Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://sharma-sanjana2108.github.io/Microsoft/

Overview

General Information

Sample URL:	https://sharma-sanjana2108.github.io/Microsoft/
Analysis ID:	1429006
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Misleading page title found

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

HTML body contains low number of good links

HTML title does not match URL

Classification

×

Process Tree

System is w10x64

chrome.exe (PID: 2312 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2468,i,699339187690681143,3924991867902275717,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharma-sanjana2108.github.io/Microsoft/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://sharma-sanjana2108.github.io/Microsoft/

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Misleading page title found

Source: https://sharma-sanjana2108.github.io/Microsoft/	Page Title: Microsoft login page demo
Source: https://sharma-sanjana2108.github.io/Microsoft/	Page Title: Microsoft login page demo

Phishing site detected (based on image similarity)

Source: https://sharma-sanjana2108.github.io/Microsoft/

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://sharma-sanjana2108.github.io/Microsoft/

Matcher: Template: microsoft matched

Source: https://sharma-sanjana2108.github.io/Microsoft/

HTTP Parser: Number of links: 0

Source: https://sharma-sanjana2108.github.io/Microsoft/

HTTP Parser: Title: Microsoft login page demo does not match URL

Source: https://sharma-sanjana2108.github.io/Microsoft/

HTTP Parser: No favicon

Source: https://sharma-sanjana2108.github.io/Microsoft/

HTTP Parser: No <meta name="author".. found

Source: https://sharma-sanjana2108.github.io/Microsoft/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /Microsoft/ HTTP/1.1Host: sharma-sanjana2108.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Microsoft/style.css HTTP/1.1Host: sharma-sanjana2108.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://sharma-sanjana2108.github.io/Microsoft/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sharma-sanjana2108.github.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sharma-sanjana2108.github.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sharma-sanjana2108.github.io/Microsoft/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com

Source: unknown

DNS traffic detected: queries for: sharma-sanjana2108.github.io

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 9115Server: GitHub.comContent-Type: text/html; charset=utf-8permissions-policy: interest-cohort=()ETag: "661dd73f-239b"Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'X-GitHub-Request-Id: 0E8A:2D1CF:D92D87:FD7416:66230038Accept-Ranges: bytesAge: 0Date: Fri, 19 Apr 2024 23:37:30 GMTVia: 1.1 varnishX-Served-By: cache-pdk-kfty2130025-PDKX-Cache: MISSX-Cache-Hits: 0X-Timer: S1713569851.636702,VS0,VE18Vary: Accept-EncodingX-Fastly-Request-ID: 3eed61f8b689373e7796ce4825e18616c7827533

Source: chromecache_41.2.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
Source: chromecache_40.2.dr	String found in binary or memory: https://githubstatus.com
Source: chromecache_40.2.dr	String found in binary or memory: https://help.github.com/pages/
Source: chromecache_40.2.dr	String found in binary or memory: https://twitter.com/githubstatus

Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@16/11@4/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2468,i,699339187690681143,3924991867902275717,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharma-sanjana2108.github.io/Microsoft/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2468,i,699339187690681143,3924991867902275717,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://sharma-sanjana2108.github.io/Microsoft/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false		unknown
part-0013.t-0009.t-msedge.net	13.107.246.41	true	false		unknown
sharma-sanjana2108.github.io	185.199.108.153	true	false		unknown
www.google.com	108.177.122.104	true	false		high
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://sharma-sanjana2108.github.io/Microsoft/style.css	false		unknown
https://sharma-sanjana2108.github.io/Microsoft/	true		unknown
https://sharma-sanjana2108.github.io/favicon.ico	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://githubstatus.com	chromecache_40.2.dr	false		unknown
https://help.github.com/pages/	chromecache_40.2.dr	false		high
https://twitter.com/githubstatus	chromecache_40.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.107.246.41	part-0013.t-0009.t-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
13.107.213.41	unknown	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
185.199.108.153	sharma-sanjana2108.github.io	Netherlands		54113	FASTLYUS	false
108.177.122.104	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1429006
Start date and time:	2024-04-20 01:36:34 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 21s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://sharma-sanjana2108.github.io/Microsoft/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@16/11@4/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.9.94, 64.233.177.84, 142.251.15.100, 142.251.15.113, 142.251.15.138, 142.251.15.102, 142.251.15.139, 142.251.15.101, 34.104.35.123, 64.233.177.95, 172.253.124.95, 74.125.136.95, 142.250.9.95, 173.194.219.95, 108.177.122.95, 64.233.185.95, 64.233.176.95, 74.125.138.95, 172.217.215.95, 142.250.105.95, 142.251.15.95, 40.127.169.103, 199.232.210.172, 13.95.31.18, 192.229.211.108, 13.85.23.206, 74.125.136.94
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, aadcdn.msauth.net, wu-bg-shim.trafficmanager.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, aadcdnoriginwus2.afd.azureedge.net, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://sharma-sanjana2108.github.io/Microsoft/

