMNOPQRTUVWXYZ[\]^_`adefgijklmnopqrsuvwxyz|}..................................................................................................................

                                Chrome Cache Entry: 52

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (394)
                                Category:downloaded
                                Size (bytes):4513
                                Entropy (8bit):5.017707516750189
                                Encrypted:false
                                SSDEEP:96:1j9jwIjYj5jDK/D5DMF+C8kcZqXKHvpIkdNxrRi9PaQxJbGD:1j9jhjYj9K/Vo+nkhaHvFdNxrQ9ieJGD
                                MD5:184193C68A1F0D8CCB853A56C1778205
                                SHA1:247CB0A115799E1AB7C9CF71BB5C0B5C203078EE
                                SHA-256:0C4FB3F96867533B5AF5F18B68B17BE3A8F3E60666409A71A32E50F5A26AEBA8
                                SHA-512:A8EFFC6774DA81EC4483A24B12703E57EDE55DE0970A5B288434305BC7AB7FA5000EEFF2AD2994D3777570280B53E5115FD69218B6BBDE4C0BDA9ECB641CF907
                                Malicious:false
                                Reputation:low
                                URL:https://online.swifttech.cc/new/sc03
                                Preview:<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Attention Required! | Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded', f

                                Chrome Cache Entry: 53

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (394)
                                Category:downloaded
                                Size (bytes):4513
                                Entropy (8bit):5.016685713764649
                                Encrypted:false
                                SSDEEP:96:1j9jwIjYj5jDK/D5DMF+C8kcZqXKHvpIkdN/rRi9PaQxJbGD:1j9jhjYj9K/Vo+nkhaHvFdN/rQ9ieJGD
                                MD5:58A46EF30172E87109E8A0535E5AAD8B
                                SHA1:4FC46BE45655D979A85FB35A4A230B69B00E8A4E
                                SHA-256:E707F3C4C10455FD4AE3E5EDA61AF582714904913E87BDA48000E5323D8C938F
                                SHA-512:EED0E24C5FBA518FE524A05706F9DA5AA131EE16095C9B405634B742E8C58B7CFCC7E92210A322BDD6BD44FB224A3664C5AFA5B8CC900EDDD737FDF4899CBC47
                                Malicious:false
                                Reputation:low
                                URL:https://online.swifttech.cc/favicon.ico
                                Preview:<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Attention Required! | Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded', f

                                Chrome Cache Entry: 54

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 960 x 53, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):715
                                Entropy (8bit):7.3533249502413565
                                Encrypted:false
                                SSDEEP:12:6v/7et+/37c7jvBjLg+UnhdeNdLI4dACGHJovQpMZP5ajgj7xbKwkRR/:Lu490+NdcCqJlpMZxajnwCR/
                                MD5:226DCB8F6144BDAAFDFBD8F2F354BE64
                                SHA1:3785CC5B3BF52F8E398177B0FF1020B24AA86B8C
                                SHA-256:8C873472F4925D5D47521DB4D52532D2983E9CB1BDE8B43143A6CC6DB56C35DB
                                SHA-512:ED898B12C4895F7ACEAAB443C1071E6376DB71B4DFDBD769F5F3BE71D562438A18B5E5DC36DD7CC610926E380603A894B2E81DF4302680C736A412BFD3360D3A
                                Malicious:false
                                Reputation:low
                                URL:https://online.swifttech.cc/cdn-cgi/images/browser-bar.png?1376755637
                                Preview:.PNG........IHDR.......5.......r....]PLTE........................................................................................9W)....tRNS...u... ........IDATx....n.0....#.......?.f....I.B..g........O...hW...Y^.<..v..E..."....@D;u.#.h....WD.u...nq..vL...J?T.(D..&JtZ`&.....e..!.'m..5..$p.$..k`....+wCk.N=..(<....[.I.O4&.56..kR..O0.H`...%.b.Q........D..X...L.D..(.bT..... ..b+5I.+....W^. .....Y.....L.Ob.&26..IR.$0.y.^6*/..D..X.0_`..s.}..+S.. ..../D......I...ew..Qh.Nn......u.t0k.fX..b.&.!.\..I.cf..RgKC+2.M....6.)o. ..`c..M....../a.&....".Q.....uU.]@....j.......O.'......."....t....d...?z..p.q.Y.C...&0...a.C...&0...a.C...&0...a.C...&0...a.C...&0...a.C...&0...a/..Y.x.I....IEND.B`.

                                Chrome Cache Entry: 55

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 960 x 53, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):715
                                Entropy (8bit):7.3533249502413565
                                Encrypted:false
                                SSDEEP:12:6v/7et+/37c7jvBjLg+UnhdeNdLI4dACGHJovQpMZP5ajgj7xbKwkRR/:Lu490+NdcCqJlpMZxajnwCR/
                                MD5:226DCB8F6144BDAAFDFBD8F2F354BE64
                                SHA1:3785CC5B3BF52F8E398177B0FF1020B24AA86B8C
                                SHA-256:8C873472F4925D5D47521DB4D52532D2983E9CB1BDE8B43143A6CC6DB56C35DB
                                SHA-512:ED898B12C4895F7ACEAAB443C1071E6376DB71B4DFDBD769F5F3BE71D562438A18B5E5DC36DD7CC610926E380603A894B2E81DF4302680C736A412BFD3360D3A
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.......5.......r....]PLTE........................................................................................9W)....tRNS...u... ........IDATx....n.0....#.......?.f....I.B..g........O...hW...Y^.<..v..E..."....@D;u.#.h....WD.u...nq..vL...J?T.(D..&JtZ`&.....e..!.'m..5..$p.$..k`....+wCk.N=..(<....[.I.O4&.56..kR..O0.H`...%.b.Q........D..X...L.D..(.bT..... ..b+5I.+....W^. .....Y.....L.Ob.&26..IR.$0.y.^6*/..D..X.0_`..s.}..+S.. ..../D......I...ew..Qh.Nn......u.t0k.fX..b.&.!.\..I.cf..RgKC+2.M....6.)o. ..`c..M....../a.&....".Q.....uU.]@....j.......O.'......."....t....d...?z..p.q.Y.C...&0...a.C...&0...a.C...&0...a.C...&0...a.C...&0...a.C...&0...a/..Y.x.I....IEND.B`.

