Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://69.42.221.142

Overview

General Information

Sample URL:http://69.42.221.142
Analysis ID:1436364
Infos:
Errors
  • URL not reachable

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5304 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4296 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,1972598558064883228,17030318514518201264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3688 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:/// MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6404 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1764,i,9200146949028027716,12137685303876798854,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(w)264683102268174230445509846528523659025526683206474573785554683400960570667889963326065746684392048696916785/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6768 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1976,i,10684078385391978843,5142502870330490291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6192 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://69.42.221.142" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 72.247.100.147
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownTCP traffic detected without corresponding DNS query: 69.42.221.142
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: chromecache_44.2.drString found in binary or memory: http://www.broofa.com
Source: chromecache_50.2.drString found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_50.2.drString found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_50.2.dr, chromecache_44.2.drString found in binary or memory: https://apis.google.com
Source: chromecache_50.2.drString found in binary or memory: https://clients6.google.com
Source: chromecache_50.2.drString found in binary or memory: https://content.googleapis.com
Source: chromecache_50.2.drString found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_50.2.drString found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_44.2.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_44.2.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_44.2.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_44.2.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_44.2.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_50.2.drString found in binary or memory: https://plus.google.com
Source: chromecache_50.2.drString found in binary or memory: https://plus.googleapis.com
Source: chromecache_50.2.drString found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_50.2.drString found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_50.2.drString found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_44.2.drString found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_44.2.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_44.2.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 72.247.100.147:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: classification engineClassification label: unknown0.win@35/14@6/5
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,1972598558064883228,17030318514518201264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(w)264683102268174230445509846528523659025526683206474573785554683400960570667889963326065746684392048696916785/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1764,i,9200146949028027716,12137685303876798854,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1976,i,10684078385391978843,5142502870330490291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://69.42.221.142"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,1972598558064883228,17030318514518201264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1764,i,9200146949028027716,12137685303876798854,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1976,i,10684078385391978843,5142502870330490291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1436364 URL: http://69.42.221.142 Startdate: 04/05/2024 Architecture: WINDOWS Score: 0 5 chrome.exe 2->5         started        8 chrome.exe 2->8         started        10 chrome.exe 2->10         started        12 chrome.exe 2->12         started        dnsIp3 21 192.168.2.4, 138, 443, 49577 unknown unknown 5->21 23 239.255.255.250 unknown Reserved 5->23 14 chrome.exe 5->14         started        17 chrome.exe 8->17         started        19 chrome.exe 10->19         started        process4 dnsIp5 25 www.google.com 142.250.217.132, 443, 49733, 49734 GOOGLEUS United States 14->25 27 plus.l.google.com 142.250.72.174, 443, 49744 GOOGLEUS United States 14->27 29 3 other IPs or domains 14->29

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://69.42.221.1420%Avira URL Cloudsafe
http://69.42.221.1421%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
fp2e7a.wpc.phicdn.net0%VirustotalBrowse
bg.microsoft.map.fastly.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://www.broofa.com0%URL Reputationsafe
https://csp.withgoogle.com/csp/lcreport/0%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalseunknown
google.com
142.250.72.238
truefalse
    		high
    plus.l.google.com
    		142.250.72.174
    		truefalse
      		high
      www.google.com
      		142.250.217.132
      		truefalse
        		high
        fp2e7a.wpc.phicdn.net
        		192.229.211.108
        		truefalseunknown
        apis.google.com
        		unknown
        		unknownfalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0false
            		high
            https://www.google.com/async/newtab_promosfalse
              		high
              https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                		high
                https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                  		high

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  https://play.google.com/log?format=json&hasfast=truechromecache_44.2.drfalse
                    		high
                    https://apis.google.comchromecache_50.2.dr, chromecache_44.2.drfalse
                      		high
                      http://www.broofa.comchromecache_44.2.drfalse
                      • URL Reputation: safe
                      		unknown
                      https://csp.withgoogle.com/csp/lcreport/chromecache_50.2.drfalse
                      • URL Reputation: safe
                      		unknown
                      https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1chromecache_50.2.drfalse
                        		high
                        https://domains.google.com/suggest/flowchromecache_50.2.drfalse
                          		high
                          https://clients6.google.comchromecache_50.2.drfalse
                            		high
                            https://plus.google.comchromecache_50.2.drfalse
                              		high

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              142.250.217.132
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              69.42.221.142
                              		unknownUnited States
                              		17048AWKNET-LLCUSfalse
                              142.250.72.174
                              		plus.l.google.comUnited States
                              		15169GOOGLEUSfalse

                              Private

                              IP
                              192.168.2.4

                              General Information

                              Joe Sandbox version:40.0.0 Tourmaline
                              Analysis ID:1436364
                              Start date and time:2024-05-04 17:55:55 +02:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 2m 39s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:http://69.42.221.142
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:12
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:UNKNOWN
                              Classification:unknown0.win@35/14@6/5
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0
                              Cookbook Comments:
                              • URL browsing timeout or error

                              Errors

                              • URL not reachable

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.72.163, 172.217.14.110, 142.250.141.84, 34.104.35.123, 142.250.189.3, 20.12.23.50, 199.232.210.172, 192.229.211.108, 20.3.187.198, 20.166.126.56, 142.250.72.131
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                              • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtSetInformationFile calls found.

                              Simulations

                              Behavior and APIs

                              No simulations

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              Chrome Cache Entry: 44

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (2294)
                              Category:downloaded
                              Size (bytes):163286
                              Entropy (8bit):5.544045381504343
                              Encrypted:false
                              SSDEEP:3072:CMiFOP4roKgkk/EFZMQbxjZW1BKo6JMI6l0nt8Uv1ziwtXOmDsY+WwYLF/HrY7+A:CMiroKfbMQbxjZW1BKo6JMI6l0nt8Uvq
                              MD5:9D9987F6E83F101A097A0BD64A14C71B
                              SHA1:E71E10897E0E874DE4D12125D5DF2F7FCE08F585
                              SHA-256:D0975FC00A61201A54714BE8DF5E50F02B277E133BA08ABD9DEEA33934FA28A9
                              SHA-512:5AE557145F0E0FF3E768AFC63B3E4855F53DCA49D46A22ACB169CC6DC58FF2B11C776B419141EB12C8B0CF7BBD16E928F9EE5AF5014DD976130B00A1995B325E
                              Malicious:false
                              Reputation:low
                              URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Ics7SFQVxbg.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTtpRznzVJk75Y4TcT-zpGGUjebtAg"
                              Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.cj=function(a,b,c){return c?a|b:a&~b};_.dj=function(a,b,c,d){a=_.jb(a,b,c,d);return Array.isArray(a)?a:_.kc};_.ej=function(a,b){a=_.cj(a,2,!!(2&b));a=_.cj(a,32,!0);return a=_.cj(a,2048,!1)};_.fj=function(a,b){0===a&&(a=_.ej(a,b));return a=_.cj(a,1,!0)};_.gj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.hj=function(a,b,c){32&b&&c||(a=_.cj(a,32,!1));return a};._.ij=function(a,b,c,d,e,f){var g=!!(2&b),h=g?1:2;const k=1===h;h=2===h;e=!!e;f&&(f=!g);g=_.dj(a,b,d);var l=g[_.v]|0;const n=!!(4&l);if(!n){l=_.fj(l,b);var p=g,t=b,r;(r=!!(2&l))&&(t=_.cj(t,2,!0));let B=!r,aa=!0,K=0,F=0;for(;K<p.length;K++){const ba=_.Ua(p[K],c,t);if(ba instanceof c){if(!r){const Ca=!!((ba.ka[_.v]|0)&2);B&&(B=!Ca);aa&&(aa=Ca)}p[F++]=ba}}F<K&&(p.length=F);l=_.cj(l,4,!0);l=_.cj(l,16,aa);l=_.cj(l,8,B);_.ya(p,l);r&&Object.freeze(p)}c=!!(8&l)||k&&!g.length;if(f&&!c){_.gj(l)&&(g=_.xa(g),.l=_.ej(l,b),b=_.ib(a,b,d,g));f=g;c=l;for(p=0;p<f.length;p++)l=f[p],t=_