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 40

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3909)
Category:	downloaded
Size (bytes):	9115
Entropy (8bit):	6.0587900718391925
Encrypted:	false
SSDEEP:	192:Ywnb1iC9OA9XXMa9kukrALQDUnulGVopLAGCALQD6vnglET31iCLL3d:7B8H3DUulGmmv3D6vglETliCfN
MD5:	1EB970CE5A18BEC7165F016DF8238566
SHA1:	9EFD1514AF80FE14DB4ED28E9BC53975B9EE089C
SHA-256:	70D613E3ACFBA24FD2876FCBACAF639E1E111EF4D54BAF70761C47673F37D6A3
SHA-512:	21B4D800CC282CA452F7394E95D5382340AC3481A002C21DA681005A44F18EA6CF43959990CD715B4657F180E0E96D6087FE724F3200E909F9FD70EBCD5511BD
Malicious:	false
Reputation:	low
URL:	https://sharma-sanjana2108.github.io/favicon.ico
Preview:	<!DOCTYPE html>.<html>. <head>. <meta http-equiv="Content-type" content="text/html; charset=utf-8">. <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'">. <title>Site not found · GitHub Pages</title>. <style type="text/css" media="screen">. body {. background-color: #f1f1f1;. margin: 0;. font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;. }.. .container { margin: 50px auto 40px auto; width: 600px; text-align: center; }.. a { color: #4183c4; text-decoration: none; }. a:hover { text-decoration: underline; }.. h1 { width: 800px; position:relative; left: -100px; letter-spacing: -1px; line-height: 60px; font-size: 60px; font-weight: 100; margin: 0px 0 50px 0; text-shadow: 0 1px 0 #fff; }. p { color: rgba(0, 0, 0, 0.5); margin: 20px 0; line-height: 1.6; }.. ul { list-style: none; margin: 25px 0; padding: 0; }. li { d

Chrome Cache Entry: 41

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	710
Entropy (8bit):	5.149894585443946
Encrypted:	false
SSDEEP:	12:hYky75S4Yxz/clIBEmmTyD322B/EdsAjsRkokFG9DyKqSOQb:hYkC54/cnmmL2RTusi9wypSp
MD5:	173D16FD1E7B022200183ACC79DA29D6
SHA1:	8388F6CA16651D5A4D3EC373084AC663420FFD94
SHA-256:	B52F7371B8CBDC92F273C04DDAACE94FC2B67B725A29C669B8CBF12ADFC8AC73
SHA-512:	04BF8C096ABB45F360F97469BC3FB1CF965635379FC03D82E2A02C3C587E81076B2454DF41928F8FECC10027BB2BB9FF1D93A455438A5DA6C354ABC95DB866C4
Malicious:	false
Reputation:	low
URL:	https://sharma-sanjana2108.github.io/Microsoft/
Preview:	<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Microsoft login page demo</title>. <link rel="stylesheet" href="style.css">..</head>.<body>. .<div>...<img src="https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg" alt="">.<h3>Sign in</h3>.<input type="text" placeholder="Email Address, Phone number or Skype">.<br>..<a href="">Create One!</a>.<br>.<a href="">Can't access your account?</a>.<br>.<span>. <button style="background-color: rgb(211, 202, 202); color:black;">Back</button>. <button>Next</button> .</span>.</div>.....</body>.</html>

Chrome Cache Entry: 42

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
Category:	downloaded
Size (bytes):	1435
Entropy (8bit):	7.8613342322590265
Encrypted:	false
SSDEEP:	24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
MD5:	9F368BC4580FED907775F31C6B26D6CF
SHA1:	E393A40B3E337F43057EEE3DE189F197AB056451
SHA-256:	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
SHA-512:	0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Preview:	...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.\|..~.\|{~...b{8...zv.....8\|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.\|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dgN.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f;.....Zhrr.,.U....6.Y....+Zd.R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

