Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu

Overview

General Information

Sample URL:https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29g
Analysis ID:1596537
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Detected suspicious crossdomain redirect
HTML body contains low number of good links
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6996 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6400 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1972,i,5640593639737906970,6607722027945876370,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4592 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

barindex
AI detected phishing page
Source: https://portal.celsieus-network.com/scheduled-claims/Joe Sandbox AI: Score: 9 Reasons: The brand 'Celsius' is known and associated with the domain 'celsius.network'., The URL 'portal.celsieus-network.com' contains a misspelling of 'celsius' as 'celsieus', which is a common phishing tactic., The use of a hyphen in 'celsieus-network' is suspicious and often used in phishing URLs to mimic legitimate domains., The domain does not fully match the legitimate domain associated with the Celsius brand. DOM: 1.0.pages.csv
Source: https://portal.celsieus-network.com/scheduled-claims/HTTP Parser: Number of links: 0
Source: https://portal.celsieus-network.com/scheduled-claims/HTTP Parser: No <meta name="author".. found
Source: https://portal.celsieus-network.com/scheduled-claims/HTTP Parser: No <meta name="copyright".. found
Source: chrome.exeMemory has grown: Private usage: 26MB later: 35MB
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: u7161484.ct.sendgrid.net to https://leofreitaspro.com/en
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9 HTTP/1.1Host: u7161484.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /en HTTP/1.1Host: leofreitaspro.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /en/ HTTP/1.1Host: leofreitaspro.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /scheduled-claims/ HTTP/1.1Host: portal.celsieus-network.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://portal.celsieus-network.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://portal.celsieus-network.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: portal.celsieus-network.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://portal.celsieus-network.com/scheduled-claims/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=p79uhssv0drj0ddea147j3nuie
Source: global trafficDNS traffic detected: DNS query: u7161484.ct.sendgrid.net
Source: global trafficDNS traffic detected: DNS query: leofreitaspro.com
Source: global trafficDNS traffic detected: DNS query: portal.celsieus-network.com
Source: global trafficDNS traffic detected: DNS query: code.jquery.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 22 Jan 2025 04:27:02 GMTContent-Type: text/htmlContent-Length: 1456Connection: closeVary: Accept-EncodingLast-Modified: Fri, 17 Jan 2025 22:41:37 GMTETag: "5b0-62bee9d0997ae"Accept-Ranges: bytes
Source: chromecache_62.1.drString found in binary or memory: http://portal.celsieus-network.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: classification engineClassification label: mal48.phis.win@18/13@12/8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1972,i,5640593639737906970,6607722027945876370,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1972,i,5640593639737906970,6607722027945876370,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B90%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://portal.celsieus-network.com/favicon.ico0%Avira URL Cloudsafe
https://leofreitaspro.com/en/0%Avira URL Cloudsafe
http://portal.celsieus-network.com/0%Avira URL Cloudsafe
https://leofreitaspro.com/en0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
code.jquery.com
151.101.130.137
truefalse
    		high
    leofreitaspro.com
    		69.49.241.109
    		truefalse
      		unknown
      portal.celsieus-network.com
      		172.234.229.72
      		truetrue
        		unknown
        u7161484.ct.sendgrid.net
        		167.89.118.31
        		truefalse
          		high
          www.google.com
          		142.250.186.36
          		truefalse
            		high

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://leofreitaspro.com/enfalse
            • Avira URL Cloud: safe
            		unknown
            https://portal.celsieus-network.com/scheduled-claims/true
              		unknown
              https://leofreitaspro.com/en/false
              • Avira URL Cloud: safe
              		unknown
              https://portal.celsieus-network.com/favicon.icofalse
              • Avira URL Cloud: safe
              		unknown
              https://code.jquery.com/jquery-3.7.1.min.jsfalse
                		high

                URLs from Memory and Binaries

                NameSourceMaliciousAntivirus DetectionReputation
                http://portal.celsieus-network.com/chromecache_62.1.drfalse
                • Avira URL Cloud: safe
                		unknown

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                167.89.118.31
                		u7161484.ct.sendgrid.netUnited States
                		11377SENDGRIDUSfalse
                142.250.186.36
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                172.234.229.72
                		portal.celsieus-network.comUnited States
                		20940AKAMAI-ASN1EUtrue
                151.101.130.137
                		code.jquery.comUnited States
                		54113FASTLYUSfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                151.101.66.137
                		unknownUnited States
                		54113FASTLYUSfalse
                69.49.241.109
                		leofreitaspro.comUnited States
                		46606UNIFIEDLAYER-AS-1USfalse

                Private

                IP
                192.168.2.16

                General Information

                Joe Sandbox version:42.0.0 Malachite
                Analysis ID:1596537
                Start date and time:2025-01-22 05:26:27 +01:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:0h 3m 32s
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                Sample URL:https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:13
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • HCA enabled
                • EGA enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal48.phis.win@18/13@12/8
                EGA Information:Failed
                HCA Information:
                • Successful, ratio: 100%
                • Number of executed functions: 0
                • Number of non-executed functions: 0

                Warnings

                • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                • Excluded IPs from analysis (whitelisted): 142.250.184.227, 172.217.23.110, 74.125.133.84, 142.250.185.238, 142.250.185.142, 199.232.214.172, 142.250.184.206, 216.58.212.138, 142.250.185.74, 172.217.23.106, 142.250.185.138, 172.217.16.202, 172.217.18.10, 142.250.181.234, 142.250.185.234, 142.250.184.234, 142.250.185.170, 216.58.212.170, 142.250.184.202, 142.250.185.106, 142.250.186.106, 142.250.186.170, 216.58.206.42, 216.58.206.78, 142.250.185.174, 216.58.206.46, 142.250.186.78, 142.250.186.174, 172.217.18.99, 216.58.212.174, 184.28.90.27, 4.245.163.56
                • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                • Not all processes where analyzed, report is missing behavior information
                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                • VT rate limit hit for: https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9