                              Chrome Cache Entry: 45

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (3376)
                              Category:downloaded
                              Size (bytes):3381
                              Entropy (8bit):5.83848882952333
                              Encrypted:false
                              SSDEEP:96:jlMd7NlitIN6666ebToitKF9fMCcA8bAuw7oMcZT7sffffQo:JQxN6666e4itcMLouw79cx7e
                              MD5:209BC8ADDB0E1C1CFF417DA0FAAFD491
                              SHA1:5F79B4E47C0D75D9B85290BD4842AFAB61ECAA6B
                              SHA-256:19318A76B07B913C57730B671BD7665FE3E9F19758374FE11E3BC383696AAC30
                              SHA-512:4C79D245FFB3F4EBB8C9171CB3822A60AD0DC98B12AF80E68389D84EFE89D16E780C29FA3119962100C9B91BFC242D32673A5452EE8032D6C63F50A7DF2F98F9
                              Malicious:false
                              Reputation:low
                              URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                              Preview:)]}'.["",["minnesota timberwolves vs denver nuggets","rue21 stores closing","moms day gifts","west texas tornadoes","apple iphone alarm","sean stewart basketball","teachers appreciation week discounts","daisy boutique disney dreamlight valley"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"google:entityinfo":"Cg0vZy8xMWtydndqa2JiEhFCYXNrZXRiYWxsIHBsYXllcjL3DWRhdGE6aW1hZ2UvanBlZztiYXNlNjQsLzlqLzRBQVFTa1pKUmdBQkFRQUFBUUFCQUFELzJ3Q0VBQWtHQndnSEJna0lCd2dLQ2drTERSWVBEUXdNRFJzVUZSQVdJQjBpSWlBZEh4OGtLRFFzSkNZeEp4OGZMVDB0TVRVM09qbzZJeXMvUkQ4NFF6UTVPamNCQ2dvS0RRd05HZzhQR2pjbEh5VTNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTi8vQUFCRUlBRUFBTGdNQklnQUNFUUVERVFIL3hBQWFBQUFDQXdFQkFBQUFBQUFBQUFBQUFBQUhDQVFGQmdNQi84UUFNQkFBQWdFREF3SUZCQUFHQXdBQUFBQUFBUUlEQkFVUkFCSWhCakVUSWxGaGdR

                              Chrome Cache Entry: 46

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):29
                              Entropy (8bit):3.9353986674667634
                              Encrypted:false
                              SSDEEP:3:VQAOx/1n:VQAOd1n
                              MD5:6FED308183D5DFC421602548615204AF
                              SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                              SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                              SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                              Malicious:false
                              Reputation:low
                              URL:https://www.google.com/async/newtab_promos
                              Preview:)]}'.{"update":{"promos":{}}}

                              Chrome Cache Entry: 47

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (3572), with no line terminators
                              Category:downloaded
                              Size (bytes):3572
                              Entropy (8bit):5.140651484312947
                              Encrypted:false
                              SSDEEP:48:vZUJVKLICJEconBdpZUvGCUvGULHg7OTehn5hsbrc7g8IO8u0Y8D2n:yJYI/coXqCg7OSfg8IO8uB8D2n
                              MD5:122C0858F7D38991F14E5ADC6BDB3C3B
                              SHA1:FFC64755EB42990A73C4878426A641CFB94B57EE
                              SHA-256:06D1296A6F6611AC795B27882FE88823EE857D0F49F7018CF00C6A199976DC0D
                              SHA-512:149A1FB533C8C7D5EA363B80982DC1EC4C39E5EF9BB37E45BC80E105B18C3FA4DC610449BBD70DE9B9AC7339FEBBBD4FF76C2A9D1FD104D1943A386539AC4D44
                              Malicious:false
                              Reputation:low
                              URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.RS0dNtaZmo0.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuhe2hCYlalU7rKCW-qT_-zMhVRaw"
                              Preview:.gb_2e{background:rgba(60,64,67,.9);-webkit-border-radius:4px;border-radius:4px;color:#fff;font:500 12px "Roboto",arial,sans-serif;letter-spacing:.8px;line-height:16px;margin-top:4px;min-height:14px;padding:4px 8px;position:absolute;z-index:1000;-webkit-font-smoothing:antialiased}.gb_Fc{text-align:left}.gb_Fc>*{color:#bdc1c6;line-height:16px}.gb_Fc div:first-child{color:white}.gb_pa{background:none;border:1px solid transparent;-webkit-border-radius:50%;border-radius:50%;-webkit-box-sizing:border-box;box-sizing:border-box;cursor:pointer;height:40px;margin:8px;outline:none;padding:1px;position:absolute;right:0;top:0;width:40px}.gb_pa:hover{background-color:rgba(68,71,70,.08)}.gb_pa:focus,.gb_pa:active{background-color:rgba(68,71,70,.12)}.gb_pa:focus-visible{border-color:#0b57d0;outline:1px solid transparent;outline-offset:-1px}.gb_i .gb_pa:hover,.gb_i .gb_pa:focus,.gb_i .gb_pa:active{background-color:rgba(227,227,227,.08)}.gb_i .gb_pa:focus-visible{border-color:#a8c7fa}.gb_qa{-webkit-box

                              Chrome Cache Entry: 48

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65531)
                              Category:downloaded
                              Size (bytes):137077
                              Entropy (8bit):5.441154470031642
                              Encrypted:false
                              SSDEEP:1536:jdGuEyun2zuFRDP6nWysx3DMqPKnrzNSpGiV1p+RHPGb4guj8K8jZRLM9rZxMkPr:DUnoap3DTKnrQpG4nQUduG6ZxMkmwXd
                              MD5:4B8D7F5F0C69C3CC59A23E6A1901170F
                              SHA1:E33A79AAD2E755CA5AE0C691727B59C32CF80F47
                              SHA-256:97EC55091D0368F323DE9B3491D77C7839B6A4320EEEFDBA82A9574BAEF5A392
                              SHA-512:A67FE04CB235A4AA8E375552CAD12E9781693AFE1E465371F70016DAC26AA5B2BEE87715F0A2B9D7B422500B5229CDAB4A85B20F59BB986C45D6D803FCFBDB5F
                              Malicious:false
                              Reputation:low
                              URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                              Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Qa gb_hb gb_Td gb_nd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Hd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_rd gb_kd gb_xd gb_wd\"\u003e\u003cdiv class\u003d\"gb_qd gb_gd\"\u003e\u003cdiv class\u003d\"gb_Oc gb_q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Oc gb_Rc gb_q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                              Chrome Cache Entry: 49

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:SVG Scalable Vector Graphics image
                              Category:downloaded
                              Size (bytes):1660
                              Entropy (8bit):4.301517070642596
                              Encrypted:false
                              SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                              MD5:554640F465EB3ED903B543DAE0A1BCAC
                              SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                              SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                              SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                              Malicious:false
                              Reputation:low
                              URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                              Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                              Chrome Cache Entry: 50

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (2124)
                              Category:downloaded
                              Size (bytes):121628
                              Entropy (8bit):5.506662476672723
                              Encrypted:false
                              SSDEEP:3072:QI9yvwslCsrCF9f/U2Dj3Fkk7rEehA5L1kx:l9ygsrieDkVaL1kx
                              MD5:F46ACD807A10216E6EEE8EA51E0F14D6
                              SHA1:4702F47070F7046689432DCF605F11364BC0FBED
                              SHA-256:D6B84873D27E7E83CF5184AAEF778F1CCB896467576CD8AF2CAD09B31B3C6086
                              SHA-512:811263DC85C8DAA3A6E5D8A002CCCB953CD01E6A77797109835FE8B07CABE0DEE7EB126274E84266229880A90782B3B016BA034E31F0E3B259BF9E66CA797028
                              Malicious:false
                              Reputation:low
                              URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0"
                              Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);.var ba,ca,da,na,pa,va,wa,za;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.da=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=da(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ca(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)re