Chrome Cache Entry: 43

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	834
Entropy (8bit):	4.767682012228438
Encrypted:	false
SSDEEP:	12:A9ARI88FWdOBQGW/0HWLo0fswcMPc0Bu+To49LAWLHKD2wy5q0HoYEIA988+KiSB:AuRDa4TFjp9cWsI4+ScjWFRmbYlEvE
MD5:	8B004F8B7F291878FC3E26EBDB995E5D
SHA1:	4787E6DC4B568D6D1DE4A0D6D02B9B603742265D
SHA-256:	FF4F35407472F25ADF0292FA1264A7565C18C6559B529E18BDB23EA011DDDC84
SHA-512:	71C43F5BD13D418897840CA84136A9FE26EB9459DCD8DAC477E75CFC2E51EF17F2131EF6F2FEDB7AC36AE1602AA67BF75C24BC3752069BACDBFB978C30A189A8
Malicious:	false
Reputation:	low
URL:	https://sharma-sanjana2108.github.io/Microsoft/style.css
Preview:	.div{. width: 400px;. height: 400px;. background-color:white;. margin-top: 100px;. margin-left: 450px;. padding-left: 40px;. padding-top: 50px;...}..div img{. width: 150px;..}..div h3{. font-size: 24px;. font-family: Arial, "Helvetica Neue", Helvetica, sans-serif; . .}..div input{. width: 300px;. height: 30px;..background: transparent;.border: none;..border-bottom: 1px solid black;.margin-bottom: 30px;..}..div span{. margin-top: 50px;. margin-left: 190px;. .}..div span button{. width: 100px;. height: 30px;. background-color: blue;. border: none;. color: rgb(241, 238, 238);.}..div a{. color: rgb(71, 105, 216);. text-decoration: none;..}..div a:hover{.. color: gray;. border-bottom: 1px solid gray;..}...body{. background-color: rgb(170, 147, 235);.}

Chrome Cache Entry: 44

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:	3:H+uZYn:euZYn
MD5:	46DF3E5E2D15256CA16616EBFDA5427F
SHA1:	BE8F9B307E458075DA0D43585A05F1D451469182
SHA-256:	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
SHA-512:	88FBCC0A92317A0BADE7D4B72C023A16792F3728443075BF4B1767C8A55258836B54D56B24EABE36AE4EF240F796B58B8F1EA10C7E3C146BDE89882FC9ADE302
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlJnpR-r-u7YRIFDZFhlU4=?alt=proto
Preview:	CgkKBw2RYZVOGgA=