                Simulations

                Behavior and APIs

                No simulations

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASNs

                No context

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 22 03:26:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2673
                Entropy (8bit):3.9869099482521433
                Encrypted:false
                SSDEEP:48:8vd8TAQZHpidAKZdA1FehwiZUklqehBy+3:863pey
                MD5:262A296C15CC0946642F08851F16D634
                SHA1:7089D6AB0FBE1B0CE5D67A2676DBD8103E252D97
                SHA-256:51E844B67C444B68707A505E17E683F1029F8BFF2B2F613C4BC678EB5A7EAD9F
                SHA-512:3F215C0FFC97D94FB2C3CBE3084375F6BBFD065933662337920258F18F6150F395D93FD92F60752D4B336ED853CABF756353FCA7EF49853191B08B32D71A42AB
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,........l..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V6Z]#...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 22 03:26:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2675
                Entropy (8bit):4.004323046710678
                Encrypted:false
                SSDEEP:48:8v1/d8TAQZHpidAKZdA1seh/iZUkAQkqehOy+2:8c3f9Qny
                MD5:30C15901D729426681BD4429490048B4
                SHA1:9D4BC20A5C4222DF7CE0BE1B6DDC604A78714547
                SHA-256:D9FC94E4761FB9519A34E6A898E9D4FA45C6F0382D6DB1864F50A977CE30042E
                SHA-512:6124CB40F68D5C8C71D38D2F605EB88E3AA1EECAC577681DB7FE99456E8F903EAF8CD4849C8D59F72DCB45B441A9ED954466247E509F2304F9E99E3C9D6D1EB0
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,........l..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V6Z]#...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2689
                Entropy (8bit):4.0099674734004696
                Encrypted:false
                SSDEEP:48:8td8TAQAHpidAKZdA14meh7sFiZUkmgqeh7scy+BX:8c30nay
                MD5:DF44254E936033A8E6A6A9001799ABC9
                SHA1:AA1FC7308ADB4B3031BF9BFA68F5A07D4D25255C
                SHA-256:BE246ACF32B4CB6B86A268F197A2369CC56D8D3E15EFE240C8EA25C62DDC6493
                SHA-512:2B1F4A5AA41F373A94BDFE3BAF0C9CB71B537991B4ADC6F4188355C6747E9C2793391EF94042DB0E588CF1A1877D5254D98F03F8E1BFD7D46367087161265281
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 22 03:26:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):4.0002866138663515
                Encrypted:false
                SSDEEP:48:8Id8TAQZHpidAKZdA1TehDiZUkwqehCy+R:8z3sEy
                MD5:2E76D8B4F2F50E91AAECB72B472B37FC
                SHA1:C0292242DBD2745A1F38DA0891F084E95D20E0FC
                SHA-256:0C54EEDDCB9C48F4A6C10E55856DE955B15E76267025E0E8F7239BAB940726CD
                SHA-512:9155E64B4849458D15614ED3C657958F70B9C87605FE1DE40E4823B8E02D4BACD439BC0FABA2B52586B5CDA434D8D3DE2751CE2919EC5C61377B714C14D01C6A
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....\...l..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V6Z]#...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 22 03:26:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.990201995693761
                Encrypted:false
                SSDEEP:48:8Ed8TAQZHpidAKZdA1dehBiZUk1W1qehoy+C:8P389Iy
                MD5:5D80790791B0F2559BE727AF869F5494
                SHA1:A0A5648B0FCECC7ADC80FF8DC3E3DBC949DC2CD4
                SHA-256:C9B8A92C76B46EE931E56C3EC28DE92F1BF1C70460285248E0B9A3FCBDE7F12D
                SHA-512:AF6565C375EFFBA3DFDFD075349866B95B60A3A6FBA1424EA054EC99DE1D864640BF8F11DB745747F372D6F8B986C093D5257400B17C13A6A5BB92CB5B9C1436
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....P...l..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V6Z]#...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 22 03:26:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2679
                Entropy (8bit):4.000170024666099
                Encrypted:false
                SSDEEP:48:82d8TAQZHpidAKZdA1duTeehOuTbbiZUk5OjqehOuTbay+yT+:8l3OTfTbxWOvTbay7T
                MD5:AFADF9810D63727D7A0619A867E2E47C
                SHA1:327AD23370DD09CD35541D0072F73F8BD5B8AB88
                SHA-256:869C893D21A0F791F49CD507764B785A0EDF93285A987B1FECFB8D3A1449652B
                SHA-512:3D32C082DF5A1F7472160A63EC108CCF2BAD300108AD5709017331F00E0FCCC2B2C3712F3B296B0C3BFE98D7FD3AFF798963493FFC3C4FABB70AC4ACE323805D
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,.......l..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I6ZT#....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V6Z\#....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V6Z\#....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V6Z\#..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V6Z]#...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                Chrome Cache Entry: 60

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65447)
                Category:dropped
                Size (bytes):87533
                Entropy (8bit):5.262536918435756
                Encrypted:false
                SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
                MD5:2C872DBE60F4BA70FB85356113D8B35E
                SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                Malicious:false
                Reputation:low
                Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                Chrome Cache Entry: 61

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65447)
                Category:downloaded
                Size (bytes):87533
                Entropy (8bit):5.262536918435756
                Encrypted:false
                SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr
                MD5:2C872DBE60F4BA70FB85356113D8B35E
                SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                Malicious:false
                Reputation:low
                URL:https://code.jquery.com/jquery-3.7.1.min.js
                Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                Chrome Cache Entry: 62

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text
                Category:downloaded
                Size (bytes):1456
                Entropy (8bit):5.175113457702552
                Encrypted:false
                SSDEEP:24:hM0mIh5f0ARJsUYMD5zt7lODbdYO517l0jzRlw+w+w2w/fVE2DTMU6d/iGDz0TV:lmIbf0A8UYMbQnr+zbH1TSiETMUsdq
                MD5:1CB0105CA71A31499A1532B6C6A0CA87
                SHA1:86DC13EB295A67DA3090A576D5D3822A7C5A46B6
                SHA-256:8DA8DA48E91631CCAC667923F949E6185E3D967971C712BAFCFD6E37334D4957
                SHA-512:F8C7ABB0DD32C9AC3C12048FD19FBB68D928AA9ECE967C3DAD48946E402A6D017CAD8A34CD3205A58BB6356FE46243E338E984D1E18BDBC76468D260A0364FD9
                Malicious:false
                Reputation:low
                URL:https://portal.celsieus-network.com/favicon.ico
                Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">.<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>. <title>404 &mdash; Not Found</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>. <meta name="description" content="Sorry, page not found"/>. <style type="text/css">. body {font-size:14px; color:#777777; font-family:arial; text-align:center;}. h1 {font-size:180px; color:#99A7AF; margin: 70px 0 0 0;}. h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: -3px 0 39px;}. p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }. div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}. a:link {color: #34536A;}. a:visited {color: #34536A;}. a:active {color: #34536A;}. a:hover {color: #34536A;}. </style>.</h

                Chrome Cache Entry: 63

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):16
                Entropy (8bit):3.75
                Encrypted:false
                SSDEEP:3:HpMyY:OL
                MD5:090F4A72412E061ABEE19287B36C8DB6
                SHA1:5289857BA869A3CBD6EF85463C8555905E95756E
                SHA-256:52D8DC69C1BED6EBBD7A7F99715ABD94BD631CD663734AD63096E0510319A353
                SHA-512:3CEB8E7DC76AE9D247FC77714CF3BDD17DA9C3117D835EB07CF10D0F621A1214CD1F2534865A045F8D909861387760B86D244103D8A304D0720BDB95ABE55BF1
                Malicious:false
                Reputation:low
                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAm7DOpsZckWuRIFDeeNQA4=?alt=proto
                Preview:CgkKBw3njUAOGgA=