                                Static File Info

                                No static file info

                                Network Behavior

                                Download Network PCAP: filteredfull

                                Network Port Distribution

                                • Total Packets: 196
                                • 443 (HTTPS)
                                • 80 (HTTP)
                                • 53 (DNS)
                                TimestampSource PortDest PortSource IPDest IP
                                Apr 7, 2025 04:47:22.394238949 CEST4968180192.168.2.42.17.190.73
                                Apr 7, 2025 04:47:29.421189070 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:29.790704012 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:30.503140926 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:31.802248001 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:32.003546953 CEST4968180192.168.2.42.17.190.73
                                Apr 7, 2025 04:47:33.634721994 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:33.634819984 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:33.634902000 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:33.635057926 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:33.635082960 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:33.839122057 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:33.839329958 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:33.840415001 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:33.840437889 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:33.840842962 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:33.894212008 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:34.210827112 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:35.598304033 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.598376989 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.598454952 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.598656893 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.598690987 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.615119934 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.615142107 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.615268946 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.615571976 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.615597963 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.852986097 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.853193045 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.854743958 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.854758024 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.854998112 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.855024099 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.855087042 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.856086969 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.856097937 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.856350899 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:35.856410980 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.896190882 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:35.900295973 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:36.098443985 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:36.098539114 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:36.098767042 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:36.099009037 CEST49723443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:47:36.099033117 CEST44349723167.71.108.29192.168.2.4
                                Apr 7, 2025 04:47:36.228300095 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.228365898 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:36.228550911 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.228888035 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.228921890 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:36.607480049 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:36.607608080 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.633521080 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.633555889 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:36.633821964 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:36.634974003 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:36.680316925 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:38.165884972 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:38.473985910 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:38.501410961 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:38.501595974 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:38.504302979 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:38.504347086 CEST4434972549.12.20.10192.168.2.4
                                Apr 7, 2025 04:47:38.504383087 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:38.504448891 CEST49725443192.168.2.449.12.20.10
                                Apr 7, 2025 04:47:38.625258923 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.625343084 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:38.625479937 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.628307104 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.628345013 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:38.826385975 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:38.826564074 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.832246065 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.832277060 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:38.832510948 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:38.834496021 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:38.876292944 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.022221088 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:39.046000957 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.046071053 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:39.046082020 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.046092987 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.046138048 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:39.046159983 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.046248913 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.046308994 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:39.047295094 CEST49728443192.168.2.4157.240.241.17
                                Apr 7, 2025 04:47:39.047332048 CEST44349728157.240.241.17192.168.2.4
                                Apr 7, 2025 04:47:39.086874962 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:39.272402048 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.272470951 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.272542953 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.272804022 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.272841930 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.272903919 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.272986889 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.273025990 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.273200035 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.273245096 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.476910114 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.477008104 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.477060080 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.477121115 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.478552103 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.478601933 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.478818893 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.478830099 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.478878975 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.479074955 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.479161024 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.519037008 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.520323992 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711684942 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711726904 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711757898 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711780071 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.711785078 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711839914 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711875916 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.711921930 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.711971998 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.714617968 CEST49731443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.714663982 CEST44349731104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.769968987 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.811918974 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:39.811956882 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:39.812010050 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:39.812284946 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.812655926 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:39.812668085 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:39.868891954 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.868943930 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.868978977 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.868995905 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869009972 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869024038 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869057894 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869083881 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869113922 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869131088 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869154930 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869224072 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869374037 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869432926 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869462013 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869481087 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869497061 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.869554043 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.869893074 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870230913 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870254993 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870279074 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.870292902 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870342016 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.870354891 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870837927 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870881081 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.870893002 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870912075 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.870964050 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.871284008 CEST49730443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.871310949 CEST44349730104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.880088091 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.880184889 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.880283117 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.880542040 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.880640984 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.880706072 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.880909920 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.880948067 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:39.881108999 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:39.881159067 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.019712925 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.019984007 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.020741940 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.020754099 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.020982981 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.021250963 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.068284988 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.095226049 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.095298052 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.095685005 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.095688105 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.095727921 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.095752001 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.095927000 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.095928907 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.095941067 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.095941067 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.237170935 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.237236977 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.238043070 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238051891 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238070965 CEST4434973235.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.238101959 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238121986 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.238198996 CEST49732443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238218069 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238524914 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.238578081 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.298904896 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:40.334162951 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.334204912 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.334243059 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.334287882 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.334784031 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.338241100 CEST49735443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.338264942 CEST44349735104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.429394960 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.429757118 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.429757118 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.429809093 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.429835081 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.451818943 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.451900005 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.452028036 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.452116966 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.452138901 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.526736021 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.526855946 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.527017117 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.527662992 CEST49734443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.527687073 CEST44349734104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.541872025 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.541937113 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.542251110 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.543042898 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.543070078 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.563410997 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.563446045 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.566349030 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.569545031 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.569562912 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.650051117 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.650162935 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.650346994 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.650366068 CEST4434973735.190.80.1192.168.2.4
                                Apr 7, 2025 04:47:40.650393963 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.650424004 CEST49737443192.168.2.435.190.80.1
                                Apr 7, 2025 04:47:40.652437925 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.652837992 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.652935982 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.652949095 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.653183937 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.653455019 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.696317911 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.742861986 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.747387886 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.747422934 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.747955084 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.747965097 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.778805017 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.778914928 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.780298948 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.780304909 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.780698061 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.781501055 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.828270912 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888062954 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888120890 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888153076 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888185978 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.888226032 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888338089 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.888463974 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.890958071 CEST49738443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:40.890980959 CEST44349738172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:40.983138084 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.983191967 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.983222961 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.983253956 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.983279943 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.983300924 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.983350992 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:40.983385086 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:40.984323978 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:41.015645981 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:41.015796900 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:41.015878916 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:41.234268904 CEST49740443192.168.2.4172.67.203.247
                                Apr 7, 2025 04:47:41.234294891 CEST44349740172.67.203.247192.168.2.4
                                Apr 7, 2025 04:47:41.236440897 CEST49739443192.168.2.4104.21.37.50
                                Apr 7, 2025 04:47:41.236515999 CEST44349739104.21.37.50192.168.2.4
                                Apr 7, 2025 04:47:41.376296997 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.377031088 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.377094984 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.476726055 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.477379084 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.477500916 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.478708029 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.478744030 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.478807926 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.479998112 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.482316017 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.482357025 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.482388973 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.482420921 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.486149073 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.579467058 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.586934090 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.590430975 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.590466976 CEST44349709131.253.33.254192.168.2.4
                                Apr 7, 2025 04:47:41.590493917 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.590528011 CEST49709443192.168.2.4131.253.33.254
                                Apr 7, 2025 04:47:41.752924919 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:47:41.846898079 CEST8049745142.251.35.163192.168.2.4
                                Apr 7, 2025 04:47:41.846972942 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:47:41.847081900 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:47:41.944117069 CEST8049745142.251.35.163192.168.2.4
                                Apr 7, 2025 04:47:41.944653988 CEST8049745142.251.35.163192.168.2.4
                                Apr 7, 2025 04:47:41.950083017 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:47:42.044323921 CEST8049745142.251.35.163192.168.2.4
                                Apr 7, 2025 04:47:42.096420050 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:47:42.706700087 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:43.831105947 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:43.831150055 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:43.831372976 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:44.317452908 CEST49721443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:47:44.317488909 CEST44349721142.251.40.196192.168.2.4
                                Apr 7, 2025 04:47:47.520462990 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:47:48.628237009 CEST49671443192.168.2.4204.79.197.203
                                Apr 7, 2025 04:47:57.134258032 CEST49678443192.168.2.420.189.173.27
                                Apr 7, 2025 04:48:20.863153934 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:48:20.863209963 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:48:33.598325014 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:33.598375082 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:33.598475933 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:33.598638058 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:33.598654032 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:33.800848007 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:33.801249981 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:33.801264048 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:35.810750008 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:48:35.810827971 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:48:35.811000109 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:48:36.317280054 CEST49724443192.168.2.4167.71.108.29
                                Apr 7, 2025 04:48:36.317322016 CEST44349724167.71.108.29192.168.2.4
                                Apr 7, 2025 04:48:39.723666906 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:39.723712921 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:39.723810911 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:39.723984957 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:39.723998070 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:39.918147087 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:39.918422937 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:39.918446064 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:39.918586969 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:39.918600082 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.140383959 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.140469074 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.140522957 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.140729904 CEST49755443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.140739918 CEST4434975535.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.141504049 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.141518116 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.141590118 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.141747952 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.141762972 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.335710049 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.335948944 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.335978031 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.336097002 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.336103916 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.560381889 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.560452938 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:40.560511112 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.560714006 CEST49756443192.168.2.435.190.80.1
                                Apr 7, 2025 04:48:40.560728073 CEST4434975635.190.80.1192.168.2.4
                                Apr 7, 2025 04:48:42.346810102 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:48:42.442653894 CEST8049745142.251.35.163192.168.2.4
                                Apr 7, 2025 04:48:42.442725897 CEST4974580192.168.2.4142.251.35.163
                                Apr 7, 2025 04:48:43.819634914 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:43.819761992 CEST44349752142.251.40.196192.168.2.4
                                Apr 7, 2025 04:48:43.819838047 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:44.317240953 CEST49752443192.168.2.4142.251.40.196
                                Apr 7, 2025 04:48:44.317286968 CEST44349752142.251.40.196192.168.2.4
                                TimestampSource PortDest PortSource IPDest IP
                                Apr 7, 2025 04:47:30.370759964 CEST53594501.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:30.388322115 CEST53521391.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:31.119568110 CEST53581451.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:33.535815001 CEST6121953192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:33.535979986 CEST4938153192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:33.633383989 CEST53612191.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:33.633780003 CEST53493811.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:35.426378965 CEST5272953192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:35.426624060 CEST6382853192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:35.532852888 CEST53638281.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:35.597568989 CEST53527291.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:36.102359056 CEST5743353192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:36.102514982 CEST5868153192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:36.202363968 CEST53586811.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:36.227699995 CEST53574331.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:38.506372929 CEST5930453192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:38.506638050 CEST6534653192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:38.608432055 CEST53653461.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:38.621759892 CEST53593041.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:39.142601967 CEST5779153192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:39.143109083 CEST5778153192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:39.252405882 CEST53577911.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:39.271502018 CEST53577811.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:39.713474989 CEST6341653192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:39.713635921 CEST5220453192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:39.810818911 CEST53634161.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:39.811139107 CEST53522041.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:40.340409994 CEST5241253192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:40.342241049 CEST5512553192.168.2.41.1.1.1
                                Apr 7, 2025 04:47:40.443789959 CEST53551251.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:40.451361895 CEST53524121.1.1.1192.168.2.4
                                Apr 7, 2025 04:47:48.202172041 CEST53519961.1.1.1192.168.2.4
                                Apr 7, 2025 04:48:07.243465900 CEST53617241.1.1.1192.168.2.4
                                Apr 7, 2025 04:48:29.714643955 CEST53547931.1.1.1192.168.2.4
                                Apr 7, 2025 04:48:29.719263077 CEST53519041.1.1.1192.168.2.4
                                Apr 7, 2025 04:48:31.994573116 CEST53526091.1.1.1192.168.2.4
                                Apr 7, 2025 04:48:37.586999893 CEST138138192.168.2.4192.168.2.255