Chrome Cache Entry: 45

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
Category:	dropped
Size (bytes):	1435
Entropy (8bit):	7.8613342322590265
Encrypted:	false
SSDEEP:	24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
MD5:	9F368BC4580FED907775F31C6B26D6CF
SHA1:	E393A40B3E337F43057EEE3DE189F197AB056451
SHA-256:	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
SHA-512:	0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
Malicious:	false
Reputation:	low
Preview:	...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.\|..~.\|{~...b{8...zv.....8\|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.\|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dgN.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f;.....Zhrr.,.U....6.Y....+Zd.R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 20, 2024 01:37:18.871037006 CEST	49675	443	192.168.2.4	173.222.162.32
Apr 20, 2024 01:37:28.764674902 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.764719009 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.764787912 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.765465975 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.765542984 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.765613079 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.765629053 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.765836954 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.765945911 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.765978098 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.991133928 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.991480112 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.991489887 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.991683960 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.992031097 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.992140055 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.993196011 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.993280888 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.993906021 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.994002104 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.994895935 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.994982004 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.995819092 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.995917082 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:28.995934010 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:28.995939970 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.044620037 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.044743061 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.044799089 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.089369059 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.214080095 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.214350939 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.214415073 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.215393066 CEST	49735	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.215409040 CEST	443	49735	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.235949993 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.280128002 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.346245050 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.346318960 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.346404076 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.346664906 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.346697092 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.367891073 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.368169069 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.368256092 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.368870020 CEST	49736	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:29.368927956 CEST	443	49736	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:29.583318949 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.583416939 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.583503008 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.583734035 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.583765984 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.675770044 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.676069975 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.676106930 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.677593946 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.677664042 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.678654909 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.678797960 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.678809881 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.678905964 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.726089001 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.726145983 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:29.775902987 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:29.811589003 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.811871052 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.811903954 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.813553095 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.813633919 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.814652920 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.814830065 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.858767986 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:29.858787060 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:29.904896975 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:30.216516018 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:30.216624975 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:30.216680050 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:30.216696024 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:30.216758966 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:30.216818094 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:30.225667000 CEST	49738	443	192.168.2.4	13.107.246.41
Apr 20, 2024 01:37:30.225678921 CEST	443	49738	13.107.246.41	192.168.2.4
Apr 20, 2024 01:37:30.253734112 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.253797054 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.253880024 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.254148960 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.254179001 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.366838932 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.366918087 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.366998911 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.367450953 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.367490053 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.481992960 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.494936943 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.494998932 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.496248007 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.497307062 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.497493029 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.497617960 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.540121078 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.693305969 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.693797112 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.693831921 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.695713997 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.695796967 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.697578907 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.697663069 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.698555946 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.698570967 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.706892014 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.707053900 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.707109928 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.707122087 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.707233906 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.707277060 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.707283020 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.709860086 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.709911108 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.709916115 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.712289095 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.712346077 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.712941885 CEST	49742	443	192.168.2.4	185.199.108.153
Apr 20, 2024 01:37:30.712953091 CEST	443	49742	185.199.108.153	192.168.2.4
Apr 20, 2024 01:37:30.744533062 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.905292034 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.905364990 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.905426025 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.905458927 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.905514002 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:30.905565023 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.914407969 CEST	49743	443	192.168.2.4	13.107.213.41
Apr 20, 2024 01:37:30.914438963 CEST	443	49743	13.107.213.41	192.168.2.4
Apr 20, 2024 01:37:32.203402996 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.203480005 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:32.204158068 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.222449064 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.222489119 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:32.450098991 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:32.450180054 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.703754902 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.703803062 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:32.704731941 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:32.746686935 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:32.956800938 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.004117966 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.062920094 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.062969923 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.063184977 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.074414968 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.074460030 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.074489117 CEST	49745	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.074505091 CEST	443	49745	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.143260956 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.143342018 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.143443108 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.144035101 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.144134998 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.357960939 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.358057976 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.361512899 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.361541986 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.361783981 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.364893913 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.408190966 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.565915108 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.565994024 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.566195011 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.568470001 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.568470001 CEST	49746	443	192.168.2.4	184.31.62.93
Apr 20, 2024 01:37:33.568531036 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:33.568572044 CEST	443	49746	184.31.62.93	192.168.2.4
Apr 20, 2024 01:37:39.798949957 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:39.799105883 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:37:39.799284935 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:41.479027033 CEST	49740	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:37:41.479095936 CEST	443	49740	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.526590109 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:29.526623011 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.526684046 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:29.526935101 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:29.526947975 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.746503115 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.746756077 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:29.746767044 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.747870922 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.748226881 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:29.748441935 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:29.791107893 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:35.860219002 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 20, 2024 01:38:35.964083910 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 20, 2024 01:38:35.964164019 CEST	80	49724	199.232.214.172	192.168.2.4
Apr 20, 2024 01:38:35.964410067 CEST	49724	80	192.168.2.4	199.232.214.172
Apr 20, 2024 01:38:39.741991043 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:39.742125034 CEST	443	49754	108.177.122.104	192.168.2.4
Apr 20, 2024 01:38:39.742176056 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:41.450557947 CEST	49754	443	192.168.2.4	108.177.122.104
Apr 20, 2024 01:38:41.450591087 CEST	443	49754	108.177.122.104	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 20, 2024 01:37:27.328176022 CEST	53	60084	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:27.336862087 CEST	53	61433	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:27.924571037 CEST	53	60296	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:28.656182051 CEST	61628	53	192.168.2.4	1.1.1.1
Apr 20, 2024 01:37:28.656395912 CEST	55935	53	192.168.2.4	1.1.1.1
Apr 20, 2024 01:37:28.762752056 CEST	53	55935	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:28.763271093 CEST	53	61628	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:29.342937946 CEST	53	59342	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:29.476958990 CEST	63798	53	192.168.2.4	1.1.1.1
Apr 20, 2024 01:37:29.477128029 CEST	49973	53	192.168.2.4	1.1.1.1
Apr 20, 2024 01:37:29.582367897 CEST	53	49973	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:29.582432032 CEST	53	63798	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:44.977309942 CEST	53	57135	1.1.1.1	192.168.2.4
Apr 20, 2024 01:37:47.440223932 CEST	138	138	192.168.2.4	192.168.2.255
Apr 20, 2024 01:38:03.788361073 CEST	53	55687	1.1.1.1	192.168.2.4
Apr 20, 2024 01:38:26.489346981 CEST	53	59089	1.1.1.1	192.168.2.4
Apr 20, 2024 01:38:26.517168045 CEST	53	64638	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 20, 2024 01:37:28.656182051 CEST	192.168.2.4	1.1.1.1	0x3d07	Standard query (0)	sharma-sanjana2108.github.io	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:28.656395912 CEST	192.168.2.4	1.1.1.1	0xfd73	Standard query (0)	sharma-sanjana2108.github.io	65	IN (0x0001)	false
Apr 20, 2024 01:37:29.476958990 CEST	192.168.2.4	1.1.1.1	0xe8dc	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.477128029 CEST	192.168.2.4	1.1.1.1	0x63f7	Standard query (0)	www.google.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 20, 2024 01:37:28.763271093 CEST	1.1.1.1	192.168.2.4	0x3d07	No error (0)	sharma-sanjana2108.github.io		185.199.108.153	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:28.763271093 CEST	1.1.1.1	192.168.2.4	0x3d07	No error (0)	sharma-sanjana2108.github.io		185.199.109.153	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:28.763271093 CEST	1.1.1.1	192.168.2.4	0x3d07	No error (0)	sharma-sanjana2108.github.io		185.199.111.153	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:28.763271093 CEST	1.1.1.1	192.168.2.4	0x3d07	No error (0)	sharma-sanjana2108.github.io		185.199.110.153	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.341876030 CEST	1.1.1.1	192.168.2.4	0xed14	No error (0)	shed.dual-low.part-0013.t-0009.t-msedge.net	part-0013.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:37:29.341876030 CEST	1.1.1.1	192.168.2.4	0xed14	No error (0)	part-0013.t-0009.t-msedge.net		13.107.246.41	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.341876030 CEST	1.1.1.1	192.168.2.4	0xed14	No error (0)	part-0013.t-0009.t-msedge.net		13.107.213.41	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582367897 CEST	1.1.1.1	192.168.2.4	0x63f7	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.104	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.105	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.103	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.106	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.147	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:29.582432032 CEST	1.1.1.1	192.168.2.4	0xe8dc	No error (0)	www.google.com		108.177.122.99	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:30.364497900 CEST	1.1.1.1	192.168.2.4	0x520e	No error (0)	shed.dual-low.part-0013.t-0009.t-msedge.net	part-0013.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:37:30.364497900 CEST	1.1.1.1	192.168.2.4	0x520e	No error (0)	part-0013.t-0009.t-msedge.net		13.107.213.41	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:30.364497900 CEST	1.1.1.1	192.168.2.4	0x520e	No error (0)	part-0013.t-0009.t-msedge.net		13.107.246.41	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:42.621915102 CEST	1.1.1.1	192.168.2.4	0xd6a0	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:42.621915102 CEST	1.1.1.1	192.168.2.4	0xd6a0	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:37:43.793978930 CEST	1.1.1.1	192.168.2.4	0x9ff	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:37:43.793978930 CEST	1.1.1.1	192.168.2.4	0x9ff	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:38:00.085206032 CEST	1.1.1.1	192.168.2.4	0xd99a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:38:00.085206032 CEST	1.1.1.1	192.168.2.4	0xd99a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:38:18.898294926 CEST	1.1.1.1	192.168.2.4	0x1546	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:38:18.898294926 CEST	1.1.1.1	192.168.2.4	0x1546	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 20, 2024 01:38:39.243793011 CEST	1.1.1.1	192.168.2.4	0x13b8	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 20, 2024 01:38:39.243793011 CEST	1.1.1.1	192.168.2.4	0x13b8	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