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              May 4, 2024 17:56:37.164500952 CEST49675443192.168.2.4173.222.162.32
                              May 4, 2024 17:56:37.883163929 CEST49678443192.168.2.4104.46.162.224
                              May 4, 2024 17:56:48.267580032 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.267607927 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.267663956 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.267838001 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.267884016 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.267934084 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268208027 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268232107 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.268424034 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268491983 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268551111 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.268604994 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268775940 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268789053 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.268968105 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.268982887 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.269155979 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.269176006 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.269279003 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.269290924 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.585051060 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.585896969 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.586714029 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.587869883 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.592066050 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.592091084 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.592433929 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.592453003 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.592550993 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.592564106 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.592730999 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.592749119 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.593158960 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.593255043 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.593327999 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.593380928 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.593439102 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.593488932 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.593678951 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.593755960 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.594289064 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.594357014 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.595324039 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.595380068 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.595566034 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.595573902 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.595733881 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.595783949 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.595874071 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.595935106 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.596299887 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.596307039 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.596332073 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.596338034 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.690253019 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.706234932 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.706247091 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.706250906 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.706253052 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.806684017 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.912991047 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913036108 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913085938 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913088083 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.913158894 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913239956 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.913281918 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913924932 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.913990021 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.916129112 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.916246891 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.916296005 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.918519974 CEST49733443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.918531895 CEST44349733142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.920718908 CEST49736443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.920737982 CEST44349736142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922168016 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922200918 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922238111 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922259092 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922278881 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.922291994 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922346115 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.922353983 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.922390938 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.929303885 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.936083078 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.936201096 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.936206102 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.941368103 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.941412926 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.941418886 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.951936007 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:48.951984882 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:48.951992035 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.071775913 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.071840048 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.071847916 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.077028990 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.077085972 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.077090979 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.087704897 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.087907076 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.087912083 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.098315001 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.098360062 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.098366022 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.108972073 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.109091043 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.109097004 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.121912003 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.121958971 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.121970892 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.132579088 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.132642984 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.132648945 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.142276049 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.143853903 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.143861055 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.150474072 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.150544882 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.150551081 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.159189939 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.159254074 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.159260035 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.180879116 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.181005955 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.181176901 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.181185007 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.181227922 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.191520929 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.192970991 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.193181038 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.193191051 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.223884106 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.225440979 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.225449085 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.227288961 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.229438066 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.229444027 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.232824087 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.232995033 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.233000040 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.240051031 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.241269112 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.241275072 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.246849060 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.246907949 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.246913910 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.256005049 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.256170988 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.256176949 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.260346889 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.260404110 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.260410070 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.267160892 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.267210960 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.267218113 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.276597023 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.276645899 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.276652098 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.282340050 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.282417059 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.282422066 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.288535118 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.289278030 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.289282084 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.297702074 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.297738075 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.297811985 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.297821045 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.297899008 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.304393053 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.311218023 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.311247110 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.311317921 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.311323881 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.311458111 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.317965984 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.324762106 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.324790001 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.324803114 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.324809074 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.324856997 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.331552982 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.338264942 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.338298082 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.338315964 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.338321924 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.338370085 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.345129013 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.351705074 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.351739883 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.351782084 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.351788044 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.351864100 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.358314037 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.364521980 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.364553928 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.364566088 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.364574909 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.364618063 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.370769978 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.377005100 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.377054930 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.377060890 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.380153894 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.380203009 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.380208015 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.386420012 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.386528969 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.386534929 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.392692089 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.392846107 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.392851114 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.396410942 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.396495104 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.396501064 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.400158882 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.400374889 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.400387049 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.403754950 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.403902054 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.403907061 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.407155991 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.407639027 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.407644987 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.410619020 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.410788059 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.410794020 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.414149046 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.414335966 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.414340973 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.417731047 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.417788029 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.417793989 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.421096087 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.421147108 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.421154022 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.424454927 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.424509048 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.424514055 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.424602985 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:49.424846888 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.425046921 CEST49735443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:49.425062895 CEST44349735142.250.217.132192.168.2.4
                              May 4, 2024 17:56:52.196832895 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.196871996 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.196927071 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.197634935 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.197650909 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.508613110 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.509185076 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.509203911 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.510072947 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.510134935 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.511660099 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.511717081 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.512058973 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.512069941 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.572233915 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.810132980 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810195923 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810239077 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810251951 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.810273886 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810312986 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.810318947 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810357094 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.810394049 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.810399055 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.820538044 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.820586920 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.820596933 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.830869913 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.830915928 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.830924034 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.841396093 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.841439962 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.841447115 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.929008961 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.929017067 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.959908009 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.960241079 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.960249901 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.967777014 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.967921972 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.967927933 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.976166964 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.976329088 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.976336002 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.986665964 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.987054110 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.987061977 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.997203112 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:52.997627974 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:52.997637033 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.007055998 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.007168055 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.007174015 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.017582893 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.017663002 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.017672062 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.027951002 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.028040886 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.028049946 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.036967039 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.037076950 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.037084103 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.046458006 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.046561956 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.046569109 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.056190014 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.056273937 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.056279898 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.065920115 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.066149950 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.066157103 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.075567961 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.075687885 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.075695992 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.085340023 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.085486889 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.085498095 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.109695911 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.110073090 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.110080957 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.114047050 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.114372015 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.114378929 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.122109890 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.122286081 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.122292995 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.129951954 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.130228043 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.130235910 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.137398005 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.139254093 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.139266014 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.144702911 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.144812107 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.144820929 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.152048111 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.152148962 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.152156115 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.163074970 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.163113117 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.163141966 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.163150072 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.163243055 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.170388937 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.177783012 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.177819967 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.177844048 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.177853107 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.178025007 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.185087919 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.193214893 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.193249941 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.193278074 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.193285942 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.193366051 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.202001095 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.207957983 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.207993031 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.208019018 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.208028078 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.208178997 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.215181112 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.222052097 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.222131968 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.222137928 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.227729082 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.227766037 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.228128910 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.228136063 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.228281021 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.234354019 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.241312027 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.241410971 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.241420031 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.249814034 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.249855042 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.249983072 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.249989986 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.250056028 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.255584002 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.261617899 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.261651993 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.261765003 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.261773109 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.261879921 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.267316103 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.273116112 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.273148060 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.273186922 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.273196936 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.273241043 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.276730061 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.280314922 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.280347109 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.280374050 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.280381918 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.280586004 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.284006119 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.287425995 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.287489891 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.287524939 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.287530899 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.287559032 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:53.287585974 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.287684917 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.287801027 CEST49744443192.168.2.4142.250.72.174
                              May 4, 2024 17:56:53.287815094 CEST44349744142.250.72.174192.168.2.4
                              May 4, 2024 17:56:58.422483921 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.422509909 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:58.422591925 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.424865007 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.424873114 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:58.621124983 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:58.621198893 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:58.621259928 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:58.733550072 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:58.733613968 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.736337900 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.736345053 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:58.736582994 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:58.797080040 CEST49734443192.168.2.4142.250.217.132
                              May 4, 2024 17:56:58.797106981 CEST44349734142.250.217.132192.168.2.4
                              May 4, 2024 17:56:58.803519011 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.851167917 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:58.896119118 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.030096054 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.030216932 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.030337095 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.030659914 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.030659914 CEST49745443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.030673981 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.030682087 CEST4434974572.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.081279993 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.081301928 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.085442066 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.108081102 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.108093977 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.412132978 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.412504911 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.416093111 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.416101933 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.416328907 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.429697037 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.472120047 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.715598106 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.715677023 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.716398001 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.716419935 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.716419935 CEST49746443192.168.2.472.247.100.147
                              May 4, 2024 17:56:59.716434956 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:56:59.716442108 CEST4434974672.247.100.147192.168.2.4
                              May 4, 2024 17:57:13.747728109 CEST4975380192.168.2.469.42.221.142
                              May 4, 2024 17:57:13.747925043 CEST4975480192.168.2.469.42.221.142
                              May 4, 2024 17:57:14.009565115 CEST4975580192.168.2.469.42.221.142
                              May 4, 2024 17:57:14.756442070 CEST4975380192.168.2.469.42.221.142
                              May 4, 2024 17:57:14.756455898 CEST4975480192.168.2.469.42.221.142
                              May 4, 2024 17:57:15.022350073 CEST4975580192.168.2.469.42.221.142
                              May 4, 2024 17:57:16.759701014 CEST4975380192.168.2.469.42.221.142
                              May 4, 2024 17:57:16.759996891 CEST4975480192.168.2.469.42.221.142
                              May 4, 2024 17:57:17.027159929 CEST4975580192.168.2.469.42.221.142
                              May 4, 2024 17:57:20.760354042 CEST4975380192.168.2.469.42.221.142
                              May 4, 2024 17:57:20.761351109 CEST4975480192.168.2.469.42.221.142
                              May 4, 2024 17:57:21.039561987 CEST4975580192.168.2.469.42.221.142
                              May 4, 2024 17:57:28.773251057 CEST4975380192.168.2.469.42.221.142
                              May 4, 2024 17:57:28.773277044 CEST4975480192.168.2.469.42.221.142
                              May 4, 2024 17:57:29.041610956 CEST4975580192.168.2.469.42.221.142
                              May 4, 2024 17:57:35.854505062 CEST4975680192.168.2.469.42.221.142
                              May 4, 2024 17:57:35.855042934 CEST4975780192.168.2.469.42.221.142
                              May 4, 2024 17:57:36.856581926 CEST4975780192.168.2.469.42.221.142
                              May 4, 2024 17:57:36.856585979 CEST4975680192.168.2.469.42.221.142
                              May 4, 2024 17:57:38.867166042 CEST4975680192.168.2.469.42.221.142
                              May 4, 2024 17:57:38.867181063 CEST4975780192.168.2.469.42.221.142
                              May 4, 2024 17:57:42.869492054 CEST4975680192.168.2.469.42.221.142
                              May 4, 2024 17:57:42.869554996 CEST4975780192.168.2.469.42.221.142