                                DNS Queries

                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Apr 7, 2025 04:47:33.535815001 CEST192.168.2.41.1.1.10x3eefStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:33.535979986 CEST192.168.2.41.1.1.10xf859Standard query (0)www.google.com65IN (0x0001)false
                                Apr 7, 2025 04:47:35.426378965 CEST192.168.2.41.1.1.10xf052Standard query (0)abre.aiA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:35.426624060 CEST192.168.2.41.1.1.10x7a04Standard query (0)abre.ai65IN (0x0001)false
                                Apr 7, 2025 04:47:36.102359056 CEST192.168.2.41.1.1.10xa318Standard query (0)rplg.coA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:36.102514982 CEST192.168.2.41.1.1.10x9c47Standard query (0)rplg.co65IN (0x0001)false
                                Apr 7, 2025 04:47:38.506372929 CEST192.168.2.41.1.1.10xfd50Standard query (0)l.wl.coA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:38.506638050 CEST192.168.2.41.1.1.10x64b7Standard query (0)l.wl.co65IN (0x0001)false
                                Apr 7, 2025 04:47:39.142601967 CEST192.168.2.41.1.1.10x399cStandard query (0)online.swifttech.ccA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:39.143109083 CEST192.168.2.41.1.1.10xd51dStandard query (0)online.swifttech.cc65IN (0x0001)false
                                Apr 7, 2025 04:47:39.713474989 CEST192.168.2.41.1.1.10x92a7Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:39.713635921 CEST192.168.2.41.1.1.10xa284Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                                Apr 7, 2025 04:47:40.340409994 CEST192.168.2.41.1.1.10xe089Standard query (0)online.swifttech.ccA (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:40.342241049 CEST192.168.2.41.1.1.10x4a1Standard query (0)online.swifttech.cc65IN (0x0001)false

                                DNS Answers

                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Apr 7, 2025 04:47:33.633383989 CEST1.1.1.1192.168.2.40x3eefNo error (0)www.google.com142.251.40.196A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:33.633780003 CEST1.1.1.1192.168.2.40xf859No error (0)www.google.com65IN (0x0001)false
                                Apr 7, 2025 04:47:35.597568989 CEST1.1.1.1192.168.2.40xf052No error (0)abre.ai167.71.108.29A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:36.227699995 CEST1.1.1.1192.168.2.40xa318No error (0)rplg.co49.12.20.10A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:38.608432055 CEST1.1.1.1192.168.2.40x64b7No error (0)l.wl.costar.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                Apr 7, 2025 04:47:38.608432055 CEST1.1.1.1192.168.2.40x64b7No error (0)star.c10r.facebook.com65IN (0x0001)false
                                Apr 7, 2025 04:47:38.608432055 CEST1.1.1.1192.168.2.40x64b7No error (0)star.c10r.facebook.com65IN (0x0001)false
                                Apr 7, 2025 04:47:38.621759892 CEST1.1.1.1192.168.2.40xfd50No error (0)l.wl.costar.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                Apr 7, 2025 04:47:38.621759892 CEST1.1.1.1192.168.2.40xfd50No error (0)star.c10r.facebook.com157.240.241.17A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:39.252405882 CEST1.1.1.1192.168.2.40x399cNo error (0)online.swifttech.cc104.21.37.50A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:39.252405882 CEST1.1.1.1192.168.2.40x399cNo error (0)online.swifttech.cc172.67.203.247A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:39.271502018 CEST1.1.1.1192.168.2.40xd51dNo error (0)online.swifttech.cc65IN (0x0001)false
                                Apr 7, 2025 04:47:39.810818911 CEST1.1.1.1192.168.2.40x92a7No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:40.443789959 CEST1.1.1.1192.168.2.40x4a1No error (0)online.swifttech.cc65IN (0x0001)false
                                Apr 7, 2025 04:47:40.451361895 CEST1.1.1.1192.168.2.40xe089No error (0)online.swifttech.cc172.67.203.247A (IP address)IN (0x0001)false
                                Apr 7, 2025 04:47:40.451361895 CEST1.1.1.1192.168.2.40xe089No error (0)online.swifttech.cc104.21.37.50A (IP address)IN (0x0001)false

                                HTTP Request Dependency Graph

                                • abre.ai
                                • rplg.co
                                • l.wl.co
                                  • online.swifttech.cc
                                • a.nel.cloudflare.com
                                • c.pki.goog

                                HTTP Packets

                                Session IDSource IPSource PortDestination IPDestination Port
                                0192.168.2.449745142.251.35.16380
                                TimestampBytes transferredDirectionData
                                Apr 7, 2025 04:47:41.847081900 CEST202OUTGET /r/gsr1.crl HTTP/1.1
                                Cache-Control: max-age = 3000
                                Connection: Keep-Alive
                                Accept: */*
                                If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMT
                                User-Agent: Microsoft-CryptoAPI/10.0
                                Host: c.pki.goog
                                Apr 7, 2025 04:47:41.944653988 CEST223INHTTP/1.1 304 Not Modified
                                Date: Mon, 07 Apr 2025 02:12:01 GMT
                                Expires: Mon, 07 Apr 2025 03:02:01 GMT
                                Age: 2140
                                Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
                                Cache-Control: public, max-age=3000
                                Vary: Accept-Encoding
                                Apr 7, 2025 04:47:41.950083017 CEST200OUTGET /r/r4.crl HTTP/1.1
                                Cache-Control: max-age = 3000
                                Connection: Keep-Alive
                                Accept: */*
                                If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
                                User-Agent: Microsoft-CryptoAPI/10.0
                                Host: c.pki.goog
                                Apr 7, 2025 04:47:42.044323921 CEST1243INHTTP/1.1 200 OK
                                Accept-Ranges: bytes
                                Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
                                Cross-Origin-Resource-Policy: cross-origin
                                Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
                                Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
                                Content-Length: 530
                                X-Content-Type-Options: nosniff
                                Server: sffe
                                X-XSS-Protection: 0
                                Date: Mon, 07 Apr 2025 02:08:03 GMT
                                Expires: Mon, 07 Apr 2025 02:58:03 GMT
                                Cache-Control: public, max-age=3000
                                Age: 2378
                                Last-Modified: Thu, 03 Apr 2025 14:18:00 GMT
                                Content-Type: application/pkix-crl
                                Vary: Accept-Encoding
                                Data Raw: 30 82 02 0e 30 82 01 93 02 01 01 30 0a 06 08 2a 86 48 ce 3d 04 03 03 30 47 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 22 30 20 06 03 55 04 0a 13 19 47 6f 6f 67 6c 65 20 54 72 75 73 74 20 53 65 72 76 69 63 65 73 20 4c 4c 43 31 14 30 12 06 03 55 04 03 13 0b 47 54 53 20 52 6f 6f 74 20 52 34 17 0d 32 35 30 34 30 33 30 38 30 30 30 30 5a 17 0d 32 36 30 32 32 38 30 37 35 39 35 39 5a 30 81 e9 30 2f 02 10 6e 47 a9 ce 4f 46 c2 3d e2 49 ea cc 38 94 53 73 17 0d 31 39 30 39 33 30 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 01 f0 9c 5b 70 05 a6 dc 86 e2 f9 9e f3 17 0d 32 30 30 31 33 31 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 01 fe a5 81 44 7e 3b fd 3b b8 1c 24 98 17 0d 32 33 30 36 31 33 30 30 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 02 16 68 25 e1 70 04 40 61 24 91 f5 40 17 0d 32 35 30 34 30 33 30 38 30 30 30 30 5a 30 0c 30 0a 06 03 55 1d 15 04 03 0a 01 05 30 2c 02 0d 02 00 8e b2 58 e7 b5 94 0c 1f f9 00 44 17 0d 32 35 30 [TRUNCATED]
                                Data Ascii: 000*H=0G10UUS1"0 UGoogle Trust Services LLC10UGTS Root R4250403080000Z260228075959Z00/nGOF=I8Ss190930000000Z00U0,[p200131000000Z00U0,D~;;$230613000000Z00U0,h%p@a$@250403080000Z00U0,XD250403080000Z00U/0-0U0U#0LtI6>j0*H=i0f1>2en:IN@g=;bQZ~`NX1?^4y[$\4{;$zDeU6O