                Static File Info

                No static file info

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Jan 22, 2025 05:26:55.828139067 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:26:56.130706072 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:26:56.737710953 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:26:57.190366983 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.190414906 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.190491915 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.190824986 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.190882921 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.191096067 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.191236973 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.191251040 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.191437960 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.191458941 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.944737911 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:26:57.976583958 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.979140997 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.979171038 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.980283022 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.980375051 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.981745005 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.981806993 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.982055902 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.982062101 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.985019922 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.985317945 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.985354900 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.986824036 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:57.986917019 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.987565041 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:57.987674952 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:58.025203943 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.039725065 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.039802074 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:58.086703062 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.272440910 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:58.272547007 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:58.272716045 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.273053885 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.273077965 CET44349704167.89.118.31192.168.2.16
                Jan 22, 2025 05:26:58.273097992 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.273128986 CET49704443192.168.2.16167.89.118.31
                Jan 22, 2025 05:26:58.541359901 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:58.541420937 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:58.541594028 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:58.541841984 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:58.541858912 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.056653023 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.057033062 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.057094097 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.058764935 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.058875084 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.060198069 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.060293913 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.060544014 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.060559988 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.105710030 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.286307096 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.289446115 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.289508104 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.289638042 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.289941072 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.289972067 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.329721928 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.329771042 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.330122948 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.371413946 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.468640089 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.521714926 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.522150040 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:26:59.522190094 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:26:59.522277117 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:26:59.522506952 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:26:59.522522926 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:26:59.668998957 CET4969080192.168.2.162.23.77.188
                Jan 22, 2025 05:26:59.669050932 CET4968980192.168.2.16192.229.211.108
                Jan 22, 2025 05:26:59.806971073 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.807321072 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.807351112 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.807842016 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.808161020 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:26:59.808254957 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:26:59.856829882 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:00.126818895 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.127206087 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.127247095 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.128953934 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.129059076 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.130518913 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.130631924 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.130758047 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.130775928 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.175721884 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.350703001 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:27:00.405728102 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405757904 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405767918 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405782938 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405822039 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405873060 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.405905962 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.405922890 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.405951023 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.430284977 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.430311918 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.430376053 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.430399895 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.430438995 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.430458069 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.469592094 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.469618082 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.469758034 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.469837904 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.469929934 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.515600920 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.515625954 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.515733957 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.515803099 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.515878916 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.517313957 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.517333984 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.517409086 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.517421961 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.517476082 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.531945944 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.531968117 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.532150030 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.532217979 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.532310009 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.578320026 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.578347921 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.578463078 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.578474998 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.578556061 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.601638079 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.601661921 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.601747990 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.601763010 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.601808071 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.602942944 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.602962971 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.603024006 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.603037119 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.603082895 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.604038954 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.604067087 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.604109049 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.604115009 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.604146004 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.604167938 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.605489016 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.605508089 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.605580091 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.605587006 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.605633974 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.618371964 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.618391991 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.618485928 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.618495941 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.618545055 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.642379999 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.642404079 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.642503977 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.642510891 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.642560959 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.642920017 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.642940044 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.642997980 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.643003941 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.643026114 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.643044949 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.687731981 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.687753916 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.688102961 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.688137054 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.688190937 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.688308001 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.688325882 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.688384056 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.688390017 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.688409090 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.688431978 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.688987970 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689007044 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689078093 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.689090967 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689152002 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.689553976 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689575911 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689641953 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.689655066 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.689708948 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.690495014 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.690515041 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.690596104 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.690607071 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.690660000 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.704829931 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.704849958 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.705152035 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.705173969 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.705243111 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.728368998 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.728473902 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.728579044 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.728620052 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.728682995 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.728729010 CET44349711172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:00.728751898 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.728796959 CET49711443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:00.740221977 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:00.740272045 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:00.740350962 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:00.740637064 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:00.740663052 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.058546066 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.058643103 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.058736086 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.058994055 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.059022903 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.200191975 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.200521946 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.200552940 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.201998949 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.202080965 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.203454971 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.203536034 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.203676939 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.203687906 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.255728006 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.299511909 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315191031 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315203905 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315260887 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315267086 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.315326929 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315347910 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315382957 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.315399885 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.315414906 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.315414906 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.315448999 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.388068914 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.388096094 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.388144016 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.388168097 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.388184071 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.388223886 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.389899015 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.389933109 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.389975071 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.389988899 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.390002966 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.390059948 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.562891960 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.562916994 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.562973976 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563003063 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563036919 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563050032 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563323975 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563343048 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563379049 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563386917 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563426971 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563575029 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563615084 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563621998 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563636065 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563676119 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.563720942 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563946009 CET49713443192.168.2.16151.101.130.137
                Jan 22, 2025 05:27:01.563961029 CET44349713151.101.130.137192.168.2.16
                Jan 22, 2025 05:27:01.577375889 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:01.577430010 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:01.577500105 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:01.578243971 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:01.578274965 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:01.590210915 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:01.590234995 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:01.590343952 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:01.590943098 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:01.590976954 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:01.708331108 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.708779097 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.708810091 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.710341930 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.710434914 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.711596012 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.711668015 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.751739979 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:01.751770020 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:01.799845934 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:02.029920101 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.030226946 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.030257940 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.031708956 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.031802893 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.032100916 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.032188892 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.032260895 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.075340986 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.085741043 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.085771084 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.132744074 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.132774115 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.133980989 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134001017 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134044886 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134073973 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134078979 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.134085894 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134114027 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134159088 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.134175062 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.134208918 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.180716038 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.182497025 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.186389923 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.186407089 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.186955929 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.190280914 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.190376043 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.190403938 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.217041969 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.217060089 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.217089891 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.217098951 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.217165947 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.217200041 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.217236996 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.217957973 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.219414949 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.219424963 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.219461918 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.219520092 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.219549894 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.219580889 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.219604015 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.235333920 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.243726015 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.303112030 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.303152084 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.303281069 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.303297997 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.304311991 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.304337978 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.304351091 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.304363966 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.304398060 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.304445028 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.305071115 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.305151939 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.305166960 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.305191994 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.305258036 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.305546045 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.305574894 CET44349715151.101.66.137192.168.2.16
                Jan 22, 2025 05:27:02.305598974 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.306696892 CET49715443192.168.2.16151.101.66.137
                Jan 22, 2025 05:27:02.423409939 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.423437119 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.423520088 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:02.423544884 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.423615932 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.424424887 CET49717443192.168.2.16172.234.229.72
                Jan 22, 2025 05:27:02.424451113 CET44349717172.234.229.72192.168.2.16
                Jan 22, 2025 05:27:03.996273994 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:04.299047947 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:04.469990969 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:27:04.470145941 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:27:04.470282078 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:04.491503000 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:04.491518974 CET4434970769.49.241.109192.168.2.16
                Jan 22, 2025 05:27:04.491534948 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:04.491578102 CET49707443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:04.900722980 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:05.158545971 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:27:06.111740112 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:08.474034071 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:08.521718025 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:08.777741909 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:09.383759022 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:09.934787035 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:27:09.934995890 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:27:09.935080051 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:10.499627113 CET49709443192.168.2.1669.49.241.109
                Jan 22, 2025 05:27:10.499696016 CET4434970969.49.241.109192.168.2.16
                Jan 22, 2025 05:27:10.593759060 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:11.621850967 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:11.622015953 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:11.622093916 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:12.502460003 CET49714443192.168.2.16142.250.186.36
                Jan 22, 2025 05:27:12.502510071 CET44349714142.250.186.36192.168.2.16
                Jan 22, 2025 05:27:13.008840084 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:13.328917027 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:14.766834021 CET49673443192.168.2.16204.79.197.203
                Jan 22, 2025 05:27:17.815040112 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:22.939757109 CET49678443192.168.2.1620.189.173.10
                Jan 22, 2025 05:27:27.428941011 CET4968080192.168.2.16192.229.211.108
                Jan 22, 2025 05:27:43.053167105 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:27:43.053226948 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:27:57.718852997 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:27:57.719054937 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:27:57.719429016 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:27:58.501563072 CET49703443192.168.2.16167.89.118.31
                Jan 22, 2025 05:27:58.501640081 CET44349703167.89.118.31192.168.2.16
                Jan 22, 2025 05:28:01.115467072 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:01.115520954 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.115844011 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:01.116203070 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:01.116242886 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.784254074 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.784804106 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:01.784840107 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.786339998 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.786827087 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:01.787264109 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:01.833064079 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:11.680037022 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:11.680150986 CET44349724142.250.186.36192.168.2.16
                Jan 22, 2025 05:28:11.680262089 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:12.497828007 CET49724443192.168.2.16142.250.186.36
                Jan 22, 2025 05:28:12.497853994 CET44349724142.250.186.36192.168.2.16