sharma-sanjana2108.github.io

https:

aadcdn.msauth.net

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49735	185.199.108.153	443	4852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:28 UTC	681	OUT	GET /Microsoft/ HTTP/1.1 Host: sharma-sanjana2108.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 23:37:29 UTC	730	IN	HTTP/1.1 200 OK Connection: close Content-Length: 710 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Thu, 03 Aug 2023 13:31:27 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "64cbac2f-2c6" expires: Fri, 19 Apr 2024 23:47:29 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: 10B6:25C05:D2F62C:F7354D:66230037 Accept-Ranges: bytes Age: 0 Date: Fri, 19 Apr 2024 23:37:29 GMT Via: 1.1 varnish X-Served-By: cache-pdk-kfty2130032-PDK X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1713569849.138512,VS0,VE23 Vary: Accept-Encoding X-Fastly-Request-ID: 88cce4347fa50e782a20ec60e73290bc7e50eb29
2024-04-19 23:37:29 UTC	710	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4d 69 63 72 6f 73 6f 66 74 20 6c 6f 67 69 6e 20 70 61 67 65 20 64 65 6d 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 0a 3c 64 Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Microsoft login page demo</title> <link rel="stylesheet" href="style.css"></head><body> <d

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49736	185.199.108.153	443	4852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:29 UTC	584	OUT	GET /Microsoft/style.css HTTP/1.1 Host: sharma-sanjana2108.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://sharma-sanjana2108.github.io/Microsoft/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 23:37:29 UTC	729	IN	HTTP/1.1 200 OK Connection: close Content-Length: 834 Server: GitHub.com Content-Type: text/css; charset=utf-8 permissions-policy: interest-cohort=() Last-Modified: Thu, 03 Aug 2023 13:31:27 GMT Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31556952 ETag: "64cbac2f-342" expires: Fri, 19 Apr 2024 23:47:29 GMT Cache-Control: max-age=600 x-proxy-cache: MISS X-GitHub-Request-Id: F9BC:387F3:BD7FCF:E1BBAB:66230038 Accept-Ranges: bytes Age: 0 Date: Fri, 19 Apr 2024 23:37:29 GMT Via: 1.1 varnish X-Served-By: cache-pdk-kfty2130091-PDK X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1713569849.289065,VS0,VE26 Vary: Accept-Encoding X-Fastly-Request-ID: 29a5a13f8027e1fe4175f6677eac8eebdc8d41fc
2024-04-19 23:37:29 UTC	834	IN	Data Raw: 0a 64 69 76 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 34 30 30 70 78 3b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 34 30 30 70 78 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 34 35 30 70 78 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 34 30 70 78 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 35 30 70 78 3b 0a 0a 0a 7d 0a 0a 64 69 76 20 69 6d 67 7b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 35 30 70 78 3b 0a 0a 7d 0a 0a 64 69 76 20 68 33 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 34 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 22 Data Ascii: div{ width: 400px; height: 400px; background-color:white; margin-top: 100px; margin-left: 450px; padding-left: 40px; padding-top: 50px;}div img{ width: 150px;}div h3{ font-size: 24px; font-family: Arial, "