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              May 4, 2024 17:56:47.621057987 CEST53609411.1.1.1192.168.2.4
                              May 4, 2024 17:56:47.764364958 CEST53588381.1.1.1192.168.2.4
                              May 4, 2024 17:56:48.113018036 CEST4957753192.168.2.41.1.1.1
                              May 4, 2024 17:56:48.113143921 CEST5215953192.168.2.41.1.1.1
                              May 4, 2024 17:56:48.263495922 CEST53495771.1.1.1192.168.2.4
                              May 4, 2024 17:56:48.263871908 CEST53521591.1.1.1192.168.2.4
                              May 4, 2024 17:56:48.759144068 CEST6180153192.168.2.48.8.8.8
                              May 4, 2024 17:56:48.760461092 CEST5849553192.168.2.41.1.1.1
                              May 4, 2024 17:56:48.866384983 CEST53556741.1.1.1192.168.2.4
                              May 4, 2024 17:56:48.910536051 CEST53618018.8.8.8192.168.2.4
                              May 4, 2024 17:56:48.911793947 CEST53584951.1.1.1192.168.2.4
                              May 4, 2024 17:56:49.768567085 CEST53535191.1.1.1192.168.2.4
                              May 4, 2024 17:56:52.043030977 CEST6492553192.168.2.41.1.1.1
                              May 4, 2024 17:56:52.043591976 CEST6092753192.168.2.41.1.1.1
                              May 4, 2024 17:56:52.195167065 CEST53649251.1.1.1192.168.2.4
                              May 4, 2024 17:56:52.195807934 CEST53609271.1.1.1192.168.2.4
                              May 4, 2024 17:57:08.419388056 CEST138138192.168.2.4192.168.2.255
                              May 4, 2024 17:57:10.068133116 CEST53649751.1.1.1192.168.2.4
                              May 4, 2024 17:57:29.474592924 CEST53604761.1.1.1192.168.2.4
                              May 4, 2024 17:57:46.961313009 CEST53501081.1.1.1192.168.2.4

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              May 4, 2024 17:56:48.113018036 CEST192.168.2.41.1.1.10x1a7aStandard query (0)www.google.comA (IP address)IN (0x0001)false
                              May 4, 2024 17:56:48.113143921 CEST192.168.2.41.1.1.10x19d6Standard query (0)www.google.com65IN (0x0001)false
                              May 4, 2024 17:56:48.759144068 CEST192.168.2.48.8.8.80x9990Standard query (0)google.comA (IP address)IN (0x0001)false
                              May 4, 2024 17:56:48.760461092 CEST192.168.2.41.1.1.10xabeaStandard query (0)google.comA (IP address)IN (0x0001)false
                              May 4, 2024 17:56:52.043030977 CEST192.168.2.41.1.1.10x28d8Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                              May 4, 2024 17:56:52.043591976 CEST192.168.2.41.1.1.10x74bStandard query (0)apis.google.com65IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              May 4, 2024 17:56:48.263495922 CEST1.1.1.1192.168.2.40x1a7aNo error (0)www.google.com142.250.217.132A (IP address)IN (0x0001)false
                              May 4, 2024 17:56:48.263871908 CEST1.1.1.1192.168.2.40x19d6No error (0)www.google.com65IN (0x0001)false
                              May 4, 2024 17:56:48.910536051 CEST8.8.8.8192.168.2.40x9990No error (0)google.com142.250.72.238A (IP address)IN (0x0001)false
                              May 4, 2024 17:56:48.911793947 CEST1.1.1.1192.168.2.40xabeaNo error (0)google.com142.250.217.142A (IP address)IN (0x0001)false
                              May 4, 2024 17:56:52.195167065 CEST1.1.1.1192.168.2.40x28d8No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                              May 4, 2024 17:56:52.195167065 CEST1.1.1.1192.168.2.40x28d8No error (0)plus.l.google.com142.250.72.174A (IP address)IN (0x0001)false
                              May 4, 2024 17:56:52.195807934 CEST1.1.1.1192.168.2.40x74bNo error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                              May 4, 2024 17:57:00.575707912 CEST1.1.1.1192.168.2.40x3c60No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                              May 4, 2024 17:57:00.575707912 CEST1.1.1.1192.168.2.40x3c60No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                              May 4, 2024 17:57:01.088242054 CEST1.1.1.1192.168.2.40x2f77No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              May 4, 2024 17:57:01.088242054 CEST1.1.1.1192.168.2.40x2f77No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                              May 4, 2024 17:57:14.441029072 CEST1.1.1.1192.168.2.40x280cNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              May 4, 2024 17:57:14.441029072 CEST1.1.1.1192.168.2.40x280cNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                              May 4, 2024 17:57:45.736177921 CEST1.1.1.1192.168.2.40xa462No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                              May 4, 2024 17:57:45.736177921 CEST1.1.1.1192.168.2.40xa462No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • www.google.com
                              • apis.google.com
                              • fs.microsoft.com