                                HTTPS Proxied Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.449723167.71.108.29443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:35 UTC665OUTGET /vfd210df HTTP/1.1
                                Host: abre.ai
                                Connection: keep-alive
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-User: ?1
                                Sec-Fetch-Dest: document
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:36 UTC695INHTTP/1.1 302 Found
                                Server: nginx/1.19.2
                                Date: Mon, 07 Apr 2025 02:47:36 GMT
                                Content-Type: text/html; charset=utf-8
                                Transfer-Encoding: chunked
                                Connection: close
                                X-Frame-Options: SAMEORIGIN
                                X-XSS-Protection: 1; mode=block
                                X-Content-Type-Options: nosniff
                                X-Download-Options: noopen
                                X-Permitted-Cross-Domain-Policies: none
                                Referrer-Policy: strict-origin-when-cross-origin
                                Location: https://rplg.co/9379afc8?cd20csc
                                Content-Language: en
                                Cache-Control: no-cache
                                Content-Security-Policy: script-src 'self' https: 'unsafe-inline' *.fontawesome.com
                                X-Request-Id: 547f32e0-a43e-4201-8fb7-ba5a316a32e7
                                X-Runtime: 0.055501
                                Strict-Transport-Security: max-age=63072000; includeSubDomains
                                2025-04-07 02:47:36 UTC109INData Raw: 36 32 0d 0a 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 72 70 6c 67 2e 63 6f 2f 39 33 37 39 61 66 63 38 3f 63 64 32 30 63 73 63 22 3e 72 65 64 69 72 65 63 74 65 64 3c 2f 61 3e 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                Data Ascii: 62<html><body>You are being <a href="https://rplg.co/9379afc8?cd20csc">redirected</a>.</body></html>0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.44972549.12.20.10443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:36 UTC673OUTGET /9379afc8?cd20csc HTTP/1.1
                                Host: rplg.co
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-User: ?1
                                Sec-Fetch-Dest: document
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:38 UTC270INHTTP/1.1 307 Temporary Redirect
                                Date: Mon, 07 Apr 2025 02:47:38 GMT
                                Transfer-Encoding: chunked
                                Connection: close
                                location: https://l.wl.co/l?u=https%3A%2F%2Fonline.swifttech.cc%2Fnew%2Fsc03&cd20csc=
                                Strict-Transport-Security: max-age=15724800; includeSubDomains
                                2025-04-07 02:47:38 UTC81INData Raw: 34 62 0d 0a 68 74 74 70 73 3a 2f 2f 6c 2e 77 6c 2e 63 6f 2f 6c 3f 75 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 6e 6c 69 6e 65 2e 73 77 69 66 74 74 65 63 68 2e 63 63 25 32 46 6e 65 77 25 32 46 73 63 30 33 26 63 64 32 30 63 73 63 3d 0d 0a
                                Data Ascii: 4bhttps://l.wl.co/l?u=https%3A%2F%2Fonline.swifttech.cc%2Fnew%2Fsc03&cd20csc=
                                2025-04-07 02:47:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                2192.168.2.449728157.240.241.17443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:38 UTC716OUTGET /l?u=https%3A%2F%2Fonline.swifttech.cc%2Fnew%2Fsc03&cd20csc= HTTP/1.1
                                Host: l.wl.co
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-User: ?1
                                Sec-Fetch-Dest: document
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:39 UTC1753INHTTP/1.1 200 OK
                                Vary: Accept-Encoding
                                refresh: 1;URL=https://online.swifttech.cc/new/sc03
                                referrer-policy: origin
                                x-robots-tag: noindex, nofollow
                                reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
                                report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
                                content-security-policy: default-src 'self' blob: https://*.wl.co https://*.fbcdn.net;script-src 'self' 'nonce-M5g1xL4u' data: blob: https://*.wl.co https://*.fbcdn.net;style-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;connect-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;font-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;img-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;media-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;child-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;frame-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;manifest-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;object-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;worker-src 'self' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests;
                                document-policy: force-load-at-top
                                2025-04-07 02:47:39 UTC1668INData Raw: 70 65 72 6d 69 73 73 69 6f 6e 73 2d 70 6f 6c 69 63 79 3a 20 61 63 63 65 6c 65 72 6f 6d 65 74 65 72 3d 28 29 2c 20 61 74 74 72 69 62 75 74 69 6f 6e 2d 72 65 70 6f 72 74 69 6e 67 3d 28 29 2c 20 61 75 74 6f 70 6c 61 79 3d 28 29 2c 20 62 6c 75 65 74 6f 6f 74 68 3d 28 29 2c 20 63 61 6d 65 72 61 3d 28 29 2c 20 63 68 2d 64 65 76 69 63 65 2d 6d 65 6d 6f 72 79 3d 28 29 2c 20 63 68 2d 64 6f 77 6e 6c 69 6e 6b 3d 28 29 2c 20 63 68 2d 64 70 72 3d 28 29 2c 20 63 68 2d 65 63 74 3d 28 29 2c 20 63 68 2d 72 74 74 3d 28 29 2c 20 63 68 2d 73 61 76 65 2d 64 61 74 61 3d 28 29 2c 20 63 68 2d 75 61 2d 61 72 63 68 3d 28 29 2c 20 63 68 2d 75 61 2d 62 69 74 6e 65 73 73 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72 74 2d 68 65 69 67 68 74 3d 28 29 2c 20 63 68 2d 76 69 65 77 70 6f 72
                                Data Ascii: permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewpor
                                2025-04-07 02:47:39 UTC4INData Raw: 65 37 0d 0a
                                Data Ascii: e7
                                2025-04-07 02:47:39 UTC238INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 20 2f 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 4d 35 67 31 78 4c 34 75 22 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 5c 2f 5c 2f 6f 6e 6c 69 6e 65 2e 73 77 69 66 74 74 65 63 68 2e 63 63 5c 2f 6e 65 77 5c 2f 73 63 30 33 22 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                Data Ascii: <html><head><meta charset="utf-8" /><meta name="referrer" content="origin" /></head><body><script type="text/javascript" nonce="M5g1xL4u">document.location.replace("https:\/\/online.swifttech.cc\/new\/sc03");</script></body></html>0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                3192.168.2.449731104.21.37.50443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:39 UTC690OUTGET /new/sc03 HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                sec-ch-ua-platform: "Windows"
                                Upgrade-Insecure-Requests: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: navigate
                                Sec-Fetch-Dest: document
                                Referer: https://l.wl.co/
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:39 UTC901INHTTP/1.1 403 Forbidden
                                Date: Mon, 07 Apr 2025 02:47:39 GMT
                                Content-Type: text/html; charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                X-Frame-Options: SAMEORIGIN
                                Referrer-Policy: same-origin
                                Cache-Control: max-age=15
                                Expires: Mon, 07 Apr 2025 02:47:54 GMT
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEO"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 92c63398d947f5f8-EWR
                                alt-svc: h3=":443"; ma=86400
                                server-timing: cfL4;desc="?proto=TCP&rtt=96185&min_rtt=96082&rtt_var=20326&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1262&delivery_rate=38719&cwnd=227&unsent_bytes=0&cid=da1147f6c720ca78&ts=244&x=0"
                                2025-04-07 02:47:39 UTC468INData Raw: 31 31 61 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20
                                Data Ascii: 11a1<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
                                2025-04-07 02:47:39 UTC1369INData Raw: 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 63 66 5f 73 74 79 6c 65 73 2d 63 73 73 22 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 63
                                Data Ascii: /><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="robots" content="noindex, nofollow" /><meta name="viewport" content="width=device-width,initial-scale=1" /><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.c
                                2025-04-07 02:47:39 UTC1369INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 6e 6f 2d 73 63 72 65 65 6e 73 68 6f 74 20 65 72 72 6f 72 22 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 72 20 2d 2d 3e 0a 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 73 65 63 74 69 6f 6e 20 63 66 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 63 6f 6c 75 6d 6e 73 20 74 77 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63
                                Data Ascii: <span class="cf-no-screenshot error"></span> </div> </div> </div>... /.captcha-container --> <div class="cf-section cf-wrapper"> <div class="cf-columns two"> <div c
                                2025-04-07 02:47:39 UTC1315INData Raw: 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 43 6c 6f 75 64 66 6c 61 72 65 20 52 61 79 20 49 44 3a 20 3c 73 74 72 6f 6e 67 20 63 6c 61 73 73 3d 22 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 22 3e 39 32 63 36 33 33 39 38 64 39 34 37 66 35 66 38 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 2d 69 70 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 68 69 64 64 65 6e 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 0a 20 20 20 20 20 20 59 6f 75 72 20 49 50 3a 0a 20 20 20
                                Data Ascii: ck sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">92c63398d947f5f8</strong></span> <span class="cf-footer-separator sm:hidden">&bull;</span> <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1"> Your IP:
                                2025-04-07 02:47:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                4192.168.2.449730104.21.37.50443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:39 UTC580OUTGET /cdn-cgi/styles/cf.errors.css HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                sec-ch-ua-platform: "Windows"
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                Accept: text/css,*/*;q=0.1
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: style
                                Referer: https://online.swifttech.cc/new/sc03
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:39 UTC411INHTTP/1.1 200 OK
                                Date: Mon, 07 Apr 2025 02:47:39 GMT
                                Content-Type: text/css
                                Content-Length: 24051
                                Connection: close
                                Last-Modified: Mon, 31 Mar 2025 18:01:59 GMT
                                ETag: "67ead897-5df3"
                                Server: cloudflare
                                CF-RAY: 92c63399da62ef9f-EWR
                                X-Frame-Options: DENY
                                X-Content-Type-Options: nosniff
                                Expires: Mon, 07 Apr 2025 04:47:39 GMT
                                Cache-Control: max-age=7200
                                Cache-Control: public
                                Accept-Ranges: bytes
                                2025-04-07 02:47:39 UTC958INData Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70
                                Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
                                2025-04-07 02:47:39 UTC1369INData Raw: 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 61 62 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 66 6f 6f 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 65 61 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f
                                Data Ascii: e,#cf-wrapper strong,#cf-wrapper sub,#cf-wrapper summary,#cf-wrapper sup,#cf-wrapper table,#cf-wrapper tbody,#cf-wrapper td,#cf-wrapper tfoot,#cf-wrapper th,#cf-wrapper thead,#cf-wrapper tr,#cf-wrapper tt,#cf-wrapper u,#cf-wrapper ul{margin:0;padding:0;bo
                                2025-04-07 02:47:39 UTC1369INData Raw: 31 2e 35 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 6e 6f 72 6d 61 6c 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 36 2c 31 33 39 2c 33 31 2c 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 65 6d
                                Data Ascii: 1.5!important;text-decoration:none!important;letter-spacing:normal;-webkit-tap-highlight-color:rgba(246,139,31,.3);-webkit-font-smoothing:antialiased}#cf-wrapper .cf-section,#cf-wrapper section{background:0 0;display:block;margin-bottom:2em;margin-top:2em
                                2025-04-07 02:47:39 UTC1369INData Raw: 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 77 6f 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 32 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69
                                Data Ascii: ld(2n),#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.four>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.two>.cf-column:nth-child(2n){padding-left:22.5px;padding-right:0}#cf-wrapper .cf-columns.cols-2>.cf-column:nth-chi
                                2025-04-07 02:47:39 UTC1369INData Raw: 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 31 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73
                                Data Ascii: ),#cf-wrapper .cf-columns.four>.cf-column:nth-child(odd){clear:none}#cf-wrapper .cf-columns.cols-4>.cf-column:first-child,#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+1),#cf-wrapper .cf-columns.four>.cf-column:first-child,#cf-wrapper .cf-columns
                                2025-04-07 02:47:39 UTC1369INData Raw: 30 3b 70 61 64 64 69 6e 67 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 7d 23 63 66 2d 77 72 61 70 70 65
                                Data Ascii: 0;padding:0}#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3{font-weight:400}#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper strong{font-weight:600}#cf-wrapper h1{font-size:36px;line-height:1.2}#cf-wrapper h2{font-size:30px;line-height:1.3}#cf-wrappe
                                2025-04-07 02:47:39 UTC1369INData Raw: 68 32 2b 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 6f 6c 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 63 6f 6c
                                Data Ascii: h2+h4,#cf-wrapper h2+h5,#cf-wrapper h2+h6,#cf-wrapper h3+h5,#cf-wrapper h3+h6,#cf-wrapper h3+p,#cf-wrapper h4+p,#cf-wrapper h5+ol,#cf-wrapper h5+p,#cf-wrapper h5+ul{margin-top:.5em}#cf-wrapper .cf-btn{background-color:transparent;border:1px solid #999;col
                                2025-04-07 02:47:39 UTC1369INData Raw: 3a 23 36 32 61 31 64 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 31 36 33 39 35 39 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 68 6f 76 65 72 2c 23
                                Data Ascii: :#62a1d8;border:1px solid #163959;color:#fff}#cf-wrapper .cf-btn-danger,#cf-wrapper .cf-btn-error,#cf-wrapper .cf-btn-important{background-color:#bd2426;border-color:transparent;color:#fff}#cf-wrapper .cf-btn-danger:hover,#cf-wrapper .cf-btn-error:hover,#
                                2025-04-07 02:47:39 UTC1369INData Raw: 61 63 65 3a 6e 6f 77 72 61 70 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 34 30 34 30 34 30 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 36 36 36 37 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 34 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 21 69 6d 70 6f 72 74 61 6e
                                Data Ascii: ace:nowrap}#cf-wrapper input,#cf-wrapper select,#cf-wrapper textarea{background:#fff!important;border:1px solid #999!important;color:#404040!important;font-size:.86667em!important;line-height:1.24!important;margin:0 0 1em!important;max-width:100%!importan
                                2025-04-07 02:47:39 UTC1369INData Raw: 3a 23 34 30 34 30 34 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 3a 37 2e 35 70 78 20 31 35 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 3a 65 6d 70 74 79 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 20 2e 63 66 2d 63 6c 6f 73 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 2e 37 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 70 61 64 64 69 6e
                                Data Ascii: :#404040;font-size:13px;padding:7.5px 15px;position:relative;vertical-align:middle;border-radius:2px}#cf-wrapper .cf-alert:empty{display:none}#cf-wrapper .cf-alert .cf-close{border:1px solid transparent;color:inherit;font-size:18.75px;line-height:1;paddin