                UDP Packets

                TimestampSource PortDest PortSource IPDest IP
                Jan 22, 2025 05:26:56.216396093 CET53603021.1.1.1192.168.2.16
                Jan 22, 2025 05:26:56.281701088 CET53593601.1.1.1192.168.2.16
                Jan 22, 2025 05:26:57.180193901 CET5101653192.168.2.161.1.1.1
                Jan 22, 2025 05:26:57.180413008 CET6215553192.168.2.161.1.1.1
                Jan 22, 2025 05:26:57.189085960 CET53510161.1.1.1192.168.2.16
                Jan 22, 2025 05:26:57.189675093 CET53621551.1.1.1192.168.2.16
                Jan 22, 2025 05:26:57.271006107 CET53642661.1.1.1192.168.2.16
                Jan 22, 2025 05:26:58.276154041 CET5045253192.168.2.161.1.1.1
                Jan 22, 2025 05:26:58.276350021 CET5036153192.168.2.161.1.1.1
                Jan 22, 2025 05:26:58.536468029 CET53503611.1.1.1192.168.2.16
                Jan 22, 2025 05:26:58.540746927 CET53504521.1.1.1192.168.2.16
                Jan 22, 2025 05:26:59.471368074 CET5784953192.168.2.161.1.1.1
                Jan 22, 2025 05:26:59.471581936 CET5941653192.168.2.161.1.1.1
                Jan 22, 2025 05:26:59.500561953 CET53578491.1.1.1192.168.2.16
                Jan 22, 2025 05:26:59.770464897 CET53594161.1.1.1192.168.2.16
                Jan 22, 2025 05:27:00.732141972 CET6312353192.168.2.161.1.1.1
                Jan 22, 2025 05:27:00.732284069 CET5995653192.168.2.161.1.1.1
                Jan 22, 2025 05:27:00.739037991 CET53599561.1.1.1192.168.2.16
                Jan 22, 2025 05:27:00.739511013 CET53631231.1.1.1192.168.2.16
                Jan 22, 2025 05:27:01.050198078 CET5943853192.168.2.161.1.1.1
                Jan 22, 2025 05:27:01.050477028 CET6417353192.168.2.161.1.1.1
                Jan 22, 2025 05:27:01.057275057 CET53594381.1.1.1192.168.2.16
                Jan 22, 2025 05:27:01.057317019 CET53641731.1.1.1192.168.2.16
                Jan 22, 2025 05:27:01.568576097 CET5781253192.168.2.161.1.1.1
                Jan 22, 2025 05:27:01.568758965 CET4972553192.168.2.161.1.1.1
                Jan 22, 2025 05:27:01.575412035 CET53578121.1.1.1192.168.2.16
                Jan 22, 2025 05:27:01.575472116 CET53497251.1.1.1192.168.2.16
                Jan 22, 2025 05:27:01.587346077 CET53632101.1.1.1192.168.2.16
                Jan 22, 2025 05:27:14.150819063 CET53634561.1.1.1192.168.2.16
                Jan 22, 2025 05:27:32.983083010 CET53542791.1.1.1192.168.2.16
                Jan 22, 2025 05:27:55.812531948 CET53589751.1.1.1192.168.2.16
                Jan 22, 2025 05:27:56.196960926 CET53506201.1.1.1192.168.2.16
                Jan 22, 2025 05:28:00.164275885 CET138138192.168.2.16192.168.2.255
                Jan 22, 2025 05:28:26.015065908 CET53523591.1.1.1192.168.2.16

                ICMP Packets

                TimestampSource IPDest IPChecksumCodeType
                Jan 22, 2025 05:26:59.770560026 CET192.168.2.161.1.1.1c243(Port unreachable)Destination Unreachable

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                Jan 22, 2025 05:26:57.180193901 CET192.168.2.161.1.1.10xf1deStandard query (0)u7161484.ct.sendgrid.netA (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.180413008 CET192.168.2.161.1.1.10x88eeStandard query (0)u7161484.ct.sendgrid.net65IN (0x0001)false
                Jan 22, 2025 05:26:58.276154041 CET192.168.2.161.1.1.10x3bc3Standard query (0)leofreitaspro.comA (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:58.276350021 CET192.168.2.161.1.1.10x6b10Standard query (0)leofreitaspro.com65IN (0x0001)false
                Jan 22, 2025 05:26:59.471368074 CET192.168.2.161.1.1.10xbf8aStandard query (0)portal.celsieus-network.comA (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:59.471581936 CET192.168.2.161.1.1.10xb8eaStandard query (0)portal.celsieus-network.com65IN (0x0001)false
                Jan 22, 2025 05:27:00.732141972 CET192.168.2.161.1.1.10xa3a5Standard query (0)code.jquery.comA (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:00.732284069 CET192.168.2.161.1.1.10xa853Standard query (0)code.jquery.com65IN (0x0001)false
                Jan 22, 2025 05:27:01.050198078 CET192.168.2.161.1.1.10xc3a2Standard query (0)www.google.comA (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.050477028 CET192.168.2.161.1.1.10xa210Standard query (0)www.google.com65IN (0x0001)false
                Jan 22, 2025 05:27:01.568576097 CET192.168.2.161.1.1.10x2b59Standard query (0)code.jquery.comA (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.568758965 CET192.168.2.161.1.1.10x5c2dStandard query (0)code.jquery.com65IN (0x0001)false

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.31A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.26A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.118A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.106A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.35A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.65A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.64A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.121A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.147A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.54A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.23A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.126A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.28A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.115.58A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.74A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:57.189085960 CET1.1.1.1192.168.2.160xf1deNo error (0)u7161484.ct.sendgrid.net167.89.118.35A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:58.540746927 CET1.1.1.1192.168.2.160x3bc3No error (0)leofreitaspro.com69.49.241.109A (IP address)IN (0x0001)false
                Jan 22, 2025 05:26:59.500561953 CET1.1.1.1192.168.2.160xbf8aNo error (0)portal.celsieus-network.com172.234.229.72A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:00.739511013 CET1.1.1.1192.168.2.160xa3a5No error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:00.739511013 CET1.1.1.1192.168.2.160xa3a5No error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:00.739511013 CET1.1.1.1192.168.2.160xa3a5No error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:00.739511013 CET1.1.1.1192.168.2.160xa3a5No error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.057275057 CET1.1.1.1192.168.2.160xc3a2No error (0)www.google.com142.250.186.36A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.057317019 CET1.1.1.1192.168.2.160xa210No error (0)www.google.com65IN (0x0001)false
                Jan 22, 2025 05:27:01.575412035 CET1.1.1.1192.168.2.160x2b59No error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.575412035 CET1.1.1.1192.168.2.160x2b59No error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.575412035 CET1.1.1.1192.168.2.160x2b59No error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                Jan 22, 2025 05:27:01.575412035 CET1.1.1.1192.168.2.160x2b59No error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false

                HTTP Request Dependency Graph

                • u7161484.ct.sendgrid.net
                • leofreitaspro.com
                • portal.celsieus-network.com
                • https:
                  • code.jquery.com

                HTTPS Proxied Packets

                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                0192.168.2.1649704167.89.118.314436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:26:57 UTC1234OUTGET /ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9 HTTP/1.1
                Host: u7161484.ct.sendgrid.net
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:26:58 UTC226INHTTP/1.1 302 Found
                Server: nginx
                Date: Wed, 22 Jan 2025 04:26:58 GMT
                Content-Type: text/html; charset=utf-8
                Content-Length: 51
                Connection: close
                Location: https://leofreitaspro.com/en
                X-Robots-Tag: noindex, nofollow
                2025-01-22 04:26:58 UTC51INData Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 65 6f 66 72 65 69 74 61 73 70 72 6f 2e 63 6f 6d 2f 65 6e 22 3e 46 6f 75 6e 64 3c 2f 61 3e 2e 0a 0a
                Data Ascii: <a href="https://leofreitaspro.com/en">Found</a>.


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                1192.168.2.164970769.49.241.1094436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:26:59 UTC662OUTGET /en HTTP/1.1
                Host: leofreitaspro.com
                Connection: keep-alive
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:26:59 UTC246INHTTP/1.1 301 Moved Permanently
                Date: Wed, 22 Jan 2025 04:26:59 GMT
                Server: nginx/1.23.4
                Content-Type: text/html; charset=iso-8859-1
                Content-Length: 237
                Location: https://leofreitaspro.com/en/
                X-Server-Cache: true
                X-Proxy-Cache: EXPIRED
                2025-01-22 04:26:59 UTC237INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 65 6f 66 72 65 69 74 61 73 70 72 6f 2e 63 6f 6d 2f 65 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://leofreitaspro.com/en/">here</a>.</p></body></html>
                2025-01-22 04:26:59 UTC663OUTGET /en/ HTTP/1.1
                Host: leofreitaspro.com
                Connection: keep-alive
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:26:59 UTC263INHTTP/1.1 302 Moved Temporarily
                Date: Wed, 22 Jan 2025 04:26:59 GMT
                Server: nginx/1.23.4
                Content-Type: text/html; charset=UTF-8
                Content-Length: 0
                location: https://portal.celsieus-network.com/scheduled-claims/
                X-Server-Cache: true
                X-Proxy-Cache: EXPIRED