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.449736142.250.217.1324434296C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:48 UTC607OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                              Host: www.google.com
                              Connection: keep-alive
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-05-04 15:56:48 UTC1191INHTTP/1.1 200 OK
                              Date: Sat, 04 May 2024 15:56:48 GMT
                              Pragma: no-cache
                              Expires: -1
                              Cache-Control: no-cache, must-revalidate
                              Content-Type: text/javascript; charset=UTF-8
                              Strict-Transport-Security: max-age=31536000
                              Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-OzBMnDi-XPfHFGHzLao3tA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                              Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                              Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                              Accept-CH: Sec-CH-UA-Platform
                              Accept-CH: Sec-CH-UA-Platform-Version
                              Accept-CH: Sec-CH-UA-Full-Version
                              Accept-CH: Sec-CH-UA-Arch
                              Accept-CH: Sec-CH-UA-Model
                              Accept-CH: Sec-CH-UA-Bitness
                              Accept-CH: Sec-CH-UA-Full-Version-List
                              Accept-CH: Sec-CH-UA-WoW64
                              Permissions-Policy: unload=()
                              Content-Disposition: attachment; filename="f.txt"
                              Server: gws
                              X-XSS-Protection: 0
                              X-Frame-Options: SAMEORIGIN
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2024-05-04 15:56:48 UTC64INData Raw: 38 32 61 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 6d 69 6e 6e 65 73 6f 74 61 20 74 69 6d 62 65 72 77 6f 6c 76 65 73 20 76 73 20 64 65 6e 76 65 72 20 6e 75 67 67 65 74 73 22 2c 22 72 75 65 32 31
                              Data Ascii: 82a)]}'["",["minnesota timberwolves vs denver nuggets","rue21
                              2024-05-04 15:56:48 UTC1255INData Raw: 20 73 74 6f 72 65 73 20 63 6c 6f 73 69 6e 67 22 2c 22 6d 6f 6d 73 20 64 61 79 20 67 69 66 74 73 22 2c 22 77 65 73 74 20 74 65 78 61 73 20 74 6f 72 6e 61 64 6f 65 73 22 2c 22 61 70 70 6c 65 20 69 70 68 6f 6e 65 20 61 6c 61 72 6d 22 2c 22 73 65 61 6e 20 73 74 65 77 61 72 74 20 62 61 73 6b 65 74 62 61 6c 6c 22 2c 22 74 65 61 63 68 65 72 73 20 61 70 70 72 65 63 69 61 74 69 6f 6e 20 77 65 65 6b 20 64 69 73 63 6f 75 6e 74 73 22 2c 22 64 61 69 73 79 20 62 6f 75 74 69 71 75 65 20 64 69 73 6e 65 79 20 64 72 65 61 6d 6c 69 67 68 74 20 76 61 6c 6c 65 79 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a
                              Data Ascii: stores closing","moms day gifts","west texas tornadoes","apple iphone alarm","sean stewart basketball","teachers appreciation week discounts","daisy boutique disney dreamlight valley"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":
                              2024-05-04 15:56:48 UTC778INData Raw: 38 78 59 6d 4d 76 63 6d 70 56 4e 6e 67 76 56 7a 4a 75 62 6d 31 58 54 7a 67 77 53 58 41 30 4b 7a 64 57 52 57 55 30 5a 30 51 77 4d 6d 70 51 55 48 5a 75 52 32 68 7a 64 6c 45 76 56 55 31 73 54 6a 6c 34 54 46 4e 77 52 33 4a 4d 4c 30 73 34 62 7a 4e 42 5a 6e 4a 75 52 33 46 68 64 58 52 4f 65 47 39 4e 4c 32 4e 56 63 45 4e 4c 54 7a 59 30 57 55 52 56 59 7a 46 4b 63 54 56 6a 62 33 64 47 4d 55 63 7a 64 44 46 35 62 32 4a 77 51 6a 51 35 64 58 46 76 59 57 31 4d 54 30 4d 77 56 45 4a 6e 52 44 5a 49 4d 44 46 4c 65 48 42 59 64 6e 42 6b 4d 55 68 59 4d 6d 70 78 5a 55 64 4c 4d 32 31 74 51 31 5a 69 5a 55 68 4d 4f 54 42 33 51 31 6b 35 59 7a 56 48 51 31 42 69 4f 57 46 68 52 6d 51 79 4d 47 4a 7a 59 6e 4e 6a 4e 44 64 61 4d 55 31 77 54 54 45 35 55 30 74 58 52 33 45 32 54 58 56 52 63
                              Data Ascii: 8xYmMvcmpVNngvVzJubm1XTzgwSXA0KzdWRWU0Z0QwMmpQUHZuR2hzdlEvVU1sTjl4TFNwR3JML0s4bzNBZnJuR3FhdXROeG9NL2NVcENLTzY0WURVYzFKcTVjb3dGMUczdDF5b2JwQjQ5dXFvYW1MT0MwVEJnRDZIMDFLeHBYdnBkMUhYMmpxZUdLM21tQ1ZiZUhMOTB3Q1k5YzVHQ1BiOWFhRmQyMGJzYnNjNDdaMU1wTTE5U0tXR3E2TXVRc
                              2024-05-04 15:56:48 UTC91INData Raw: 35 35 0d 0a 41 31 53 6b 64 42 55 47 74 75 57 45 64 52 64 47 63 32 5a 32 5a 7a 59 7a 59 77 62 6a 4e 57 56 57 4a 59 53 46 68 50 55 6e 52 4c 55 30 46 4e 63 57 70 49 59 31 6f 30 53 47 4d 34 61 6e 5a 34 4e 6d 46 78 54 48 68 50 62 46 52 6b 52 6e 46 51 64 46 56 77 4d 6b 74 0d 0a
                              Data Ascii: 55A1SkdBUGtuWEdRdGc2Z2ZzYzYwbjNWVWJYSFhPUnRLU0FNcWpIY1o0SGM4anZ4NmFxTHhPbFRkRnFQdFVwMkt
                              2024-05-04 15:56:48 UTC1213INData Raw: 34 62 36 0d 0a 69 55 6b 56 70 51 6b 56 52 53 45 6f 31 51 56 42 4b 4e 54 63 76 52 32 39 57 4d 6e 42 6a 4e 57 78 77 63 58 46 58 51 32 4a 49 53 56 52 7a 5a 46 5a 73 55 46 51 78 51 57 4a 34 53 32 6c 61 63 45 4e 53 62 6d 78 70 5a 46 70 42 51 79 39 4e 57 56 4e 68 63 57 39 36 64 48 42 76 61 33 51 35 64 48 42 68 54 30 30 31 56 30 64 4b 56 54 4e 5a 65 48 56 4a 53 47 59 31 4d 55 77 78 64 32 39 4b 61 33 46 68 53 30 4e 6c 54 6d 64 35 65 56 4a 78 64 31 6c 49 5a 7a 56 48 64 53 74 30 57 55 6c 36 54 7a 42 49 56 6d 52 47 5a 55 74 71 4e 32 55 78 54 33 68 4b 51 6b 6c 73 61 31 52 48 59 30 68 45 57 55 49 31 65 58 42 61 54 57 64 6e 59 30 39 45 65 6d 39 6d 4f 56 5a 53 57 46 4a 68 4f 48 5a 6c 53 33 6c 68 56 30 4e 4a 59 6d 6c 6f 55 47 74 70 65 57 4e 6c 53 57 38 76 62 32 4a 50 54
                              Data Ascii: 4b6iUkVpQkVRSEo1QVBKNTcvR29WMnBjNWxwcXFXQ2JISVRzZFZsUFQxQWJ4S2lacENSbmxpZFpBQy9NWVNhcW96dHBva3Q5dHBhT001V0dKVTNZeHVJSGY1MUwxd29Ka3FhS0NlTmd5eVJxd1lIZzVHdSt0WUl6TzBIVmRGZUtqN2UxT3hKQklsa1RHY0hEWUI1eXBaTWdnY09Eem9mOVZSWFJhOHZlS3lhV0NJYmloUGtpeWNlSW8vb2JPT
                              2024-05-04 15:56:48 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.449735142.250.217.1324434296C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:48 UTC510OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                              Host: www.google.com
                              Connection: keep-alive
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-05-04 15:56:48 UTC967INHTTP/1.1 200 OK
                              Version: 630032337
                              Content-Type: application/json; charset=UTF-8
                              X-Content-Type-Options: nosniff
                              Strict-Transport-Security: max-age=31536000
                              Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                              Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                              Accept-CH: Sec-CH-UA-Platform
                              Accept-CH: Sec-CH-UA-Platform-Version
                              Accept-CH: Sec-CH-UA-Full-Version
                              Accept-CH: Sec-CH-UA-Arch
                              Accept-CH: Sec-CH-UA-Model
                              Accept-CH: Sec-CH-UA-Bitness
                              Accept-CH: Sec-CH-UA-Full-Version-List
                              Accept-CH: Sec-CH-UA-WoW64
                              Permissions-Policy: unload=()
                              Content-Disposition: attachment; filename="f.txt"
                              Date: Sat, 04 May 2024 15:56:48 GMT
                              Server: gws
                              Cache-Control: private
                              X-XSS-Protection: 0
                              X-Frame-Options: SAMEORIGIN
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2024-05-04 15:56:48 UTC288INData Raw: 31 36 37 35 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 51 61 20 67 62 5f 68 62 20 67 62 5f 54 64 20 67 62 5f 6e 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                              Data Ascii: 1675)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Qa gb_hb gb_Td gb_nd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                              2024-05-04 15:56:48 UTC1255INData Raw: 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 72 64 20 67 62 5f 6b 64 20 67 62 5f 78 64 20 67 62 5f 77 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 71 64 20 67 62 5f 67 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4f 63 20 67 62 5f 71 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30
                              Data Ascii: 03e\u003c\/div\u003e\u003cdiv class\u003d\"gb_rd gb_kd gb_xd gb_wd\"\u003e\u003cdiv class\u003d\"gb_qd gb_gd\"\u003e\u003cdiv class\u003d\"gb_Oc gb_q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u00
                              2024-05-04 15:56:48 UTC1255INData Raw: 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 47 6f 6f 67 6c 65 5c 22 20 68 72 65 66 5c 75 30 30 33 64 5c 22 2f 3f 74 61 62 5c 75 30 30 33 64 72 72 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4e 63 20 67 62 5f 35 64 5c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 5c 75 30 30 33 64 5c 22 74 72 75 65 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 70 72 65 73 65 6e 74 61 74 69 6f 6e 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 61 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 71 64 20 67 62 5f 65 64 20 67 62
                              Data Ascii: label\u003d\"Google\" href\u003d\"/?tab\u003drr\"\u003e\u003cspan class\u003d\"gb_Nc gb_5d\" aria-hidden\u003d\"true\" role\u003d\"presentation\"\u003e\u003c\/span\u003e\u003c\/a\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_qd gb_ed gb