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49738	13.107.246.41	443	4852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:29 UTC	666	OUT	GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sharma-sanjana2108.github.io/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 23:37:30 UTC	786	IN	HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 23:37:30 GMT Content-Type: image/svg+xml Content-Length: 1435 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Fri, 17 Jan 2020 19:28:38 GMT ETag: 0x8D79B8373CB2849 x-ms-request-id: 9b64396f-c01e-003e-07b2-926692000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240419T233729Z-r1f585c6b654pwmnf439dcuuhs00000000v00000000087af x-fd-int-roxy-purgeid: 4554691 X-Cache: TCP_MISS Accept-Ranges: bytes
2024-04-19 23:37:30 UTC	1435	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5 Data Ascii: WMo7+uVHJ{&v(QFaWQ\|~\|{~b{8zv8\|bgxby{x<\lSppl7o}vtrr\|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49742	185.199.108.153	443	4852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:30 UTC	622	OUT	GET /favicon.ico HTTP/1.1 Host: sharma-sanjana2108.github.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://sharma-sanjana2108.github.io/Microsoft/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 23:37:30 UTC	634	IN	HTTP/1.1 404 Not Found Connection: close Content-Length: 9115 Server: GitHub.com Content-Type: text/html; charset=utf-8 permissions-policy: interest-cohort=() ETag: "661dd73f-239b" Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' X-GitHub-Request-Id: 0E8A:2D1CF:D92D87:FD7416:66230038 Accept-Ranges: bytes Age: 0 Date: Fri, 19 Apr 2024 23:37:30 GMT Via: 1.1 varnish X-Served-By: cache-pdk-kfty2130025-PDK X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1713569851.636702,VS0,VE18 Vary: Accept-Encoding X-Fastly-Request-ID: 3eed61f8b689373e7796ce4825e18616c7827533
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 20 69 6d 67 2d 73 72 63 20 64 61 74 61 3a 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 53 Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'"> <title>S
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 20 32 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 31 39 32 64 70 69 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 32 64 70 70 78 29 20 7b 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 31 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 32 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 20 7d 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 23 73 75 Data Ascii: ice-pixel-ratio: 2), only screen and ( min-resolution: 192dpi), only screen and ( min-resolution: 2dppx) { .logo-img-1x { display: none; } .logo-img-2x { display: inline-block; } } #su
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 78 34 4f 6e 68 74 63 47 31 6c 64 47 45 67 65 47 31 73 62 6e 4d 36 65 44 30 69 59 57 52 76 59 6d 55 36 62 6e 4d 36 62 57 56 30 59 53 38 69 49 48 67 36 65 47 31 77 64 47 73 39 49 6b 46 6b 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 Data Ascii: x4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvb