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                2192.168.2.1649711172.234.229.724436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:27:00 UTC687OUTGET /scheduled-claims/ HTTP/1.1
                Host: portal.celsieus-network.com
                Connection: keep-alive
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:27:00 UTC372INHTTP/1.1 200 OK
                Server: nginx
                Date: Wed, 22 Jan 2025 04:27:00 GMT
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Set-Cookie: PHPSESSID=p79uhssv0drj0ddea147j3nuie; path=/
                Expires: Thu, 19 Nov 1981 08:52:00 GMT
                Cache-Control: no-store, no-cache, must-revalidate
                Pragma: no-cache
                Vary: Accept-Encoding
                2025-01-22 04:27:00 UTC16012INData Raw: 31 65 39 30 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 75 6c 70 2d 76 65 72 73 69
                Data Ascii: 1e90<html lang="en"><head><link rel="icon" href=""> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="ulp-versi
                2025-01-22 04:27:00 UTC16384INData Raw: 30 20 34 2e 34 32 2d 34 2e 34 31 34 63 2e 30 30 34 2d 0d 0a 32 30 30 30 0d 0a 32 2e 34 32 37 2d 31 2e 39 38 32 2d 34 2e 34 30 37 2d 34 2e 34 31 36 2d 34 2e 34 30 37 7a 6d 31 30 33 2e 39 31 33 20 37 30 2e 35 34 39 76 2d 2e 30 32 63 2d 37 2e 34 33 38 2e 30 36 36 2d 31 33 2e 34 33 36 2d 2e 33 38 31 2d 31 36 2e 38 34 2d 32 2e 39 34 33 2d 33 2e 33 36 39 2d 32 2e 33 39 35 2d 36 2e 33 36 31 2d 37 2e 36 33 31 2d 36 2e 34 2d 32 30 2e 39 37 35 2d 2e 30 30 36 2d 31 38 2e 39 38 2d 2e 30 31 2d 32 37 2e 37 35 36 2d 2e 30 31 2d 33 37 2e 36 37 32 68 32 33 2e 32 34 36 63 32 2e 34 33 38 20 30 20 34 2e 34 31 34 2d 31 2e 39 37 39 20 34 2e 34 31 34 2d 34 2e 34 31 34 73 2d 31 2e 39 37 39 2d 34 2e 34 30 34 2d 34 2e 34 31 34 2d 34 2e 34 30 34 48 32 36 34 2e 35 32 63 30 2d 38 2e
                Data Ascii: 0 4.42-4.414c.004-20002.427-1.982-4.407-4.416-4.407zm103.913 70.549v-.02c-7.438.066-13.436-.381-16.84-2.943-3.369-2.395-6.361-7.631-6.4-20.975-.006-18.98-.01-27.756-.01-37.672h23.246c2.438 0 4.414-1.979 4.414-4.414s-1.979-4.404-4.414-4.404H264.52c0-8.
                2025-01-22 04:27:00 UTC16384INData Raw: 6c 3d 27 6e 6f 6e 65 27 25 33 45 25 33 43 70 61 74 68 20 64 3d 27 4d 32 32 2e 37 39 32 20 31 34 2e 32 0d 0a 32 30 30 30 0d 0a 36 38 6c 2d 33 2e 38 32 31 20 31 2e 32 32 31 61 34 2e 32 37 20 34 2e 32 37 20 30 20 30 20 31 2d 32 2e 35 32 37 2e 30 32 32 4c 31 32 2e 36 20 31 34 2e 33 35 37 61 2e 33 32 33 2e 33 32 33 20 30 20 30 20 30 2d 2e 34 31 36 2e 33 31 76 34 2e 36 36 37 63 30 20 2e 31 34 33 2e 30 39 34 2e 32 36 39 2e 32 33 31 2e 33 31 6c 34 2e 37 20 31 2e 34 30 39 63 2e 33 37 35 2e 31 31 33 2e 37 37 34 2e 31 31 20 31 2e 31 34 37 2d 2e 30 31 4c 32 33 20 31 39 2e 35 33 31 61 2e 33 32 34 2e 33 32 34 20 30 20 30 20 30 20 2e 32 32 35 2d 2e 33 30 38 76 2d 34 2e 36 34 37 61 2e 33 32 34 2e 33 32 34 20 30 20 30 20 30 2d 2e 34 33 33 2d 2e 33 30 38 7a 27 20 66 69 6c
                Data Ascii: l='none'%3E%3Cpath d='M22.792 14.2200068l-3.821 1.221a4.27 4.27 0 0 1-2.527.022L12.6 14.357a.323.323 0 0 0-.416.31v4.667c0 .143.094.269.231.31l4.7 1.409c.375.113.774.11 1.147-.01L23 19.531a.324.324 0 0 0 .225-.308v-4.647a.324.324 0 0 0-.433-.308z' fil
                2025-01-22 04:27:00 UTC16384INData Raw: 37 37 34 20 35 37 2e 33 34 63 2d 2e 32 30 31 2d 31 2e 34 36 2d 31 2e 34 38 2d 32 2e 32 36 38 2d 32 2e 35 33 37 2d 32 2e 33 35 37 61 31 39 36 31 34 20 0d 0a 32 30 30 30 0d 0a 31 39 36 31 34 20 30 20 30 20 30 2d 32 33 2e 33 38 33 2d 31 2e 37 34 33 73 2d 31 35 2e 35 30 37 2d 31 35 2e 33 39 35 2d 31 37 2e 32 30 39 2d 31 37 2e 30 39 39 63 2d 31 2e 37 30 33 2d 31 2e 37 30 33 2d 35 2e 30 32 39 2d 31 2e 31 38 35 2d 36 2e 33 32 2d 2e 38 30 35 2d 2e 31 39 2e 30 35 36 2d 33 2e 33 38 38 20 31 2e 30 34 33 2d 38 2e 36 37 38 20 32 2e 36 38 2d 35 2e 31 38 2d 31 34 2e 39 30 36 2d 31 34 2e 33 32 32 2d 32 38 2e 36 30 34 2d 33 30 2e 34 30 35 2d 32 38 2e 36 30 34 2d 2e 34 34 34 20 30 2d 2e 39 30 31 2e 30 31 38 2d 31 2e 33 35 38 2e 30 34 34 43 31 32 39 2e 33 31 20 33 2e 34 30
                Data Ascii: 774 57.34c-.201-1.46-1.48-2.268-2.537-2.357a19614 200019614 0 0 0-23.383-1.743s-15.507-15.395-17.209-17.099c-1.703-1.703-5.029-1.185-6.32-.805-.19.056-3.388 1.043-8.678 2.68-5.18-14.906-14.322-28.604-30.405-28.604-.444 0-.901.018-1.358.044C129.31 3.40
                2025-01-22 04:27:00 UTC16384INData Raw: 20 68 65 69 67 68 74 3d 27 39 38 35 27 20 76 69 65 77 42 6f 78 3d 27 30 20 30 20 34 32 39 2e 35 35 37 20 31 36 39 2e 32 33 27 25 33 45 25 33 43 70 61 74 68 20 66 69 6c 6c 3d 27 25 32 33 32 37 32 35 0d 0a 32 30 30 30 0d 0a 32 35 27 20 64 3d 27 4d 31 38 39 2e 30 33 39 20 36 34 2e 31 32 34 63 2d 39 2e 38 33 20 30 2d 32 30 2e 30 37 39 20 37 2e 31 37 35 2d 32 30 2e 30 37 39 20 37 2e 31 37 35 76 2d 34 2e 36 31 31 63 30 2d 31 2e 30 31 31 2d 2e 34 30 34 2d 31 2e 34 31 36 2d 31 2e 34 31 35 2d 31 2e 34 31 36 68 2d 31 32 2e 35 34 37 63 2d 31 2e 30 31 32 20 30 2d 31 2e 36 31 39 2e 36 30 37 2d 31 2e 36 31 39 20 31 2e 34 31 36 76 39 38 2e 33 33 38 63 30 20 31 2e 30 31 35 2e 34 30 35 20 31 2e 36 32 32 20 31 2e 34 31 37 20 31 2e 36 32 32 68 31 32 2e 37 34 38 63 2e 38 30
                Data Ascii: height='985' viewBox='0 0 429.557 169.23'%3E%3Cpath fill='%232725200025' d='M189.039 64.124c-9.83 0-20.079 7.175-20.079 7.175v-4.611c0-1.011-.404-1.416-1.415-1.416h-12.547c-1.012 0-1.619.607-1.619 1.416v98.338c0 1.015.405 1.622 1.417 1.622h12.748c.80
                2025-01-22 04:27:00 UTC16384INData Raw: 75 6e 64 2d 61 6c 69 67 6e 6d 65 6e 74 3a 63 65 6e 74 65 72 3b 2d 2d 69 63 6f 6e 2d 68 65 69 67 68 74 3a 32 30 70 78 3b 2d 2d 69 63 6f 6e 2d 77 69 64 74 68 3a 32 30 70 78 3b 2d 2d 69 63 6f 6e 2d 64 65 66 61 75 6c 74 2d 63 6f 6c 6f 72 3a 76 61 72 0d 0a 32 30 30 30 0d 0a 28 2d 2d 67 72 61 79 2d 64 61 72 6b 29 3b 2d 2d 69 63 6f 6e 2d 61 75 74 68 30 2d 62 61 64 67 65 3a 75 72 6c 28 22 64 61 74 61 3a 69 6d 61 67 65 2f 73 76 67 2b 78 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 2c 25 33 43 73 76 67 20 77 69 64 74 68 3d 27 32 30 27 20 68 65 69 67 68 74 3d 27 32 34 27 20 76 69 65 77 42 6f 78 3d 27 30 20 30 20 35 33 20 36 34 27 20 78 6d 6c 6e 73 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 27 25 33 45 25 33 43 70 61 74 68
                Data Ascii: und-alignment:center;--icon-height:20px;--icon-width:20px;--icon-default-color:var2000(--gray-dark);--icon-auth0-badge:url("data:image/svg+xml;charset=utf-8,%3Csvg width='20' height='24' viewBox='0 0 53 64' xmlns='http://www.w3.org/2000/svg'%3E%3Cpath
                2025-01-22 04:27:00 UTC16384INData Raw: 35 30 32 2d 31 2e 30 37 36 20 32 2e 33 30 38 61 31 2e 33 36 31 20 31 2e 33 36 31 20 30 20 31 20 31 2d 32 2e 35 32 39 2d 31 2e 30 31 33 63 2e 34 35 31 2d 31 2e 31 32 39 2e 39 30 31 2d 32 2e 30 32 33 20 31 2e 33 31 39 2d 32 2e 38 35 33 2e 39 37 38 2d 31 2e 39 34 35 20 31 2e 37 37 38 2d 33 2e 35 33 35 20 31 2e 39 39 31 2d 36 2e 39 35 33 2e 33 31 36 2d 35 2e 30 36 35 2d 31 2e 34 31 32 2d 38 2e 35 38 34 2d 33 2e 38 32 38 2d 31 30 2e 38 35 32 2d 32 2e 34 35 34 2d 32 2e 33 30 34 2d 35 2e 36 38 39 2d 33 2e 33 38 2d 38 2e 34 33 2d 33 2e 33 38 7a 6d 2d 2e 37 32 20 34 2e 33 34 37 63 2d 2e 31 39 32 2e 30 33 2d 2e 33 35 38 2e 31 30 34 2d 2e 37 31 33 2e 32 38 32 61 31 2e 33 36 34 20 31 2e 33 36 34 20 30 20 30 20 31 2d 31 2e 32 31 38 2d 32 2e 34 34 6c 2e 30 33 37 2d 2e
                Data Ascii: 502-1.076 2.308a1.361 1.361 0 1 1-2.529-1.013c.451-1.129.901-2.023 1.319-2.853.978-1.945 1.778-3.535 1.991-6.953.316-5.065-1.412-8.584-3.828-10.852-2.454-2.304-5.689-3.38-8.43-3.38zm-.72 4.347c-.192.03-.358.104-.713.282a1.364 1.364 0 0 1-1.218-2.44l.037-.
                2025-01-22 04:27:00 UTC16384INData Raw: 2d 62 75 74 74 6f 6e 2d 68 65 69 67 68 74 29 3b 62 6f 72 64 65 72 3a 30 7d 2e 75 6c 70 2d 72 61 64 69 6f 2d 62 75 74 74 6f 6e 73 2d 6d 65 73 73 61 67 65 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 36 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 76 61 72 28 2d 2d 73 70 61 63 69 6e 67 2d 32 29 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 63 36 35 61 31 65 65 66 61 7b 70 61 64 64 69 6e 67 3a 30 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 6e 6f 6e 65 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 77 69 64 67 65 74 2d 62 61 63 6b 67 72 6f 75 6e
                Data Ascii: -button-height);border:0}.ulp-radio-buttons-message{padding-top:16px;padding-top:var(--spacing-2);text-align:left}.c65a1eefa{padding:0;display:flex;align-items:center;justify-content:center;transition:none;background:#fff;background:var(--widget-backgroun
                2025-01-22 04:27:00 UTC16384INData Raw: 20 35 2e 33 33 33 20 30 20 39 20 30 7a 6d 30 20 39 61 32 2e 35 20 32 2e 35 20 30 20 31 20 30 20 30 2d 35 20 32 2e 35 20 32 2e 35 20 30 20 30 20 30 20 30 20 35 7a 6d 30 20 31 61 33 2e 35 20 33 2e 35 20 30 20 31 20 31 20 30 2d 37 20 33 2e 35 20 33 2e 35 20 30 20 30 20 31 20 30 20 37 7a 27 20 69 64 3d 27 61 27 2f 25 33 45 25 33 43 2f 64 65 66 73 25 33 45 25 33 43 67 20 66 69 6c 6c 3d 27 6e 6f 6e 65 27 20 66 69 6c 6c 2d 72 75 6c 65 3d 27 65 76 65 6e 6f 64 64 27 25 33 45 25 33 43 6d 61 73 6b 20 69 64 3d 27 62 27 20 66 69 6c 6c 3d 27 25 32 33 66 66 66 27 25 33 45 25 33 43 75 73 65 20 78 6c 69 6e 6b 3a 68 72 65 66 3d 27 25 32 33 61 27 2f 25 33 45 25 33 43 2f 6d 61 73 6b 25 33 45 25 33 43 75 73 65 20 66 69 6c 6c 3d 27 25 32 33 35 43 36 37 37 44 27 20 66 69 6c 6c
                Data Ascii: 5.333 0 9 0zm0 9a2.5 2.5 0 1 0 0-5 2.5 2.5 0 0 0 0 5zm0 1a3.5 3.5 0 1 1 0-7 3.5 3.5 0 0 1 0 7z' id='a'/%3E%3C/defs%3E%3Cg fill='none' fill-rule='evenodd'%3E%3Cmask id='b' fill='%23fff'%3E%3Cuse xlink:href='%23a'/%3E%3C/mask%3E%3Cuse fill='%235C677D' fill
                2025-01-22 04:27:00 UTC16384INData Raw: 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 62 65 74 77 65 65 6e 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 31 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 76 61 72 28 2d 2d 62 61 73 65 2d 6c 69 6e 65 2d 68 65 69 67 68 74 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 38 36 38 36 38 3b 62 6f 72 64 65 72 3a 76 61 72 28 2d 2d 62 75 74 74 6f 6e 2d 62 6f 72 64 65 72 2d 77 69 64 74 68 29 20 73 6f 6c 69 64 20 76 61 72 28 2d 2d 69 6e 70 75 74 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 29 3b 68 65 69 67 68 74 3a 35 32 70 78 3b 68 65 69 67 68 74 3a 76 61
                Data Ascii: display:flex;justify-content:space-between;align-items:center;line-height:1.1;line-height:var(--base-line-height);font-weight:400;border-width:1px;border-color:#686868;border:var(--button-border-width) solid var(--input-border-color);height:52px;height:va