                              2024-05-04 15:56:48 UTC1255INData Raw: 22 67 62 5f 55 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 37 63 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 78 20 67 62 5f 4b 20 67 62 5f 6a 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 66 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 61 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 64 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 53 65 61 72 63 68 20 4c 61 62 73 5c 22 20 68 72 65 66 5c 75 30 30 33 64 5c 22 68 74 74 70 73 3a 2f 2f 6c 61 62 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 65 61 72 63 68 3f 73 6f 75 72 63 65 5c 75 30 30 33 64 6e 74 70 5c 22 20 74
                              Data Ascii: "gb_Ud\"\u003e\u003cdiv class\u003d\"gb_7c\"\u003e \u003cdiv class\u003d\"gb_x gb_K gb_j\"\u003e \u003cdiv class\u003d\"gb_f\"\u003e \u003ca class\u003d\"gb_d\" aria-label\u003d\"Search Labs\" href\u003d\"https://labs.google.com/search?source\u003dntp\" t
                              2024-05-04 15:56:48 UTC1255INData Raw: 6d 2f 69 6e 74 6c 2f 65 6e 2f 61 62 6f 75 74 2f 70 72 6f 64 75 63 74 73 3f 74 61 62 5c 75 30 30 33 64 72 68 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 68 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30 33 64 5c 22 30 20 30 20 32 34 20 32 34 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 36 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c
                              Data Ascii: m/intl/en/about/products?tab\u003drh\" aria-expanded\u003d\"false\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg class\u003d\"gb_h\" focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M6,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,
                              2024-05-04 15:56:48 UTC449INData Raw: 75 30 30 33 64 5c 22 67 62 5f 36 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 48 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 49 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 61 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 38 64 20 67 62 5f 4a 63 20 67 62 5f 36 64 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 47 6f 6f 67 6c 65 5c 22 20 68 72 65 66 5c 75 30 30 33 64 5c 22 2f 3f 74 61 62 5c 75 30 30 33 64 72 72 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4e 63 20 67 62 5f 35 64 5c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 5c 75 30 30 33 64 5c 22 74 72 75 65 5c
                              Data Ascii: u003d\"gb_6c\"\u003e\u003cdiv class\u003d\"gb_Hc\"\u003e\u003cdiv class\u003d\"gb_Ic\"\u003e\u003ca class\u003d\"gb_8d gb_Jc gb_6d\" aria-label\u003d\"Google\" href\u003d\"/?tab\u003drr\"\u003e\u003cspan class\u003d\"gb_Nc gb_5d\" aria-hidden\u003d\"true\
                              2024-05-04 15:56:48 UTC291INData Raw: 31 31 63 0d 0a 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 5f 70 6c 61 63 65 68 6f 6c 64 65 72 5f 6c 61 62 65 6c 22 3a 5b 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 30 22 2c 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 31 22 2c 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 32 22 5d 2c 22 6d 65 6e 75 5f 70 6c 61 63 65 68 6f 6c 64 65 72 5f 6c 61 62 65 6c 22 3a 22 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 31 33 30 30 31 30 32 2c 33 37 30 30 32 36 30 2c 33 37 30 30 39 34 39 2c 33 37 30 31 33 31 30 5d 2c
                              Data Ascii: 11cleft_product_control_placeholder_label":["left_product_control-label0","left_product_control-label1","left_product_control-label2"],"menu_placeholder_label":"menu-content","metadata":{"bar_height":60,"experiment_id":[1300102,3700260,3700949,3701310],
                              2024-05-04 15:56:48 UTC1255INData Raw: 38 30 30 30 0d 0a 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 5c 75 30 30 33 64 74 68 69 73 3b 5c 6e 74 72 79 7b 5c 6e 5f 2e 68 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 61 2e 6a 29 69 66 28 63 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 66 6f 72 28 76 61 72 20 64 20 6f 66 20 63 29 5f 2e 68 64 28 61 2c 62 2c 64 29 3b 65 6c 73 65 7b 64 5c 75 30 30 33
                              Data Ascii: 8000":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_\u003dthis.gbar_||{};(function(_){var window\u003dthis;\ntry{\n_.hd\u003dfunction(a,b,c){if(!a.j)if(c instanceof Array)for(var d of c)_.hd(a,b,d);else{d\u003
                              2024-05-04 15:56:48 UTC1255INData Raw: 28 5c 22 42 5c 22 29 3b 61 2e 6a 5c 75 30 30 33 64 62 3b 5f 2e 4a 63 28 61 29 7d 3b 5f 2e 6e 64 5c 75 30 30 33 64 63 6c 61 73 73 20 65 78 74 65 6e 64 73 20 5f 2e 4f 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 73 75 70 65 72 28 61 29 7d 7d 3b 6f 64 5c 75 30 30 33 64 63 6c 61 73 73 20 65 78 74 65 6e 64 73 20 5f 2e 57 63 7b 7d 3b 5f 2e 70 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 20 69 6e 20 61 2e 69 29 72 65 74 75 72 6e 20 61 2e 69 5b 62 5d 3b 74 68 72 6f 77 20 6e 65 77 20 6f 64 3b 7d 3b 5f 2e 71 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5f 2e 70 64 28 5f 2e 54 63 2e 69 28 29 2c 61 29 7d 3b 5c 6e 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d
                              Data Ascii: (\"B\");a.j\u003db;_.Jc(a)};_.nd\u003dclass extends _.O{constructor(a){super(a)}};od\u003dclass extends _.Wc{};_.pd\u003dfunction(a,b){if(b in a.i)return a.i[b];throw new od;};_.qd\u003dfunction(a){return _.pd(_.Tc.i(),a)};\n}catch(e){_._DumpException(e)}
                              2024-05-04 15:56:48 UTC1255INData Raw: 75 73 68 2e 61 70 70 6c 79 28 64 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 61 2e 61 70 70 6c 79 28 74 68 69 73 2c 64 29 7d 7d 3b 5f 2e 44 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 5c 75 30 30 33 64 5c 75 30 30 33 64 5f 2e 6b 62 28 61 2c 62 2c 63 2c 21 31 29 7d 3b 5f 2e 45 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 5f 2e 72 64 28 5f 2e 71 63 28 61 2c 62 29 29 7d 3b 5c 6e 5f 2e 52 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 5c 75 30 30 33 64 5f 2e 71 63 28 61 2c 62 29 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 5c 75 30 30 33 64 5c 75 30 30 33 64 61 3f 61 3a 4e 75 6d 62 65 72 2e 69 73 46 69 6e 69 74 65 28 61 29 3f 61 7c 30
                              Data Ascii: ush.apply(d,arguments);return a.apply(this,d)}};_.Dd\u003dfunction(a,b,c){return void 0!\u003d\u003d_.kb(a,b,c,!1)};_.Ed\u003dfunction(a,b){return _.rd(_.qc(a,b))};\n_.R\u003dfunction(a,b){a\u003d_.qc(a,b);return null\u003d\u003da?a:Number.isFinite(a)?a|0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.449733142.250.217.1324434296C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:48 UTC353OUTGET /async/newtab_promos HTTP/1.1
                              Host: www.google.com
                              Connection: keep-alive
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: empty
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-05-04 15:56:48 UTC922INHTTP/1.1 200 OK
                              Version: 630032337
                              Content-Type: application/json; charset=UTF-8
                              X-Content-Type-Options: nosniff
                              Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                              Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                              Accept-CH: Sec-CH-UA-Platform
                              Accept-CH: Sec-CH-UA-Platform-Version
                              Accept-CH: Sec-CH-UA-Full-Version
                              Accept-CH: Sec-CH-UA-Arch
                              Accept-CH: Sec-CH-UA-Model
                              Accept-CH: Sec-CH-UA-Bitness
                              Accept-CH: Sec-CH-UA-Full-Version-List
                              Accept-CH: Sec-CH-UA-WoW64
                              Permissions-Policy: unload=()
                              Content-Disposition: attachment; filename="f.txt"
                              Date: Sat, 04 May 2024 15:56:48 GMT
                              Server: gws
                              Cache-Control: private
                              X-XSS-Protection: 0
                              X-Frame-Options: SAMEORIGIN
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Accept-Ranges: none
                              Vary: Accept-Encoding
                              Connection: close
                              Transfer-Encoding: chunked
                              2024-05-04 15:56:48 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                              Data Ascii: 1d)]}'{"update":{"promos":{}}}
                              2024-05-04 15:56:48 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.449744142.250.72.1744434296C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:52 UTC741OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0 HTTP/1.1
                              Host: apis.google.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-05-04 15:56:52 UTC916INHTTP/1.1 200 OK
                              Accept-Ranges: bytes
                              Access-Control-Allow-Origin: *
                              Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                              Cross-Origin-Resource-Policy: cross-origin
                              Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                              Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                              Content-Length: 121628
                              X-Content-Type-Options: nosniff
                              Server: sffe
                              X-XSS-Protection: 0
                              Date: Tue, 30 Apr 2024 06:53:06 GMT
                              Expires: Wed, 30 Apr 2025 06:53:06 GMT