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                5192.168.2.44973235.190.80.1443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC550OUTOPTIONS /report/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEO HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Origin: https://online.swifttech.cc
                                Access-Control-Request-Method: POST
                                Access-Control-Request-Headers: content-type
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC336INHTTP/1.1 200 OK
                                Content-Length: 0
                                access-control-max-age: 86400
                                access-control-allow-methods: POST, OPTIONS
                                access-control-allow-origin: *
                                access-control-allow-headers: content-length, content-type
                                date: Mon, 07 Apr 2025 02:47:40 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                6192.168.2.449734104.21.37.50443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC659OUTGET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                sec-ch-ua-platform: "Windows"
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://online.swifttech.cc/cdn-cgi/styles/cf.errors.css
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC178INHTTP/1.1 200 OK
                                Date: Mon, 07 Apr 2025 02:47:40 GMT
                                Content-Type: image/png
                                Transfer-Encoding: chunked
                                Connection: close
                                Server: cloudflare
                                CF-RAY: 92c6339de87542cc-EWR
                                2025-04-07 02:47:40 UTC722INData Raw: 32 63 62 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 c0 00 00 00 35 08 03 00 00 00 b9 bf 72 9e 00 00 00 5d 50 4c 54 45 00 00 00 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 eb eb eb 99 99 99 c4 c4 c4 f1 f1 f1 e1 e1 e1 cc cc cc d2 d2 d2 b5 b5 b5 ad ad ad 9d 9d 9d 9b 9b 9b d8 d8 d8 de de de c1 c1 c1 ba ba ba a8 a8 a8 ea ea ea e4 e4 e4 b1 b1 b1 a3 a3 a3 e7 e7 e7 ee ee ee c9 c9 c9 85 39 57 29 00 00 00 08 74 52 4e 53 00 fa d2 75 09 d7 d6 20 00 ef cb c3 00 00 02 15 49 44 41 54 78 da ec db e9 6e a4 30 10 04 e0 9e 23 89 0b c6 9c c3 cd cc fb 3f e6 66 d7 ac 8d 14 c8 49 c6 42 ae ef 67 a9 ff b6 ba 84 85 88 9c 4f c7 03 88 68 57 0e c7 d3 59 5e bd 3c 83 88 76 e8 f9 45 e4 fc 04 22 da a5 a7 b3 9c 40 44 3b 75 92 23 88 68 a7 8e c2 ef 57
                                Data Ascii: 2cbPNGIHDR5r]PLTE9W)tRNSu IDATxn0#?fIBgOhWY^<vE"@D;u#hW
                                2025-04-07 02:47:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                7192.168.2.449735104.21.37.50443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC659OUTGET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                sec-ch-ua-platform: "Windows"
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://online.swifttech.cc/cdn-cgi/styles/cf.errors.css
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC410INHTTP/1.1 200 OK
                                Date: Mon, 07 Apr 2025 02:47:40 GMT
                                Content-Type: image/png
                                Content-Length: 3213
                                Connection: close
                                Last-Modified: Mon, 31 Mar 2025 18:01:59 GMT
                                ETag: "67ead897-c8d"
                                Server: cloudflare
                                CF-RAY: 92c6339ccea3f02d-EWR
                                X-Frame-Options: DENY
                                X-Content-Type-Options: nosniff
                                Expires: Mon, 07 Apr 2025 04:47:40 GMT
                                Cache-Control: max-age=7200
                                Cache-Control: public
                                Accept-Ranges: bytes
                                2025-04-07 02:47:40 UTC959INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b2 00 00 00 af 08 03 00 00 00 6e 1c 74 1f 00 00 02 d0 50 4c 54 45 00 00 00 ff ff ff ff 80 80 ff 55 55 bf 40 40 cc 33 33 d4 2a 2a db 24 49 bf 40 40 c6 39 39 cc 33 33 d1 2e 2e bf 2a 2a c4 27 27 c8 24 37 cc 33 33 bf 30 30 c3 2d 2d c6 2a 2a c9 28 28 bf 26 26 c2 24 31 c5 2e 2e bc 2c 2c bf 2a 2a c2 29 29 c4 27 27 bd 26 2f bf 24 2e c1 2c 2c c3 2a 2a bd 29 29 bf 28 28 c1 27 27 bf 2a 2a c1 29 29 c3 28 28 be 27 27 bf 26 26 c1 25 2c c2 24 2a be 2a 2a bf 29 29 c1 28 28 bc 27 27 be 26 26 bf 25 2a c1 24 2a bd 29 29 be 28 28 c0 26 26 bd 26 2a be 25 2a bf 24 29 bd 28 28 be 27 27 bf 26 26 c0 26 2a bd 25 29 be 24 28 bf 24 28 bc 27 27 bd 27 27 be 26 26 bc 25 29 bd 24 28 bf 27 27 bd 26 26 be 25 29 bf 25 28 bd 24 28 be
                                Data Ascii: PNGIHDRntPLTEUU@@33**$I@@9933..**''$73300--**((&&$1..,,**))''&/$.,,**))((''**))((''&&%,$***))((''&&%*$*))((&&&*%*$)((''&&&*%)$($(''''&&%)$(''&&%)%($(
                                2025-04-07 02:47:40 UTC1369INData Raw: ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd fe 34 dd b2 71 00 00 08 7d 49 44 41 54 78 da ed 9d fb 5f 15 45 18 c6 e7 20 1c f1 88 02 e2 51 10 31 b3 bc e5 35 6f 69 9a a4 26 59 26 9a 5a 26 11 69 a2 e2 a5 d2 cc 22 af 05 6a 9a a2 96 9a 8a 22 9a e2 5d b9 69 89 a9 a0 88 5c 2d 4d 25 c5 6b 2a 06 04 bc ff 42 de 15 98 dd 79 67 76 76 f7 d4 e7 3c 3f cf 3e f3 65 d9 9d 79 e7 9d 77 e7 10 e2 94 53 4e fd cf 54 d7 db f5 bf 80 e9 d6 26 68 dc 9c d8 a4 13 e7 8b e1 81 ae 15 a4 ed 58 3e 7d 54 9f c6 8e 48 5b a7 67 c4 ba cc 52 50 d2 95 a4 e8 91 2d 1c 08 d7 d6 6f 76 5a 19 b0 55 b4 29 cc 21 b0 1b 86 24 fc 0d 78 fd 1e d5 bb 96 a9 bc 9e a1 fb cb 81 57 45 8b 7b 59 4c e2 75 e9
                                Data Ascii: 4q}IDATx_E Q15oi&Y&Z&i"j"]i\-M%k*Bygvv<?>eywSNT&hX>}TH[gRP-ovZU)!$xWE{YLu
                                2025-04-07 02:47:40 UTC885INData Raw: 8b e8 91 cc 89 ac f0 09 f4 67 5c 26 19 0d 89 06 d9 f6 73 75 56 a9 f0 08 0e e0 31 39 6e 67 54 c5 4f b2 4a 8c f8 73 15 5c 1a 70 94 4d 66 32 88 5d 63 59 79 a4 3a 3c 01 c2 2a 25 17 7c a0 75 92 45 bc 81 67 af 8d ad 31 4a 26 31 58 87 2c c6 e7 b1 6e 1b ee 37 db cc d8 9b c0 7f 51 a1 58 7e 3d 0c 69 70 8a 71 10 8a 75 e3 a3 ac 30 83 19 3b 46 fd a9 58 4e 61 c7 3d cc d9 be 48 62 80 8d 6e ea 2d 37 e0 90 57 2b 5b a0 a2 2c 56 7d 45 95 7b b7 41 bd 04 d9 15 f7 6c 8c 52 76 98 81 b8 9c b5 93 6e 8d af d2 7c bd 3a b3 0f e6 db bc 72 95 97 bd 23 fb f2 42 c6 9e a9 75 73 b5 0b d6 aa 33 63 86 e7 24 35 03 f6 ba 9d 51 b5 46 19 05 54 bf 85 b3 9c 46 20 87 ab f5 c8 ae b4 eb c3 3f 6e fd a0 c2 3c 0e 41 5c d1 4c ad cb 17 45 43 aa 27 bb ed 14 ad 50 64 0e c6 04 bc 89 ea ff 58 e6 c1 01 67 7c
                                Data Ascii: g\&suV19ngTOJs\pMf2]cYy:<*%|uEg1J&1X,n7QX~=ipqu0;FXNa=Hbn-7W+[,V}E{AlRvn|:r#Bus3c$5QFTF ?n<A\LEC'PdXg|