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                3192.168.2.1649713151.101.130.1374436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:27:01 UTC587OUTGET /jquery-3.7.1.min.js HTTP/1.1
                Host: code.jquery.com
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                Origin: https://portal.celsieus-network.com
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: cross-site
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: script
                Referer: https://portal.celsieus-network.com/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:27:01 UTC614INHTTP/1.1 200 OK
                Connection: close
                Content-Length: 87533
                Server: nginx
                Content-Type: application/javascript; charset=utf-8
                Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                ETag: "28feccc0-155ed"
                Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                Access-Control-Allow-Origin: *
                Cross-Origin-Resource-Policy: cross-origin
                Via: 1.1 varnish, 1.1 varnish
                Accept-Ranges: bytes
                Date: Wed, 22 Jan 2025 04:27:01 GMT
                Age: 1951161
                X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740036-EWR
                X-Cache: HIT, HIT
                X-Cache-Hits: 1516, 14
                X-Timer: S1737520021.258137,VS0,VE0
                Vary: Accept-Encoding
                2025-01-22 04:27:01 UTC16384INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                Data Ascii: /*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                2025-01-22 04:27:01 UTC16384INData Raw: 5d 7d 29 2c 6c 61 73 74 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 5b 74 2d 31 5d 7d 29 2c 65 71 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 5b 6e 3c 30 3f 6e 2b 74 3a 6e 5d 7d 29 2c 65 76 65 6e 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 74 3b 6e 2b 3d 32 29 65 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 65 7d 29 2c 6f 64 64 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 31 3b 6e 3c 74 3b 6e 2b 3d 32 29 65 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 65 7d 29 2c 6c 74 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 66 6f 72 28 72 3d 6e 3c 30 3f 6e 2b 74 3a 74 3c 6e 3f 74 3a 6e 3b 30
                Data Ascii: ]}),last:X(function(e,t){return[t-1]}),eq:X(function(e,t,n){return[n<0?n+t:n]}),even:X(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:X(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:X(function(e,t,n){var r;for(r=n<0?n+t:t<n?t:n;0
                2025-01-22 04:27:01 UTC16384INData Raw: 74 68 69 73 2c 74 2c 6e 29 3b 63 65 2e 5f 71 75 65 75 65 48 6f 6f 6b 73 28 74 68 69 73 2c 74 29 2c 22 66 78 22 3d 3d 3d 74 26 26 22 69 6e 70 72 6f 67 72 65 73 73 22 21 3d 3d 65 5b 30 5d 26 26 63 65 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 74 29 7d 29 7d 2c 64 65 71 75 65 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 63 65 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 65 29 7d 29 7d 2c 63 6c 65 61 72 51 75 65 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 71 75 65 75 65 28 65 7c 7c 22 66 78 22 2c 5b 5d 29 7d 2c 70 72 6f 6d 69 73 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 31 2c 69 3d 63 65 2e 44 65 66 65 72 72 65 64
                Data Ascii: this,t,n);ce._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&ce.dequeue(this,t)})},dequeue:function(e){return this.each(function(){ce.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=ce.Deferred
                2025-01-22 04:27:01 UTC16384INData Raw: 29 7b 63 65 2e 66 6e 5b 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 5b 5d 2c 72 3d 63 65 28 65 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 2d 31 2c 6f 3d 30 3b 6f 3c 3d 69 3b 6f 2b 2b 29 74 3d 6f 3d 3d 3d 69 3f 74 68 69 73 3a 74 68 69 73 2e 63 6c 6f 6e 65 28 21 30 29 2c 63 65 28 72 5b 6f 5d 29 5b 61 5d 28 74 29 2c 73 2e 61 70 70 6c 79 28 6e 2c 74 2e 67 65 74 28 29 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 6e 29 7d 7d 29 3b 76 61 72 20 5f 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 47 2b 22 29 28 3f 21 70 78 29 5b 61 2d 7a 25 5d 2b 24 22 2c 22 69 22 29 2c 7a 65 3d 2f 5e 2d 2d 2f 2c 58 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74
                Data Ascii: ){ce.fn[e]=function(e){for(var t,n=[],r=ce(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),ce(r[o])[a](t),s.apply(n,t.get());return this.pushStack(n)}});var _e=new RegExp("^("+G+")(?!px)[a-z%]+$","i"),ze=/^--/,Xe=function(e){var t=e.ownerDocument
                2025-01-22 04:27:01 UTC16384INData Raw: 6f 70 46 69 78 3a 7b 22 66 6f 72 22 3a 22 68 74 6d 6c 46 6f 72 22 2c 22 63 6c 61 73 73 22 3a 22 63 6c 61 73 73 4e 61 6d 65 22 7d 7d 29 2c 6c 65 2e 6f 70 74 53 65 6c 65 63 74 65 64 7c 7c 28 63 65 2e 70 72 6f 70 48 6f 6f 6b 73 2e 73 65 6c 65 63 74 65 64 3d 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 73 65 6c 65 63 74 65 64 49 6e 64 65 78 2c 6e 75 6c 6c 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 74 26 26 28 74 2e 73 65 6c 65 63 74 65 64 49 6e 64 65 78 2c 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74
                Data Ascii: opFix:{"for":"htmlFor","class":"className"}}),le.optSelected||(ce.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parent
                2025-01-22 04:27:01 UTC5613INData Raw: 64 61 74 61 54 79 70 65 73 5b 30 5d 29 72 65 74 75 72 6e 20 72 3d 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 3d 76 28 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 29 3f 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 28 29 3a 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 2c 61 3f 65 5b 61 5d 3d 65 5b 61 5d 2e 72 65 70 6c 61 63 65 28 5a 74 2c 22 24 31 22 2b 72 29 3a 21 31 21 3d 3d 65 2e 6a 73 6f 6e 70 26 26 28 65 2e 75 72 6c 2b 3d 28 41 74 2e 74 65 73 74 28 65 2e 75 72 6c 29 3f 22 26 22 3a 22 3f 22 29 2b 65 2e 6a 73 6f 6e 70 2b 22 3d 22 2b 72 29 2c 65 2e 63 6f 6e 76 65 72 74 65 72 73 5b 22 73 63 72 69 70 74 20 6a 73 6f 6e 22 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 7c 7c 63 65 2e 65 72 72 6f 72 28 72 2b 22 20 77 61 73 20 6e 6f 74 20 63
                Data Ascii: dataTypes[0])return r=e.jsonpCallback=v(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Zt,"$1"+r):!1!==e.jsonp&&(e.url+=(At.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||ce.error(r+" was not c