                              Cache-Control: public, max-age=31536000
                              Last-Modified: Mon, 15 Apr 2024 17:34:54 GMT
                              Content-Type: text/javascript; charset=UTF-8
                              Vary: Accept-Encoding
                              Age: 378226
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close
                              2024-05-04 15:56:52 UTC339INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 32 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 62 61 2c 63 61 2c 64 61 2c 6e 61 2c 70 61 2c 76 61 2c 77 61 2c 7a 61 3b 62 61 3d 66 75 6e 63
                              Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);var ba,ca,da,na,pa,va,wa,za;ba=func
                              2024-05-04 15:56:52 UTC1255INData Raw: 7d 7d 3b 63 61 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 64 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c
                              Data Ascii: }};ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};da=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,
                              2024-05-04 15:56:52 UTC1255INData Raw: 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 64 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 64 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 26 26 63 61 28 64 2e 70 72 6f 74 6f 74 79 70 65 2c 61 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 70 61 28 62 61 28 74 68 69 73 29 29 7d 7d 29 7d 72 65 74 75 72 6e 20 61 7d 29 3b 70 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 7b 6e 65 78 74 3a 61 7d 3b 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 5f 2e 75 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 22 75 6e 64
                              Data Ascii: on"===typeof d&&"function"!=typeof d.prototype[a]&&ca(d.prototype,a,{configurable:!0,writable:!0,value:function(){return pa(ba(this))}})}return a});pa=function(a){a={next:a};a[Symbol.iterator]=function(){return this};return a};_.ua=function(a){var b="und
                              2024-05-04 15:56:52 UTC1255INData Raw: 2e 50 66 29 7b 74 68 69 73 2e 50 66 3d 5b 5d 3b 76 61 72 20 6b 3d 74 68 69 73 3b 74 68 69 73 2e 74 50 28 66 75 6e 63 74 69 6f 6e 28 29 7b 6b 2e 45 37 28 29 7d 29 7d 74 68 69 73 2e 50 66 2e 70 75 73 68 28 68 29 7d 3b 76 61 72 20 64 3d 5f 2e 6d 61 2e 73 65 74 54 69 6d 65 6f 75 74 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 74 50 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 64 28 68 2c 30 29 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 45 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 3b 74 68 69 73 2e 50 66 26 26 74 68 69 73 2e 50 66 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 68 3d 74 68 69 73 2e 50 66 3b 74 68 69 73 2e 50 66 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 6b 3d 30 3b 6b 3c 68 2e 6c 65 6e 67 74 68 3b 2b 2b 6b 29 7b 76 61 72 20 6c 3d 68 5b 6b 5d 3b 68 5b 6b 5d 3d
                              Data Ascii: .Pf){this.Pf=[];var k=this;this.tP(function(){k.E7()})}this.Pf.push(h)};var d=_.ma.setTimeout;b.prototype.tP=function(h){d(h,0)};b.prototype.E7=function(){for(;this.Pf&&this.Pf.length;){var h=this.Pf;this.Pf=[];for(var k=0;k<h.length;++k){var l=h[k];h[k]=
                              2024-05-04 15:56:52 UTC1255INData Raw: 74 6f 74 79 70 65 2e 6e 65 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 68 3d 74 68 69 73 3b 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 68 2e 67 63 61 28 29 29 7b 76 61 72 20 6b 3d 5f 2e 6d 61 2e 63 6f 6e 73 6f 6c 65 3b 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 6b 26 26 6b 2e 65 72 72 6f 72 28 68 2e 46 66 29 7d 7d 2c 0a 31 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 67 63 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 73 56 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 68 3d 5f 2e 6d 61 2e 43 75 73 74 6f 6d 45 76 65 6e 74 2c 6b 3d 5f 2e 6d 61 2e 45 76 65 6e 74 2c 6c 3d 5f 2e 6d 61 2e 64 69 73 70 61 74 63 68 45 76 65 6e 74 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 6c 29 72 65 74
                              Data Ascii: totype.nea=function(){var h=this;d(function(){if(h.gca()){var k=_.ma.console;"undefined"!==typeof k&&k.error(h.Ff)}},1)};e.prototype.gca=function(){if(this.sV)return!1;var h=_.ma.CustomEvent,k=_.ma.Event,l=_.ma.dispatchEvent;if("undefined"===typeof l)ret
                              2024-05-04 15:56:52 UTC1255INData Raw: 3b 74 68 69 73 2e 73 56 3d 21 30 7d 3b 65 2e 72 65 73 6f 6c 76 65 3d 63 3b 65 2e 72 65 6a 65 63 74 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 65 28 66 75 6e 63 74 69 6f 6e 28 6b 2c 6c 29 7b 6c 28 68 29 7d 29 7d 3b 65 2e 72 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 65 28 66 75 6e 63 74 69 6f 6e 28 6b 2c 6c 29 7b 66 6f 72 28 76 61 72 20 6d 3d 5f 2e 75 61 28 68 29 2c 6e 3d 6d 2e 6e 65 78 74 28 29 3b 21 6e 2e 64 6f 6e 65 3b 6e 3d 6d 2e 6e 65 78 74 28 29 29 63 28 6e 2e 76 61 6c 75 65 29 2e 42 79 28 6b 2c 6c 29 7d 29 7d 3b 65 2e 61 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 5f 2e 75 61 28 68 29 2c 6c 3d 6b 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 6c 2e 64 6f 6e 65 3f 63
                              Data Ascii: ;this.sV=!0};e.resolve=c;e.reject=function(h){return new e(function(k,l){l(h)})};e.race=function(h){return new e(function(k,l){for(var m=_.ua(h),n=m.next();!n.done;n=m.next())c(n.value).By(k,l)})};e.all=function(h){var k=_.ua(h),l=k.next();return l.done?c
                              2024-05-04 15:56:52 UTC1255INData Raw: 63 74 2e 73 65 61 6c 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 6c 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 7d 29 2c 6d 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 7d 29 2c 6e 3d 6e 65 77 20 61 28 5b 5b 6c 2c 32 5d 2c 5b 6d 2c 33 5d 5d 29 3b 69 66 28 32 21 3d 6e 2e 67 65 74 28 6c 29 7c 7c 33 21 3d 6e 2e 67 65 74 28 6d 29 29 72 65 74 75 72 6e 21 31 3b 6e 2e 64 65 6c 65 74 65 28 6c 29 3b 6e 2e 73 65 74 28 6d 2c 34 29 3b 72 65 74 75 72 6e 21 6e 2e 68 61 73 28 6c 29 26 26 34 3d 3d 6e 2e 67 65 74 28 6d 29 7d 63 61 74 63 68 28 70 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 0a 76 61 72 20 66 3d 22 24 6a 73 63 6f 6d 70 5f 68 69 64 64 65 6e 5f 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 65 28 22 66 72 65 65 7a 65 22 29 3b
                              Data Ascii: ct.seal)return!1;try{var l=Object.seal({}),m=Object.seal({}),n=new a([[l,2],[m,3]]);if(2!=n.get(l)||3!=n.get(m))return!1;n.delete(l);n.set(m,4);return!n.has(l)&&4==n.get(m)}catch(p){return!1}}())return a;var f="$jscomp_hidden_"+Math.random();e("freeze");
                              2024-05-04 15:56:52 UTC1255INData Raw: 20 62 3d 6e 65 77 20 57 65 61 6b 4d 61 70 2c 63 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 0a 66 28 29 3b 74 68 69 73 2e 73 69 7a 65 3d 30 3b 69 66 28 6b 29 7b 6b 3d 5f 2e 75 61 28 6b 29 3b 66 6f 72 28 76 61 72 20 6c 3b 21 28 6c 3d 6b 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6c 3d 6c 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6c 5b 30 5d 2c 6c 5b 31 5d 29 7d 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 6c 29 7b 6b 3d 30 3d 3d 3d 6b 3f 30 3a 6b 3b 76 61 72 20 6d 3d 64 28 74 68 69 73 2c 6b 29 3b 6d 2e 6c 69 73 74 7c 7c 28 6d 2e 6c 69 73 74 3d 74 68 69 73 5b 30 5d 5b 6d 2e 69 64 5d 3d 5b 5d 29 3b 6d 2e 6e 66 3f 6d 2e 6e 66 2e 76 61 6c 75 65 3d 6c 3a 28 6d
                              Data Ascii: b=new WeakMap,c=function(k){this[0]={};this[1]=f();this.size=0;if(k){k=_.ua(k);for(var l;!(l=k.next()).done;)l=l.value,this.set(l[0],l[1])}};c.prototype.set=function(k,l){k=0===k?0:k;var m=d(this,k);m.list||(m.list=this[0][m.id]=[]);m.nf?m.nf.value=l:(m
                              2024-05-04 15:56:52 UTC1255INData Raw: 6d 3d 62 2e 67 65 74 28 6c 29 3a 28 6d 3d 22 22 2b 20 2b 2b 68 2c 62 2e 73 65 74 28 6c 2c 6d 29 29 3a 6d 3d 22 70 5f 22 2b 6c 3b 76 61 72 20 6e 3d 6b 5b 30 5d 5b 6d 5d 3b 69 66 28 6e 26 26 76 61 28 6b 5b 30 5d 2c 6d 29 29 66 6f 72 28 6b 3d 30 3b 6b 3c 6e 2e 6c 65 6e 67 74 68 3b 6b 2b 2b 29 7b 76 61 72 20 70 3d 6e 5b 6b 5d 3b 69 66 28 6c 21 3d 3d 6c 26 26 70 2e 6b 65 79 21 3d 3d 70 2e 6b 65 79 7c 7c 6c 3d 3d 3d 70 2e 6b 65 79 29 72 65 74 75 72 6e 7b 69 64 3a 6d 2c 6c 69 73 74 3a 6e 2c 69 6e 64 65 78 3a 6b 2c 6e 66 3a 70 7d 7d 72 65 74 75 72 6e 7b 69 64 3a 6d 2c 6c 69 73 74 3a 6e 2c 69 6e 64 65 78 3a 2d 31 2c 6e 66 3a 76 6f 69 64 20 30 7d 7d 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 6c 29 7b 76 61 72 20 6d 3d 6b 5b 31 5d 3b 72 65 74 75 72 6e 20 70 61 28 66
                              Data Ascii: m=b.get(l):(m=""+ ++h,b.set(l,m)):m="p_"+l;var n=k[0][m];if(n&&va(k[0],m))for(k=0;k<n.length;k++){var p=n[k];if(l!==l&&p.key!==p.key||l===p.key)return{id:m,list:n,index:k,nf:p}}return{id:m,list:n,index:-1,nf:void 0}},e=function(k,l){var m=k[1];return pa(f
                              2024-05-04 15:56:52 UTC1255INData Raw: 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 65 74 75 72 6e 21 31 3b 66 3d 65 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 3d 3d 63 7c 7c 34 21 3d 66 2e 76 61 6c 75 65 5b 30 5d 2e 78 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 66 2e 76 61 6c 75 65 5b 30 5d 3f 21 31 3a 65 2e 6e 65 78 74 28 29 2e 64 6f 6e 65 7d 63 61 74 63 68 28 68 29 7b 72 65 74 75 72 6e 21 31 7d 7d 28 29 29 72 65 74 75 72 6e 20 61 3b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 74 68 69 73 2e 44 61 3d 6e 65 77 20 4d 61 70 3b 69 66 28 63 29 7b 63 3d
                              Data Ascii: urn!1;var e=d.entries(),f=e.next();if(f.done||f.value[0]!=c||f.value[1]!=c)return!1;f=e.next();return f.done||f.value[0]==c||4!=f.value[0].x||f.value[1]!=f.value[0]?!1:e.next().done}catch(h){return!1}}())return a;var b=function(c){this.Da=new Map;if(c){c=