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                8192.168.2.44973735.190.80.1443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC525OUTPOST /report/v4?s=W7hAvniKMrlEJ7%2BuoP0EPYSwjF68DqBjzFcnDAQlGqDC8TaSdGASV6s8aKalZ7XK%2FkqWDMq2OfwYTp2aExKrNHVYmWcJOvqoAelpw13KA%2FG%2FwUte9QZ8qV4Uup7ZCHDPYo9vajEO HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Content-Length: 412
                                Content-Type: application/reports+json
                                Origin: https://online.swifttech.cc
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC412OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 35 34 32 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6c 2e 77 6c 2e 63 6f 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 33 37 2e 35 30 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 6f
                                Data Ascii: [{"age":0,"body":{"elapsed_time":542,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://l.wl.co/","sampling_fraction":1.0,"server_ip":"104.21.37.50","status_code":403,"type":"http.error"},"type":"network-error","url":"https://o
                                2025-04-07 02:47:40 UTC214INHTTP/1.1 200 OK
                                Content-Length: 0
                                access-control-allow-origin: *
                                vary: Origin
                                date: Mon, 07 Apr 2025 02:47:40 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                9192.168.2.449738172.67.203.247443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC424OUTGET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Sec-Fetch-Storage-Access: active
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC410INHTTP/1.1 200 OK
                                Date: Mon, 07 Apr 2025 02:47:40 GMT
                                Content-Type: image/png
                                Content-Length: 3213
                                Connection: close
                                Last-Modified: Mon, 31 Mar 2025 18:01:59 GMT
                                ETag: "67ead897-c8d"
                                Server: cloudflare
                                CF-RAY: 92c633a03a4f4261-EWR
                                X-Frame-Options: DENY
                                X-Content-Type-Options: nosniff
                                Expires: Mon, 07 Apr 2025 04:47:40 GMT
                                Cache-Control: max-age=7200
                                Cache-Control: public
                                Accept-Ranges: bytes
                                2025-04-07 02:47:40 UTC959INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b2 00 00 00 af 08 03 00 00 00 6e 1c 74 1f 00 00 02 d0 50 4c 54 45 00 00 00 ff ff ff ff 80 80 ff 55 55 bf 40 40 cc 33 33 d4 2a 2a db 24 49 bf 40 40 c6 39 39 cc 33 33 d1 2e 2e bf 2a 2a c4 27 27 c8 24 37 cc 33 33 bf 30 30 c3 2d 2d c6 2a 2a c9 28 28 bf 26 26 c2 24 31 c5 2e 2e bc 2c 2c bf 2a 2a c2 29 29 c4 27 27 bd 26 2f bf 24 2e c1 2c 2c c3 2a 2a bd 29 29 bf 28 28 c1 27 27 bf 2a 2a c1 29 29 c3 28 28 be 27 27 bf 26 26 c1 25 2c c2 24 2a be 2a 2a bf 29 29 c1 28 28 bc 27 27 be 26 26 bf 25 2a c1 24 2a bd 29 29 be 28 28 c0 26 26 bd 26 2a be 25 2a bf 24 29 bd 28 28 be 27 27 bf 26 26 c0 26 2a bd 25 29 be 24 28 bf 24 28 bc 27 27 bd 27 27 be 26 26 bc 25 29 bd 24 28 bf 27 27 bd 26 26 be 25 29 bf 25 28 bd 24 28 be
                                Data Ascii: PNGIHDRntPLTEUU@@33**$I@@9933..**''$73300--**((&&$1..,,**))''&/$.,,**))((''**))((''&&%,$***))((''&&%*$*))((&&&*%*$)((''&&&*%)$($(''''&&%)$(''&&%)%($(
                                2025-04-07 02:47:40 UTC1369INData Raw: ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd fe 34 dd b2 71 00 00 08 7d 49 44 41 54 78 da ed 9d fb 5f 15 45 18 c6 e7 20 1c f1 88 02 e2 51 10 31 b3 bc e5 35 6f 69 9a a4 26 59 26 9a 5a 26 11 69 a2 e2 a5 d2 cc 22 af 05 6a 9a a2 96 9a 8a 22 9a e2 5d b9 69 89 a9 a0 88 5c 2d 4d 25 c5 6b 2a 06 04 bc ff 42 de 15 98 dd 79 67 76 76 f7 d4 e7 3c 3f cf 3e f3 65 d9 9d 79 e7 9d 77 e7 10 e2 94 53 4e fd cf 54 d7 db f5 bf 80 e9 d6 26 68 dc 9c d8 a4 13 e7 8b e1 81 ae 15 a4 ed 58 3e 7d 54 9f c6 8e 48 5b a7 67 c4 ba cc 52 50 d2 95 a4 e8 91 2d 1c 08 d7 d6 6f 76 5a 19 b0 55 b4 29 cc 21 b0 1b 86 24 fc 0d 78 fd 1e d5 bb 96 a9 bc 9e a1 fb cb 81 57 45 8b 7b 59 4c e2 75 e9
                                Data Ascii: 4q}IDATx_E Q15oi&Y&Z&i"j"]i\-M%k*Bygvv<?>eywSNT&hX>}TH[gRP-ovZU)!$xWE{YLu
                                2025-04-07 02:47:40 UTC885INData Raw: 8b e8 91 cc 89 ac f0 09 f4 67 5c 26 19 0d 89 06 d9 f6 73 75 56 a9 f0 08 0e e0 31 39 6e 67 54 c5 4f b2 4a 8c f8 73 15 5c 1a 70 94 4d 66 32 88 5d 63 59 79 a4 3a 3c 01 c2 2a 25 17 7c a0 75 92 45 bc 81 67 af 8d ad 31 4a 26 31 58 87 2c c6 e7 b1 6e 1b ee 37 db cc d8 9b c0 7f 51 a1 58 7e 3d 0c 69 70 8a 71 10 8a 75 e3 a3 ac 30 83 19 3b 46 fd a9 58 4e 61 c7 3d cc d9 be 48 62 80 8d 6e ea 2d 37 e0 90 57 2b 5b a0 a2 2c 56 7d 45 95 7b b7 41 bd 04 d9 15 f7 6c 8c 52 76 98 81 b8 9c b5 93 6e 8d af d2 7c bd 3a b3 0f e6 db bc 72 95 97 bd 23 fb f2 42 c6 9e a9 75 73 b5 0b d6 aa 33 63 86 e7 24 35 03 f6 ba 9d 51 b5 46 19 05 54 bf 85 b3 9c 46 20 87 ab f5 c8 ae b4 eb c3 3f 6e fd a0 c2 3c 0e 41 5c d1 4c ad cb 17 45 43 aa 27 bb ed 14 ad 50 64 0e c6 04 bc 89 ea ff 58 e6 c1 01 67 7c
                                Data Ascii: g\&suV19ngTOJs\pMf2]cYy:<*%|uEg1J&1X,n7QX~=ipqu0;FXNa=Hbn-7W+[,V}E{AlRvn|:r#Bus3c$5QFTF ?n<A\LEC'PdXg|