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                4192.168.2.1649715151.101.66.1374436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:27:02 UTC358OUTGET /jquery-3.7.1.min.js HTTP/1.1
                Host: code.jquery.com
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: */*
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2025-01-22 04:27:02 UTC613INHTTP/1.1 200 OK
                Connection: close
                Content-Length: 87533
                Server: nginx
                Content-Type: application/javascript; charset=utf-8
                Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                ETag: "28feccc0-155ed"
                Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                Access-Control-Allow-Origin: *
                Cross-Origin-Resource-Policy: cross-origin
                Via: 1.1 varnish, 1.1 varnish
                Accept-Ranges: bytes
                Date: Wed, 22 Jan 2025 04:27:02 GMT
                Age: 1951161
                X-Served-By: cache-lga21978-LGA, cache-ewr-kewr1740057-EWR
                X-Cache: HIT, HIT
                X-Cache-Hits: 1516, 9
                X-Timer: S1737520022.087596,VS0,VE0
                Vary: Accept-Encoding
                2025-01-22 04:27:02 UTC16384INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 37 2e 31 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                Data Ascii: /*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                2025-01-22 04:27:02 UTC16384INData Raw: 5d 7d 29 2c 6c 61 73 74 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 5b 74 2d 31 5d 7d 29 2c 65 71 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 5b 6e 3c 30 3f 6e 2b 74 3a 6e 5d 7d 29 2c 65 76 65 6e 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 74 3b 6e 2b 3d 32 29 65 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 65 7d 29 2c 6f 64 64 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 31 3b 6e 3c 74 3b 6e 2b 3d 32 29 65 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 65 7d 29 2c 6c 74 3a 58 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 66 6f 72 28 72 3d 6e 3c 30 3f 6e 2b 74 3a 74 3c 6e 3f 74 3a 6e 3b 30
                Data Ascii: ]}),last:X(function(e,t){return[t-1]}),eq:X(function(e,t,n){return[n<0?n+t:n]}),even:X(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:X(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:X(function(e,t,n){var r;for(r=n<0?n+t:t<n?t:n;0
                2025-01-22 04:27:02 UTC16384INData Raw: 74 68 69 73 2c 74 2c 6e 29 3b 63 65 2e 5f 71 75 65 75 65 48 6f 6f 6b 73 28 74 68 69 73 2c 74 29 2c 22 66 78 22 3d 3d 3d 74 26 26 22 69 6e 70 72 6f 67 72 65 73 73 22 21 3d 3d 65 5b 30 5d 26 26 63 65 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 74 29 7d 29 7d 2c 64 65 71 75 65 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 63 65 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 65 29 7d 29 7d 2c 63 6c 65 61 72 51 75 65 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 71 75 65 75 65 28 65 7c 7c 22 66 78 22 2c 5b 5d 29 7d 2c 70 72 6f 6d 69 73 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 31 2c 69 3d 63 65 2e 44 65 66 65 72 72 65 64
                Data Ascii: this,t,n);ce._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&ce.dequeue(this,t)})},dequeue:function(e){return this.each(function(){ce.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=ce.Deferred
                2025-01-22 04:27:02 UTC16384INData Raw: 29 7b 63 65 2e 66 6e 5b 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 5b 5d 2c 72 3d 63 65 28 65 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 2d 31 2c 6f 3d 30 3b 6f 3c 3d 69 3b 6f 2b 2b 29 74 3d 6f 3d 3d 3d 69 3f 74 68 69 73 3a 74 68 69 73 2e 63 6c 6f 6e 65 28 21 30 29 2c 63 65 28 72 5b 6f 5d 29 5b 61 5d 28 74 29 2c 73 2e 61 70 70 6c 79 28 6e 2c 74 2e 67 65 74 28 29 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 6e 29 7d 7d 29 3b 76 61 72 20 5f 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 22 2b 47 2b 22 29 28 3f 21 70 78 29 5b 61 2d 7a 25 5d 2b 24 22 2c 22 69 22 29 2c 7a 65 3d 2f 5e 2d 2d 2f 2c 58 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74
                Data Ascii: ){ce.fn[e]=function(e){for(var t,n=[],r=ce(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),ce(r[o])[a](t),s.apply(n,t.get());return this.pushStack(n)}});var _e=new RegExp("^("+G+")(?!px)[a-z%]+$","i"),ze=/^--/,Xe=function(e){var t=e.ownerDocument
                2025-01-22 04:27:02 UTC16384INData Raw: 6f 70 46 69 78 3a 7b 22 66 6f 72 22 3a 22 68 74 6d 6c 46 6f 72 22 2c 22 63 6c 61 73 73 22 3a 22 63 6c 61 73 73 4e 61 6d 65 22 7d 7d 29 2c 6c 65 2e 6f 70 74 53 65 6c 65 63 74 65 64 7c 7c 28 63 65 2e 70 72 6f 70 48 6f 6f 6b 73 2e 73 65 6c 65 63 74 65 64 3d 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 73 65 6c 65 63 74 65 64 49 6e 64 65 78 2c 6e 75 6c 6c 7d 2c 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 74 26 26 28 74 2e 73 65 6c 65 63 74 65 64 49 6e 64 65 78 2c 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 2e 70 61 72 65 6e 74
                Data Ascii: opFix:{"for":"htmlFor","class":"className"}}),le.optSelected||(ce.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parent
                2025-01-22 04:27:02 UTC5613INData Raw: 64 61 74 61 54 79 70 65 73 5b 30 5d 29 72 65 74 75 72 6e 20 72 3d 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 3d 76 28 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 29 3f 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 28 29 3a 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 2c 61 3f 65 5b 61 5d 3d 65 5b 61 5d 2e 72 65 70 6c 61 63 65 28 5a 74 2c 22 24 31 22 2b 72 29 3a 21 31 21 3d 3d 65 2e 6a 73 6f 6e 70 26 26 28 65 2e 75 72 6c 2b 3d 28 41 74 2e 74 65 73 74 28 65 2e 75 72 6c 29 3f 22 26 22 3a 22 3f 22 29 2b 65 2e 6a 73 6f 6e 70 2b 22 3d 22 2b 72 29 2c 65 2e 63 6f 6e 76 65 72 74 65 72 73 5b 22 73 63 72 69 70 74 20 6a 73 6f 6e 22 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 7c 7c 63 65 2e 65 72 72 6f 72 28 72 2b 22 20 77 61 73 20 6e 6f 74 20 63
                Data Ascii: dataTypes[0])return r=e.jsonpCallback=v(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Zt,"$1"+r):!1!==e.jsonp&&(e.url+=(At.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||ce.error(r+" was not c