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.44974572.247.100.147443
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:58 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-05-04 15:56:59 UTC467INHTTP/1.1 200 OK
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (sac/2518)
                              X-CID: 11
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-weu-z1
                              Cache-Control: public, max-age=140756
                              Date: Sat, 04 May 2024 15:56:58 GMT
                              Connection: close
                              X-CID: 2


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.44974672.247.100.147443
                              TimestampBytes transferredDirectionData
                              2024-05-04 15:56:59 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                              Range: bytes=0-2147483646
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-05-04 15:56:59 UTC531INHTTP/1.1 200 OK
                              Content-Type: application/octet-stream
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              ApiVersion: Distribute 1.1
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                              Cache-Control: public, max-age=140709
                              Date: Sat, 04 May 2024 15:56:59 GMT
                              Content-Length: 55
                              Connection: close
                              X-CID: 2
                              2024-05-04 15:56:59 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:17:56:38
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:2
                              Start time:17:56:45
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2220,i,1972598558064883228,17030318514518201264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:3
                              Start time:17:56:46
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              General

                              Target ID:4
                              Start time:17:56:46
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://%3cfnc1%3e(w)264683102268174230445509846528523659025526683206474573785554683400960570667889963326065746684392048696916785/
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              General

                              Target ID:5
                              Start time:17:56:47
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1764,i,9200146949028027716,12137685303876798854,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              General

                              Target ID:6
                              Start time:17:56:47
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1976,i,10684078385391978843,5142502870330490291,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              General

                              Target ID:10
                              Start time:17:57:12
                              Start date:04/05/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://69.42.221.142"
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              Disassembly

                              No disassembly