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                10192.168.2.449739104.21.37.50443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC609OUTGET /favicon.ico HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                sec-ch-ua-platform: "Windows"
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                                sec-ch-ua-mobile: ?0
                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Sec-Fetch-Site: same-origin
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: image
                                Referer: https://online.swifttech.cc/new/sc03
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:40 UTC897INHTTP/1.1 403 Forbidden
                                Date: Mon, 07 Apr 2025 02:47:40 GMT
                                Content-Type: text/html; charset=UTF-8
                                Transfer-Encoding: chunked
                                Connection: close
                                X-Frame-Options: SAMEORIGIN
                                Referrer-Policy: same-origin
                                Cache-Control: max-age=15
                                Expires: Mon, 07 Apr 2025 02:47:55 GMT
                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6ZXOgneNYPfm1YTV9XUisvJZevlD%2BqgQqCb%2Ff22PARgMDlGUOy9sYtltRyW1sRxNRzCYRp9O8mODo3lYmbunUuNXAtfeKDDj7xoChbRzEkZbMnztTHSzYSmmraTkTZD9at1Cawr"}],"group":"cf-nel","max_age":604800}
                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                Server: cloudflare
                                CF-RAY: 92c633a0cb99f569-EWR
                                alt-svc: h3=":443"; ma=86400
                                server-timing: cfL4;desc="?proto=TCP&rtt=96622&min_rtt=96473&rtt_var=20493&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1181&delivery_rate=38612&cwnd=227&unsent_bytes=0&cid=9d4908988f83f156&ts=245&x=0"
                                2025-04-07 02:47:40 UTC472INData Raw: 31 31 61 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20
                                Data Ascii: 11a1<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
                                2025-04-07 02:47:40 UTC1369INData Raw: 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 63 66 5f 73 74 79 6c 65 73 2d 63 73 73 22 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 63 73 73 22 20
                                Data Ascii: meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="robots" content="noindex, nofollow" /><meta name="viewport" content="width=device-width,initial-scale=1" /><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css"
                                2025-04-07 02:47:40 UTC1369INData Raw: 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 6e 6f 2d 73 63 72 65 65 6e 73 68 6f 74 20 65 72 72 6f 72 22 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 72 20 2d 2d 3e 0a 0a 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 73 65 63 74 69 6f 6e 20 63 66 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 66 2d 63 6f 6c 75 6d 6e 73 20 74 77 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73
                                Data Ascii: <span class="cf-no-screenshot error"></span> </div> </div> </div>... /.captcha-container --> <div class="cf-section cf-wrapper"> <div class="cf-columns two"> <div class
                                2025-04-07 02:47:40 UTC1311INData Raw: 6d 3a 6d 62 2d 31 22 3e 43 6c 6f 75 64 66 6c 61 72 65 20 52 61 79 20 49 44 3a 20 3c 73 74 72 6f 6e 67 20 63 6c 61 73 73 3d 22 66 6f 6e 74 2d 73 65 6d 69 62 6f 6c 64 22 3e 39 32 63 36 33 33 61 30 63 62 39 39 66 35 36 39 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 2d 69 70 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 68 69 64 64 65 6e 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 0a 20 20 20 20 20 20 59 6f 75 72 20 49 50 3a 0a 20 20 20 20 20 20 3c
                                Data Ascii: m:mb-1">Cloudflare Ray ID: <strong class="font-semibold">92c633a0cb99f569</strong></span> <span class="cf-footer-separator sm:hidden">&bull;</span> <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1"> Your IP: <
                                2025-04-07 02:47:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                Data Ascii: 0