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 45 39 46 4e 72 67 77 42 43 4c 69 72 4d 46 56 39 4f 6b 68 35 65 66 6c 46 68 38 50 52 35 6e 4b 35 6e 44 61 62 72 52 32 42 4e 4a 6c 4b 4f 30 54 33 35 2b 4c 69 34 6e 34 2b 2f 4a 2b 2f 4a 51 43 78 68 6d 75 35 68 33 75 4a 6f 58 4e 48 50 62 6d 57 5a 41 48 4d 73 68 57 42 38 6c 35 2f 69 70 71 61 6d 6d 61 41 66 30 7a 50 44 44 78 31 4f 4e 56 33 76 75 72 64 69 64 71 77 41 51 4c 2b 70 45 63 38 73 4c 63 41 65 31 43 43 76 51 33 59 48 78 49 57 38 50 6c 38 35 78 53 57 4e 43 31 68 41 44 44 49 76 30 72 49 45 2f 6f 34 4a 30 6b 33 6b 77 77 34 78 53 6c 77 49 68 63 71 33 45 46 46 4f 6d 37 4b 4e 2f 68 55 47 4f 51 6b 74 30 43 46 61 35 57 70 4e 4a 6c 4d 76 78 42 45 7a 2f 49 56 51 41 78 67 2f 5a 52 5a 6c 39 77 69 48 41 36 33 79 44 59 69 65 4d 37 44 6e 4c 50 35 43 69 41 47 73 43 37 Data Ascii: E9FNrgwBCLirMFV9Okh5eflFh8PR5nK5nDabrR2BNJlKO0T35+Li4n4+/J+/JQCxhmu5h3uJoXNHPbmWZAHMshWB8l5/ipqammaAf0zPDDx1ONV3vurdidqwAQL+pEc8sLcAe1CCvQ3YHxIW8Pl85xSWNC1hADDIv0rIE/o4J0k3kww4xSlwIhcq3EFFOm7KN/hUGOQkt0CFa5WpNJlMvxBEz/IVQAxg/ZRZl9wiHA63yDYieM7DnLP5CiAGsC7
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 62 32 4a 6c 49 46 68 4e 55 43 42 44 62 33 4a 6c 49 44 55 75 4d 79 31 6a 4d 44 45 78 49 44 59 32 4c 6a 45 30 4e 54 59 32 4d 53 77 67 4d 6a 41 78 4d 69 38 77 4d 69 38 77 4e 69 30 78 4e 44 6f 31 4e 6a 6f 79 4e 79 41 67 49 43 41 67 49 43 41 67 49 6a 34 67 50 48 4a 6b 5a 6a 70 53 52 45 59 67 65 47 31 73 62 6e 4d 36 63 6d 52 6d 50 53 4a 6f 64 48 52 77 4f 69 38 76 64 33 64 33 4c 6e 63 7a 4c 6d 39 79 5a 79 38 78 4f 54 6b 35 4c 7a 41 79 4c 7a 49 79 4c 58 4a 6b 5a 69 31 7a 65 57 35 30 59 58 67 74 62 6e 4d 6a 49 6a 34 67 50 48 4a 6b 5a 6a 70 45 5a 58 4e 6a 63 6d 6c 77 64 47 6c 76 62 69 42 79 5a 47 59 36 59 57 4a 76 64 58 51 39 49 69 49 67 65 47 31 73 62 6e 4d 36 65 47 31 77 50 53 4a 6f 64 48 52 77 4f 69 38 76 62 6e 4d 75 59 57 52 76 59 6d 55 75 59 32 39 74 4c 33 68 Data Ascii: b2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3h
2024-04-19 23:37:30 UTC	1378	IN	Data Raw: 74 34 32 66 2b 4d 70 30 79 55 54 56 51 62 64 57 73 41 48 56 73 69 6b 64 69 48 6b 48 61 50 78 63 51 58 51 75 66 58 67 55 42 67 4d 52 78 6d 65 39 55 30 41 41 78 66 48 34 76 46 76 6a 4d 37 65 46 36 55 6b 62 4a 53 35 71 6f 51 77 45 51 47 41 35 37 41 63 35 4a 6c 6c 46 79 55 56 5a 5a 35 63 6b 55 45 67 4d 56 78 73 4b 32 6a 6c 53 59 7a 49 2b 51 58 4a 73 69 79 6a 7a 4e 45 41 4a 79 4a 41 7a 62 2f 4b 51 61 34 31 6a 4a 4b 4c 38 70 4f 44 4d 51 69 54 45 41 79 6d 58 77 35 6e 38 2f 50 30 49 6a 44 33 62 68 37 52 67 6f 67 35 39 61 61 6e 78 69 49 52 54 56 76 56 2f 6f 6a 30 74 6e 48 63 61 2f 57 4d 72 56 77 4f 44 77 42 33 72 61 54 47 78 7a 6b 42 67 2f 67 6e 5a 56 61 70 46 56 36 32 57 79 32 6e 35 41 4f 37 30 48 4d 2f 35 77 62 4a 30 51 6e 58 79 51 53 61 56 50 44 49 75 4e 5a 7a Data Ascii: t42f+Mp0yUTVQbdWsAHVsikdiHkHaPxcQXQufXgUBgMRxme9U0AAxfH4vFvjM7eF6UkbJS5qoQwEQGA57Ac5JllFyUVZZ5ckUEgMVxsK2jlSYzI+QXJsiyjzNEAJyJAzb/KQa41jJKL8pODMQiTEAymXw5n8/P0IjD3bh7Rgog59aanxiIRTVvV/oj0tnHca/WMrVwODwB3raTGxzkBg/gnZVapFV62Wy2n5AO70HM/5wbJ0QnXyQSaVPDIuNZz
2024-04-19 23:37:30 UTC	847	IN	Data Raw: 36 73 64 34 32 39 54 55 4e 45 63 6d 55 64 63 2b 50 52 61 4c 48 63 76 6e 38 37 64 58 57 34 75 67 7a 64 73 61 47 78 75 66 4c 39 34 4e 46 76 39 7a 69 31 4a 37 47 56 62 68 6c 76 62 32 64 6e 61 4a 33 53 56 72 78 66 63 2b 6e 32 2b 4e 54 73 5a 37 2f 48 37 2f 4d 72 33 67 35 58 64 53 49 48 79 4a 53 48 31 50 5a 2b 37 66 54 6f 79 6c 32 2b 45 72 71 69 6c 67 5a 34 4e 61 4c 59 42 39 67 6f 56 47 61 48 6a 52 39 33 48 76 31 5a 72 55 34 58 44 73 46 54 32 30 6b 48 33 50 4f 62 7a 62 57 6b 30 43 67 47 31 6a 61 63 56 49 55 6e 41 51 62 39 46 2b 56 65 78 79 4c 4d 7a 6b 70 63 4c 76 30 49 4a 56 37 41 48 51 49 4f 43 41 55 59 48 78 37 76 35 71 67 53 63 6d 59 48 74 54 71 53 41 79 5a 4c 45 4a 54 4b 32 32 42 69 65 34 69 71 33 78 73 71 70 6d 34 53 41 66 39 48 71 39 61 32 44 6e 4a 34 75 Data Ascii: 6sd429TUNEcmUdc+PRaLHcvn87dXW4ugzdsaGxufL94NFv9zi1J7GVbhlvb2dnaJ3SVrxfc+n2+NTsZ7/H7/Mr3g5XdSIHyJSH1PZ+7fToyl2+ErqilgZ4NaLYB9goVGaHjR93Hv1ZrU4XDsFT20kH3PObzbWk0CgG1jacVIUnAQb9F+VexyLMzkpcLv0IJV7AHQIOCAUYHx7v5qgScmYHtTqSAyZLEJTK22Bie4iq3xsqpm4SAf9Hq9a2DnJ4u