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                5192.168.2.1649717172.234.229.724436400C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-22 04:27:02 UTC673OUTGET /favicon.ico HTTP/1.1
                Host: portal.celsieus-network.com
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://portal.celsieus-network.com/scheduled-claims/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: PHPSESSID=p79uhssv0drj0ddea147j3nuie
                2025-01-22 04:27:02 UTC262INHTTP/1.1 404 Not Found
                Server: nginx
                Date: Wed, 22 Jan 2025 04:27:02 GMT
                Content-Type: text/html
                Content-Length: 1456
                Connection: close
                Vary: Accept-Encoding
                Last-Modified: Fri, 17 Jan 2025 22:41:37 GMT
                ETag: "5b0-62bee9d0997ae"
                Accept-Ranges: bytes
                2025-01-22 04:27:02 UTC1456INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 26 6d 64 61 73 68 3b 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d
                Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>404 &mdash; Not Found</title> <meta http-equiv="Content-


                Statistics

                CPU Usage

                Click to jump to process

                Memory Usage

                Click to jump to process

                Behavior

                Click to jump to process

                System Behavior

                General

                Target ID:0
                Start time:23:26:54
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                Imagebase:0x7ff7f9810000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false

                General

                Target ID:1
                Start time:23:26:55
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1972,i,5640593639737906970,6607722027945876370,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                Imagebase:0x7ff7f9810000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false

                General

                Target ID:2
                Start time:23:26:56
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u7161484.ct.sendgrid.net/ls/click?upn=u001.hSwgV93oKqJ8ZvQ-2F-2Bg69leJsDFyzxPqsdyn4u9nXlJ-2B6tkk6nJugZTBex7q8Bn0crymO_HWAk4DGcP5bOseprwmP7vk4oPocF8foKuuZ9Gg-2BpJSf91zEc1yKPirhoW5wrM1VwT52KX29gwhWicwPDJN07RIgbjxC9h1iMShoNFD06lkP5EL7RVTmw6uf62LvDusJsijFP5CUQRlAY8ahZCIQDkJoZZ4jIjGsaGCaXZFKo-2Bu-2FNyHOieA1StMfbMO0r4g3-2F6cWxF-2BbUhg4nNNa5dNEMfBGE9SzPWqx-2BDBtFhfnng0cmB3kSsLPF-2FkdxJANku3a5pIHPlu7BT-2FOicE-2BslbsDEywWcFUIRho5JtVA8XqiaVoGnaz9g5HoXxAiKktBgnHX-2BLGeTRoWcy2OvW97QKycfDHbq8hDg2h6meJy8K6A9IRYsO9ZC8m-2Bj8DX9Zj8SxfrFqPF8JeXlHA1OcqwW-2BuIUFmZ3K1da-2B4kgROQf1TkWsDcXYmprsgj8RLIvwUJL0B9"
                Imagebase:0x7ff7f9810000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:true

                Disassembly

                No disassembly