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                11192.168.2.449740172.67.203.247443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:47:40 UTC424OUTGET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
                                Host: online.swifttech.cc
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Sec-Fetch-Storage-Access: active
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:47:41 UTC409INHTTP/1.1 200 OK
                                Date: Mon, 07 Apr 2025 02:47:40 GMT
                                Content-Type: image/png
                                Content-Length: 715
                                Connection: close
                                Last-Modified: Mon, 31 Mar 2025 18:01:59 GMT
                                ETag: "67ead897-2cb"
                                Server: cloudflare
                                CF-RAY: 92c633a10931a4a0-EWR
                                X-Frame-Options: DENY
                                X-Content-Type-Options: nosniff
                                Expires: Mon, 07 Apr 2025 04:47:40 GMT
                                Cache-Control: max-age=7200
                                Cache-Control: public
                                Accept-Ranges: bytes
                                2025-04-07 02:47:41 UTC715INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 c0 00 00 00 35 08 03 00 00 00 b9 bf 72 9e 00 00 00 5d 50 4c 54 45 00 00 00 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 eb eb eb 99 99 99 c4 c4 c4 f1 f1 f1 e1 e1 e1 cc cc cc d2 d2 d2 b5 b5 b5 ad ad ad 9d 9d 9d 9b 9b 9b d8 d8 d8 de de de c1 c1 c1 ba ba ba a8 a8 a8 ea ea ea e4 e4 e4 b1 b1 b1 a3 a3 a3 e7 e7 e7 ee ee ee c9 c9 c9 85 39 57 29 00 00 00 08 74 52 4e 53 00 fa d2 75 09 d7 d6 20 00 ef cb c3 00 00 02 15 49 44 41 54 78 da ec db e9 6e a4 30 10 04 e0 9e 23 89 0b c6 9c c3 cd cc fb 3f e6 66 d7 ac 8d 14 c8 49 c6 42 ae ef 67 a9 ff b6 ba 84 85 88 9c 4f c7 03 88 68 57 0e c7 d3 59 5e bd 3c 83 88 76 e8 f9 45 e4 fc 04 22 da a5 a7 b3 9c 40 44 3b 75 92 23 88 68 a7 8e c2 ef 57 44 bb 75 10 10
                                Data Ascii: PNGIHDR5r]PLTE9W)tRNSu IDATxn0#?fIBgOhWY^<vE"@D;u#hWDu


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                12192.168.2.44975535.190.80.1443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:48:39 UTC546OUTOPTIONS /report/v4?s=X6ZXOgneNYPfm1YTV9XUisvJZevlD%2BqgQqCb%2Ff22PARgMDlGUOy9sYtltRyW1sRxNRzCYRp9O8mODo3lYmbunUuNXAtfeKDDj7xoChbRzEkZbMnztTHSzYSmmraTkTZD9at1Cawr HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Origin: https://online.swifttech.cc
                                Access-Control-Request-Method: POST
                                Access-Control-Request-Headers: content-type
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:48:40 UTC336INHTTP/1.1 200 OK
                                Content-Length: 0
                                access-control-max-age: 86400
                                access-control-allow-methods: OPTIONS, POST
                                access-control-allow-origin: *
                                access-control-allow-headers: content-type, content-length
                                date: Mon, 07 Apr 2025 02:48:39 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                13192.168.2.44975635.190.80.1443420C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2025-04-07 02:48:40 UTC521OUTPOST /report/v4?s=X6ZXOgneNYPfm1YTV9XUisvJZevlD%2BqgQqCb%2Ff22PARgMDlGUOy9sYtltRyW1sRxNRzCYRp9O8mODo3lYmbunUuNXAtfeKDDj7xoChbRzEkZbMnztTHSzYSmmraTkTZD9at1Cawr HTTP/1.1
                                Host: a.nel.cloudflare.com
                                Connection: keep-alive
                                Content-Length: 439
                                Content-Type: application/reports+json
                                Origin: https://online.swifttech.cc
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                Accept-Encoding: gzip, deflate, br, zstd
                                Accept-Language: en-US,en;q=0.9
                                2025-04-07 02:48:40 UTC439OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 38 35 36 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 32 32 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6f 6e 6c 69 6e 65 2e 73 77 69 66 74 74 65 63 68 2e 63 63 2f 6e 65 77 2f 73 63 30 33 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 33 37 2e 35 30 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b
                                Data Ascii: [{"age":58561,"body":{"elapsed_time":622,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://online.swifttech.cc/new/sc03","sampling_fraction":1.0,"server_ip":"104.21.37.50","status_code":403,"type":"http.error"},"type":"network
                                2025-04-07 02:48:40 UTC214INHTTP/1.1 200 OK
                                Content-Length: 0
                                access-control-allow-origin: *
                                vary: Origin
                                date: Mon, 07 Apr 2025 02:48:40 GMT
                                Via: 1.1 google
                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                Connection: close


                                Statistics

                                CPU Usage

                                020406080s020406080100

                                Click to jump to process

                                Memory Usage

                                020406080s0.0050100MB

                                Click to jump to process

                                Behavior

                                Click to jump to process

                                System Behavior

                                General

                                Target ID:1
                                Start time:22:47:26
                                Start date:06/04/2025
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                Imagebase:0x7ff786830000
                                File size:3'388'000 bytes
                                MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false
                                Show Windows behavior

                                File Activities

                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                Show Windows behavior

                                COM Activities

                                Show Windows behavior

                                Process Activities

                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                Show Windows behavior

                                Memory Activities

                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                Show Windows behavior

                                Process Token Activities


                                General

                                Target ID:2
                                Start time:22:47:28
                                Start date:06/04/2025
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2360,i,14913866966679879889,9602738007722573727,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2372 /prefetch:3
                                Imagebase:0x7ff786830000
                                File size:3'388'000 bytes
                                MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false
                                Show Windows behavior

                                File Activities

                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                Show Windows behavior

                                Memory Activities

                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                General

                                Target ID:4
                                Start time:22:47:34
                                Start date:06/04/2025
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://abre.ai/vfd210df"
                                Imagebase:0x7ff786830000
                                File size:3'388'000 bytes
                                MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:true
                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                Disassembly

                                No disassembly