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49743	13.107.213.41	443	4852	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:30 UTC	418	OUT	GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msauth.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-19 23:37:30 UTC	806	IN	HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 23:37:30 GMT Content-Type: image/svg+xml Content-Length: 1435 Connection: close Cache-Control: public, max-age=31536000 Content-Encoding: gzip Last-Modified: Fri, 17 Jan 2020 19:28:38 GMT ETag: 0x8D79B8373CB2849 x-ms-request-id: 9b64396f-c01e-003e-07b2-926692000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * x-azure-ref: 20240419T233730Z-r1f585c6b6556d6thg3mb7h85s00000001200000000076ww x-fd-int-roxy-purgeid: 4554691 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-04-19 23:37:30 UTC	1435	IN	Data Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5 Data Ascii: WMo7+uVHJ{&v(QFaWQ\|~\|{~b{8zv8\|bgxby{x<\lSppl7o}vtrr\|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49745	184.31.62.93	443

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:32 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-19 23:37:33 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/079C) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=113148 Date: Fri, 19 Apr 2024 23:37:33 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49746	184.31.62.93	443

Timestamp	Bytes transferred	Direction	Data
2024-04-19 23:37:33 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-19 23:37:33 UTC	805	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/0778) X-CID: 11 X-CCC: US X-Azure-Ref-OriginShield: Ref A: 52EA27DBDE0C4533B819423583F6692E Ref B: CH1AA2040902052 Ref C: 2023-07-09T23:10:08Z X-MSEdge-Ref: Ref A: 528BB8D443C042AA9AEA4EC3F75C7762 Ref B: CHI30EDGE0111 Ref C: 2023-07-09T23:11:11Z Content-Type: application/octet-stream X-Azure-Ref: 01uvbYwAAAACkqWtaEMjWQL/4cpisZkorTUVNMzBFREdFMDgxMQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=113169 Date: Fri, 19 Apr 2024 23:37:33 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-19 23:37:33 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 2312, Parent PID: 1892

General

Target ID:	0
Start time:	01:37:20
Start date:	20/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4852, Parent PID: 2312

General

Target ID:	2
Start time:	01:37:23
Start date:	20/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2468,i,699339187690681143,3924991867902275717,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6436, Parent PID: 1892

General

Target ID:	3
Start time:	01:37:27
Start date:	20/04/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sharma-sanjana2108.github.io/Microsoft/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly